nanog mailing list archives

Re: BGP support on ASA5585-X

From: "Tony Varriale" <tvarriale () comcast net>
Date: Fri, 5 Nov 2010 21:50:17 -0500

----- Original Message -----From: <khatfield () socllc net>

To: "Greg Whynott" <Greg.Whynott () oicr on ca>
Cc: <nanog () nanog org>
Sent: Friday, November 05, 2010 6:47 PM
Subject: Re: BGP support on ASA5585-X

They could make it out of the box but this is why Dylan made his statement.

His statement is far fetched at best. Unless of course he's speaking of 100million line ACLs.

I know first-hand from much of our testing the ASA's rarely meet the boxspecs for PPS/throughput simply serving the purpose as a static >firewall.They would have to dramatically improve the system performance prior toadding any additional CPU / timing dependent features.


Would you please post your test methodology and data for external analysis?

I've tested a few of the platforms (including FWSM) with specific trafficprofiles (including DoS specific) and I'd like to see what you came up with.

tv

Current thread:

Re: BGP support on ASA5585-X Suresh Ramasubramanian (Nov 01)
- <Possible follow-ups>
- RE: BGP support on ASA5585-X Dylan Ebner (Nov 02)
  - Re: BGP support on ASA5585-X Greg Whynott (Nov 02)
    - Re: BGP support on ASA5585-X khatfield (Nov 05)
    - Re: BGP support on ASA5585-X Tony Varriale (Nov 05)
    - Re: BGP support on ASA5585-X gordon b slater (Nov 06)
    - Re: BGP support on ASA5585-X Tony Varriale (Nov 06)
    - Re: BGP support on ASA5585-X Pete Lumbis (Nov 06)
  - Re: BGP support on ASA5585-X Pete Lumbis (Nov 05)
  - Re: BGP support on ASA5585-X Tony Varriale (Nov 05)