I am confused and any help would be great!
What is the difference between IP throughput routing throughput and firewall throughput
the reason is i am trying to spec a router for a mate who is setting up an online server for an old game ultima online which will have around 300-400 people each pulling around 10kb/sec
I recommended an 880 service router but when he spoke to a guy at the shop they said this would only run at 25mb/sec and he is plugging in to a 100MB/sec line
But the current router that is a home dlink which cost at most 60 Euros on a speed tester can pull 95mb/sec
I just don’t get how a 60 Euros router can download quicker than a 300-400 Euro router
They said try a ASA5505 that can do 150MB/sec of firewall throughput
Any help would be great
The chief goal the firewall is the protection of LAN. I guess the performance for the firewall is second goal. Here I mean the firewall is business solution, not that device. ASA Firewall can work as Firewall or Router only, mabe I have old information. Your question about price/performance, not security, so you have to found out the performance of ASA in router mode from the managers.
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
"What is the difference between IP throughput routing throughput and firewall throughput"
Shouldn't really be any if they provide pps (packet per second) for various Ethernet frames. Unfortunately, they often don't provide this information for muliple packets sizes and they sometimes only provide it for one large packet size (which makes performance look good).
"I recommended an 880 service router but when he spoke to a guy at the shop they said this would only run at 25mb/sec and he is plugging in to a 100MB/sec line"
25 Mbps would be for the 880's 50 Kpps rating and for 64 byte packets. Typically larger packets should see much higher throughput. However, pps has to also deal with duplex, so worst case, and 880 is only suitalble for original 10 Mbps Ethernet.
"But the current router that is a home dlink which cost at most 60 Euros on a speed tester can pull 95mb/sec"
But for what size frames? Was that 95 Mbps concurrent duplex?
Even is the dLink has higher raw throughput, and it may, its very likely the 880 has many, many more software features. Unfortunately, these are implemented in software which handicaps the 880's performance. The dLink probably has a much simplier feature set with better hardware support for it. If so, this often allows for better performance and often reduced cost. (NB: this is also why typical LAN switches have so much higher performance, especially for their cost.)
"They said try a ASA5505 that can do 150MB/sec of firewall throughput"
I don't have the performance specs for the ASA series in front of me, but that's likely true. An ISR with similar performance would the the 2901 rated at 167.42 Mbps (on the same sheet that rates the 880 at 25.60 Mbps).
For 100 Mbps duplex, and to guarantee that level of performance, for software routers you'll want rating for about 300 Mbps. This allows for full 100 Mbps in both directions, regardless of packet size, and provides some "headroom" for other processing functions the router might need to do, such as supporting a firewall policy.
If average and peak demand is less, you can size down. For supporting on-line gaming, you should be very careful if sizing down, since minimal delay is crucial for a good gaming experience.