I have a 1Gbps optical Ethernet circuit that performs at around 980Mbps peak when a laptop is directly connected to the GPON.

The 891F is rated at 51.2Mbps, or 100KPPS x 64B x 8b with no services enabled. An increase in packet size to 1500 puts maximum performance at 1.2Gbps. With NAT and ZBFW enabled, the router is unable to push past 200Mbps and the CPU maxes out at 99%. With ZBFW disabled, it inches closer to 450Mbps while the CPU remains just under 50%. This is WAN (L3 Gi8) to LAN (SVI) to a desktop (L2 Gi0).

RFC 2544-based performance puts the 890 series at 1.4Gbps with 1500-byte packets. The same document claims 54Mbps with firewall enabled, or 75Mbps with PAT and I can achieve double that in real-world tests with both enabled.

Is this all the 891F is able to muster? Obviously I don’t expect this router to handle NAT, ZBFW, IPSEC, QoS, and a ton of other services enabled and still approach 1Gbps, but it’s hard to believe it can’t handle close to 1Gbps with just NAT and ZBFW enabled. I realize it’s not apples-to-apples, but an off-the-shelf NETGEAR or ASUS router can handle those speeds easily with NAT and firewall enabled.

Tested with the same results on 15.4(1)T1 and 15.4(3)M5.

I’m in a weird spot where I have the hardware in-hand but SMARTnet has not activated and TAC won’t answer even simple questions without a contract. Our AM, SE and VAR have all checked out for the weekend - I don’t blame them. Curious if anyone here has any more detail than I do or something I haven’t already looked up and found.

(ref: http://www.cisco.com/web/partners/downloads/765/tools/quickreference/routerperformance.pdf, https://supportforums.cisco.com/sites/default/files/attachments/discussion/white_paper_c11_595485_40.pdf)