Solved: ASA and Router throughput

cisco8887 · ‎10-04-2016

Hi Guys,

What is the purpose of having a 10Gb interface on asa 5585 when the maximum throughput for multiprotocol is 5Gb ?

is the maximum throughput quoted by Cisco for the entrie interface to inrerface traffic or per interface?

Also if ASR can only handle 10Gb and above then would you guys see any issues if one gets a switch like 3650 that can forward at 160Gb or more and use it as a router for BGP ( it will be onlyt few routes and not full scale thousands of routes).

Am I correct thinking only switch processes information in hardware and ASA + router process it in software

Joseph W. Doherty · ‎10-05-2016

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

It's not uncommon for some devices have interfaces that the device cannot maintain full wire speed; many software based routers come to mind.

So why have such interfaces? Well, perhaps the device can maintain throughput higher than the next step down in Ethernet. For example, in your case of an ASA that can maintain 5 Gbps, if you only had a gig interface, you could not take advantage of the additional capacity.

Could you use a 3650 instead of an ASA, for basic BGP routing? Sure, but the 3650 doesn't offer the firewall features the ASA provides. The question is, do you need those features?

Am I correct thinking only switch processes information in hardware and ASA + router process it in software

Perhaps, perhaps not. Switches generally do try to process most of their traffic in hardware, but they do some processing in "software", generally control plane "stuff". Something like an ASA might do much of its processing in "software", but newer "software" processing devices sometimes have additional hardware to accelerate some features, off-loading their main CPU (and/or they have multiple CPUs).

View solution in original post

cisco8887 · ‎10-05-2016

anyone ?

Joseph W. Doherty · ‎10-05-2016

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

It's not uncommon for some devices have interfaces that the device cannot maintain full wire speed; many software based routers come to mind.

So why have such interfaces? Well, perhaps the device can maintain throughput higher than the next step down in Ethernet. For example, in your case of an ASA that can maintain 5 Gbps, if you only had a gig interface, you could not take advantage of the additional capacity.

Could you use a 3650 instead of an ASA, for basic BGP routing? Sure, but the 3650 doesn't offer the firewall features the ASA provides. The question is, do you need those features?

Am I correct thinking only switch processes information in hardware and ASA + router process it in software

Perhaps, perhaps not. Switches generally do try to process most of their traffic in hardware, but they do some processing in "software", generally control plane "stuff". Something like an ASA might do much of its processing in "software", but newer "software" processing devices sometimes have additional hardware to accelerate some features, off-loading their main CPU (and/or they have multiple CPUs).

cisco8887 · ‎10-06-2016

many thanks :)