Welcome to the Cisco Support Community Ask the Expert conversation. Learn from Cisco expert Manigandan B about the architecture, features, performance and benefits of Cisco ASR 1000 Series Routers. This event is a continuation of the Cisco live Facebook Forum, where you can ask additional questions to the expert.
Manigandan B. is a technical services engineer at Cisco working as a team leader for the Enterprise Services team. He works primarily with customers and their escalations in the Europe, Middle East and Africa (EMEA) region. His areas of expertise are architecture of routers, Cisco IOS, QoS, packet tracing, Cisco Express Forwarding, Cisco NetFlow, Network Address Translation, and other router platform issues. Mani has been associated with Cisco for more than 3 years, having joined Cisco after receiving a bachelor's degree in electronics and communication engineering. He also holds CCNA, CCNP, and ITIL certifications.
Remember to use the rating system to let Manigandan know if you have received an adequate response.
Manigandan might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Network Infrastructure sub-community discussion forum shortly after the event. This event lasts through March 6 , 2012. Visit this forum often to view responses to your questions and the questions of other community members.
ASR1k doesn't support per-packet load balancing(PPLB) as of date. It causes quite a lot of issues when we load share the steams based on per packet. Some common issues:-
1. Packet sequencing issues.
2. Very bad TCP performance.
We support flow based load sharing and this feature is not even on the radar of ASR1k team. Thanks.
Another question, Manigandan. Can you provide some guidance of how do we troubleshoot packet drops on ASR1k? Also, when ASR1k crashes where do we look for crash files?.
Thanks for your valuable responses
That's a very good question. This CCO page will help us:
Basically we start of looking at QFP drops and then proceed further. For the second part, ASR1k's RP or ESP or SIP can crash. If the ESP or SIP crashes, we would just have the core files under harddisk:core directory. While if RP crashes, we would have crash file in bootflash and core files under harddisk:core directory.
* For ASR1001 and ASR1002, we need to look at bootflash for core and crashfile.
The CTCP Support on ASR1k is not yet on roadmap. There are few customer cases requesting for the same and ASR1k dev team might update something soon. As of date, we don't support it.
Can you please note the main differences between the ASR1k to some other WAN aggregation routers as the 7200 series?
What are the reasons that I should take into consideration while choosing the ASR1k over other routers?
Good question. Please start here on CCO:
Its has all the reasons why one should opt for ASR1k.
Please see few VOD's recorded for this purposes:
Router security services:
Cisco Application Visibility and Control (AVC):
Lets talk very concisely about 7200 and ASR1k:
1. Basically 7200 is a 13 year old software based system that has the
greatest feature breadth of any router ever developed. Active selling
will continue, no new Hardware is planned though IOS Software features
will continue to be developed in the appropriate releases.
2. ASR1000 family is our next generation midrange router that will
eventually replace the 7200, 7300, C10k, 10720, etc. We added HW and SW
HA, Front to Back airflow, Scaling, Performance and Bandwidth improvements
to name a few.
3. More reasons for ASR1k can be found here which serves as a very good comparison:
This should give you a very good picture of the robustness of the platform.
It seems ASR 1002 doesn't support the object group for the access list. Do you know when ASR 1002 will support Object Group?
Our ASR 1002 is running 3.4.0S, are there any new features on 3.5.1S?
This feature is not in ASR1k dev team's roadmap. So as of now, we don't have an ETA when the support will begin. Feel free to work with Cisco's accounts team if you have a ASR1k contract, so that they can talk to ASR1k dev team and see if they can get that feature on their radar.
We have implemented a few dozens of ASR 1004 as Internet Gateways, but unfortunately we are having lots of problems when running PAT.
Two issues have been faced so far and are critical to operations:
1- PAT pooling fails, whereas if we have a pool with N entries, lots of protocols are consuming 1 to 1 NAT, which leave us with shortage of ports. A pool of 5 IP addresses should serve about 320000 ports thus 320000 simultaneous connections. but we only end up in using the first 4 IP addresses as 1-to-1 NAT and the remaining 5th is doing PAT ! We tried to increase the Pool mask (eg 20 IP addresses) and still the same issue. We expect to serve 2000000 simultaneous connections per ESP-40 (as per the datasheet).
2- On another unit we have the following output in the NAT stats:
sh ip nat statistics
Total active translations: 75727 (0 static, 75727 dynamic; 75727 extended)
Hits: 1842060462 Misses: 52429354
CEF Translated packets: 0, CEF Punted packets: 0
Expired translations: 52225597
-- Inside Source
[Id: 9] route-map NATALL pool natpool refcount 75320
pool natpool: netmask 255.255.255.0
start 18.104.22.168 end 22.214.171.124
type generic, total addresses 50, allocated 1 (2%), misses 0
max entry: max allowed 0, used 0, missed 0
Pool stats drop: 0 Mapping stats drop: 1
Port block alloc fail: 0
IP alias add fail: 0
Limit entry add fail: 0
Note that we have 75727 simultaneous connections for a SINGLE IP... That is a bit ackward, don't you think?
Your feedback is much apprecaited.
One last question, is there any document related to which applications are supported by PAT on the ASR1K ?