Does any one know if there is any NBAR performance test report for ASR? And also 6509?
I found one but it did not mention ASR or 6509. http://www.cisco.com/en/US/technologies/tk543/tk759/technologies_white_paper0900aecd8031b712_ps6616_Products_White_Paper.html
NBAR isn't supported on many switches. Within the 6500 series, some WAN cards, for the card only, support it (e.g. FlexWAN). Also for the 6500 series, the sup32-PISA FPM, I believe, might be able to match similar to NBAR, but don't recall what its features are compared to NBAR.
For the ASR, don't know for sure, but likely it doesn't support NBAR at all.
Your right, it does mention NBAR (FPM too)!
Perhaps ASR is more akin to 7200 or 7300 vs. 6500/7600 or 4500 series.
If there isn't any published performance for NBAR impact on an ASR, you might be able hope its impact is similar to what's been documented for other network devices.
I'm batting zero on ASRs and NBAR, but I recall NBAR isn't real, real heavy against performance. It may have been generally under 10%, but take that with a grain of salt. I think there are some whitepapers on Cisco's site documenting NBAR performance for some devices.
Just tried to find some info concerning the impact of NBAR, but only got 1, yes just 1, hit against the whole Cisco site searching on just "nbar"!?
If the ASRs support FPM and/or NBAR, like sup32-PISA supports FPM, I recall the latter takes quite a performance hit, so you're correct to be concerned about performance.
I use NBAR on many software routers, along with considerable QoS. On those I haven't seen a really significant performance hit. This makes sense because for some of NBAR it's often just a pretty face for some port matching ACLs. Some NBAR, though, can be stateful and/or dig into the packet. This might be much more system usage intensive. For instance, NBAR that examines HTTP URLs might be such, although I haven't used that kind of NBAR.
What you might try is to ease into NBAR with one match type at a non-peak time and watch what happens. Also, not 100% positive, but activation of flow caching might limit some NBAR analysis to just the first packet of some flows.
You are right. It really depends on the types of inspections. And according to the NBAR test report on the first message, Cisco claimed there would be no packet drop or significant speed reduce if the NDR traffic load were under certain number, such as 60%. The most significant impact would be CPU usage. If it is true, it would be very easy to test because just need to focus on CPU usage. It would be interesting to do a small test.