That changes things. From a memory and CPU standpoint, the BGP sessions/tables alone that should have been no problem for that router, but 3 100Mb connections is really toward the upper limit of what the 3945 can do anyway (the semi-secret router performance.pdf doc puts raw CEF forwarding for that box at about 500 Mb/s, which you could theoretically exceed with 600 Mb of potential load), and those best-case numbers fall quickly when you add crypto, inspection and IPS.
As another poster said, it depends on your design but I wouldn't say the 3945e can't handle a full Internet table. I've always said: I like that IOS can do so many different functions, however I don't think it should be doing them all at once. I prefer dedicated firewalls at a large site that would be taking hundreds of Mb/s of Internet. A branch office on a broadband or T1 may be a different story. Those throughput/crypto/IPS requirements would have been handled easily by a mid-range ASA with AIP IPS module. Still an interesting data point on just what one of these boxes really can do though. On Fri, Jun 22, 2012 at 11:31 PM, Michael Davis - Webquor < [email protected]> wrote: > I didn't have time to try another iOS. We had 3 peers with 100mb > connection to each. We couldn't get the router to process any connection > beyond about 10mb. It was terrible. > We were also terminating 300 IPSec tunnels, with Zbf and IPS running. How > much can one router bear? > You want the router to be able to perform multiple functions, the full > routing table seemed to put a lot of load on ours. > > Sent from my iPhone > > On 23/06/2012, at 12:42 PM, "Bob McCouch" <[email protected]> wrote: > > > What?! I do full tables from multiple peers on a 3845 or 3945 > > regularly. I've done full tables from 1 iBGP peer and 1 eBGP peer on > > 2921s quite a number of times too in a simple dual-homed, dual-router > > design. > > > > I will admit to never having done IPv6 routes in BGP, and the route > > entries are larger but what's the entire IPv6 table size, 20k prefixes > > or something? > > > > Cisco's recommendation is 512 MB to do full IPv4 tables, though they > > don't spec how many copies that includes. Soft-config will increase > > the memory requirement. > > > > I've received full routes on a 2621 with 256 of RAM as well but I had > > to disable soft-reconfig and filter the table down to /15 and shorter > > prefixes to keep it stable ;-) > > > > If you crashed a 3945e with a full route table, you hit a bug. That's > > all I can fathom. > > > > > > Bob > > -- > > Sent from my iPhone, please excuse any typos. > > > > On Jun 22, 2012, at 10:21 PM, Michael Davis - Webquor > > <[email protected]> wrote: > > > >> I downloaded the full BGP table to a 3945e and crashed it... Badly. > >> Then tried on our ASR1k and it worked though we went For connected ISP > routes as it was noticeably slower. My guess is you would need an ASR 9k. > >> > >> Sent from my iPhone > >> > >> On 23/06/2012, at 11:04 AM, "Jason Maynard" <[email protected]> > wrote: > >> > >>> This may not be directly related to the lab but it is relevant in > >>> understanding Cisco platforms and BGP requirements. > >>> > >>> What is the smallest router to hold the entire BGP internet table and > which > >>> platfom is ideal? both IPv4 and IPv6 and you must consider route > >>> manipulation > >>> _______________________________________________ > >>> For more information regarding industry leading CCIE Lab training, > please visit www.ipexpert.com > >>> > >>> Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > >>> > >>> http://onlinestudylist.com/mailman/listinfo/ccie_rs > >> _______________________________________________ > >> For more information regarding industry leading CCIE Lab training, > please visit www.ipexpert.com > >> > >> Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > >> > >> http://onlinestudylist.com/mailman/listinfo/ccie_rs > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
