Number of IP Addresses Configured vs Performance?

Daniel RLL · ‎09-21-2021

In my company we have an ACS 5.8.1.4.9 (SNS3595), the current number of IP addresses configured in the network devices is 1,130,399.

We have defined network devices with IP ranges and IP Subnets, but now we have to exclude many host type IPs (/32), destined for another Location/Device Type, to avoid having to subnet/divide many ranges, we have seen that it is possible to create new Network Devices type "IP subnets", with the hosts with mask 32 to which we now want to apply another configuration.

Everything works, but I have a doubt since at the level of number of IPs, this has doubled.

Example 1:

Network Device "A": 1.1.1.0-255
ACS IP Count: 256

Example 2:

Network Device "A": 1.1.1.0-255
Network Device "B": 1.1.1.26/32
ACS IP Count: 257

Does the "Number of IP Addresses Configured on the Network Devices" affect the performance, health, or stability of the ACS?

Mohammed al Baqari · ‎09-21-2021

Hi,

The performance is more impacted by the auth/second rather than
absolute number of devices. See this link for your case.

https://community.cisco.com/t5/security-documents/acs-performance-scale/ta-p/3617787

***** please remember to rate useful posts

Daniel RLL · ‎09-21-2021

Thanks for your answer, I have checked the tables in the link and I have seen that there is a limit of 200,000 hosts for the 35xx device ... and we have 1,130,399 !!!

This is why I'm concerned about "duplicates" of some IP addresses (we need to duplicate around 2,000 IPs). I am afraid that the appliance for whatever reason will reboot itself, or in case that a reboot is needed, it will not be able to start due to so many IPs in the configuration.

PS: Where/how can I check the auth/second?

Thank you