Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1063
Views
0
Helpful
1
Replies

Cisco 4331 performance query

darren-carr
Level 2
Level 2

‎08-17-2017 03:01 PM - edited ‎03-05-2019 09:01 AM

Hi community,

I was looking for some information regarding how the performance of a 4331 would be impacted by enabling features of iWAN in addition to basic router functionality. I've read the Miercom report but this doesn't consider the scenario we will be implementing. We will be enabling:

- IPv4 forwarding

- ZBF

- DMVPN

- AVC

- PfR

- QoS

- NAT

In the Miercom report it suggests with the performance license installed, and the router running IPSec, ZBF, NAT, QoS it can achieve 240Mbps (97% utilisation). I obviously don't want to run the router this hard, but wondered if anybody had implemented similar features/services and could comment on the impact on performance with such features enabled. I'd like to understand this more as we have a requirement for this router to support between 150-200Mbps aggregated throughput with these services enabled. As we also have a requirement to support a E-SM slot, the next step up for us would be the 4451. I'd like to avoid this if possible.

Any advice or links to other performance related literature would be much appreciated.

Labels:
0 Helpful
1 Reply 1

Mark Malone
VIP Alumni
VIP Alumni

‎08-23-2017 01:02 AM

Hi

I run IWAN on 4331s with BGP and DMVON , and PFR with QOS utiliising live action too as tool for the IWAN monitoring

I dont use ZBF on them as we have core PAs at our central sites where the HUB border and Master , these are ASRs

But all our remote sites use 4331s as border/master IWAN BGP/DMVPN/PFR setup

Our largest circuit we ahve in the 4331s though our 50mb each way

We dont see any utilization issues at all running but we have hit some major bugs in PKI and IWAN since deploymenrt but its become more stable , wwe also kept our underlay in tact our old BGP network setup and built the IWAN directly over it so if the IWEAN collapses as we dont hold every faith in new tech it will auto revert to the OLD BGP setup keeping site up and running with stanrd BGP active/standby setup for primary and backup while the IWAN whnen fully up gives uus actiove/active routing based on QOS DSCP and policy mapping

The 4431 is poiwerful router i think its fine for remote sites but fi this is your core mabe thinlk of the ASR 1001x too , we also run on the primary 4331 border remotes full voice services with 64 and 32 PVDM chips and it handles that fine too for video conferences etc

 

Ive attached a good doc on 4000s and ASRs i found when we were researching for IWAN got some good details regarding hardware

 

I ahvent seen of any of roiuters pushed hard yet and some of our sites are engineering sites where there hammering data through the routers to backup servers around the globe

 

If you havent worked on IWAN and are fully changing your network you should speak to some professional services team that can give you some pointers as there are pitfalls in design depending on your current networks and definitly certain ios-xe version are better than others and more stable

 

Ther is memallocation fixes in 15.5(3)S6  whch is important as the PFR and DMVPN flapping causes the bug to leak and takes down the router this caused us too outages so pick you version welll , we moved off another one due to cosat PKI server cert failures too , that was earlier 4b version

Preview file
811 KB
0 Helpful
Customers Also Viewed These Support Documents