08-23-2010 01:39 PM - edited 03-04-2019 09:31 AM
Hello,
I would appreciate your feedback regarding the best choice for a WAN Aggregation device.
I have a total of 10 large branch connections, each WAN connection is 100Mbps (EPL) back to the DC. We are looking at DMVPN as a solution for the cloud.
It is probably safe to assume the Catalyst 6500 has more performance and the ASR has more features. Another significant component is device cost.
All your comments are welcomed... thanks.
08-23-2010 01:56 PM
Hello Nmacosky,
>> I have a total of 10 large branch connections, each WAN connection is 100Mbps (EPL) back to the DC. We are looking at DMVPN as a solution for the cloud.
100 Mbps per link and you would like to use DMVPN?
get an MPLS service L2 or L3 VPN unless you are required to perfom encryption end to end (finance or goverment) if you don't need encryption you can use less expensive hardware.
However, here are the data sheets:
ASR 1000 comes with its ESP co processor and can handle the expected load up to ESP 20
see
http://www.cisco.com/en/US/prod/collateral/routers/ps9343/data_sheet_c78-450070.html
A C6500 needs to be equipped with appropriate additional linecard for example SIP actually a specific SSC 600 with VPN SPA see
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/data_sheet_c78_492120.html
up to 2 VSPA for each SIP 600 and maximum 10 VSPA per chassis one VSPA (8 Gbps per VSPA)
you would need a new C6500 chassis with Sup32 or Sup720 or VS-sup720
it may be expensive in comparison to ASR.
Hope to help
Giuseppe
08-23-2010 02:10 PM
Just my 2 cents...
I'd go with the ASR, I think it's probably more appropriate for the enterprise edge in both hardware and feature availability. The fact that you are looking at DMVPN makes me inclined to believe you are working with multicast over IPSEC dependencies (and so you need the tunnels), is this correct?
What protocol will you be running underneath DMVPN?
-Jeremy
08-23-2010 02:04 PM
NPE-G2, and the IPsec HW module
.
Cheaper, and effective.
08-23-2010 02:07 PM
Hi,
In additin to Giuseppe's comments and since you don't need 10Gig interfaces the ASR is a good choice. I have use them as hub site routers for IPSEC/DMVPN. You would need to use IOS XE with ASRs.
Good Luck,
Reza
08-23-2010 04:29 PM
I'd agree with Paolo.
Cheap: 7200 VXR with NPE-G2, hardware encryption module, GE cards
Nice-to-have (aka future proof): ASR 1000
(+5) to y'all!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide