Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
931
Views
5
Helpful
2
Replies

ASA v Router

ciscoben2009
Level 1
Level 1

‎10-04-2011 01:11 PM - edited ‎03-04-2019 01:49 PM

Hi

I am confused and any help would be great!

What is the difference between IP throughput routing throughput and firewall throughput

the reason is i am trying to spec a router for a mate who is setting up an online server for an old game ultima online which will have around 300-400 people each pulling around 10kb/sec

I recommended an 880 service router but when he spoke to a guy at the shop they said this would only run at 25mb/sec and he is plugging in to a 100MB/sec line

But the current router that is a home dlink which cost at most 60 Euros on a speed tester can pull 95mb/sec

I just don’t get how a 60 Euros router can download quicker than a 300-400 Euro router

They said try a ASA5505 that can do 150MB/sec of firewall throughput

Any help would be great

Thanks!

Ben

Labels:
0 Helpful
2 Replies 2

microfeel
Level 1
Level 1

‎10-08-2011 12:48 AM

Hi Ben!

The chief goal the firewall is the protection of LAN. I guess the performance for the firewall is second goal. Here I mean the firewall is business solution, not that device. ASA Firewall can work as Firewall or Router only, mabe I have old information. Your question about price/performance, not security, so you have to found out the performance of ASA in router mode from the managers.

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎10-08-2011 05:52 AM

Disclaimer

The       Author of this posting offers the information contained within  this      posting without consideration and with the reader's  understanding   that    there's no implied or expressed suitability or  fitness for any    purpose.   Information provided is for informational  purposes only  and   should not   be construed as rendering professional  advice of any  kind.   Usage of  this  posting's information is solely  at reader's own  risk.

Liability Disclaimer

In       no event shall Author be liable for any damages whatsoever     (including,   without limitation, damages for loss of use, data or     profit) arising  out  of the use or inability to use the posting's     information even if  Author  has been advised of the possibility of    such  damage.

Posting

"What is the difference between IP throughput routing throughput and firewall throughput"

Shouldn't really be any if they provide pps (packet per second) for various Ethernet frames.  Unfortunately, they often don't provide this information for muliple packets sizes and they sometimes only provide it for one large packet size (which makes performance look good).

"I recommended an 880 service router but when he spoke to a guy at the  shop they said this would only run at 25mb/sec and he is plugging in to a  100MB/sec line"

25 Mbps would be for the 880's 50 Kpps rating and for 64 byte packets.  Typically larger packets should see much higher throughput.  However, pps has to also deal with duplex, so worst case, and 880 is only suitalble for original 10 Mbps Ethernet.

"But the current router that is a home dlink which cost at most 60 Euros on a speed tester can pull 95mb/sec"

But for what size frames?  Was that 95 Mbps concurrent duplex?

Even is the dLink has higher raw throughput, and it may, its very likely the 880 has many, many more software features.  Unfortunately, these are implemented in software which handicaps the 880's performance.  The dLink probably has a much simplier feature set with better hardware support for it.  If so, this often allows for better performance and often reduced cost.  (NB: this is also why typical LAN switches have so much higher performance, especially for their cost.)

"They said try a ASA5505 that can do 150MB/sec of firewall throughput"

I don't have the performance specs for the ASA series in front of me, but that's likely true.  An ISR with similar performance would the the 2901 rated at 167.42 Mbps (on the same sheet that rates the 880 at 25.60 Mbps).

PS:

For 100 Mbps duplex, and to guarantee that level of performance, for software routers you'll want rating for about 300 Mbps.  This allows for full 100 Mbps in both directions, regardless of packet size, and provides some "headroom" for other processing functions the router might need to do, such as supporting a firewall policy.

If average and peak demand is less, you can size down.  For supporting on-line gaming, you should be very careful if sizing down, since minimal delay is crucial for a good gaming experience.

Customers Also Viewed These Support Documents