BGP support on ASA5585-X

Pete Lumbis alumbis at gmail.com
Fri Nov 5 12:01:24 CDT 2010


The ASA, like the PIX does everything in software. More pps = higher
CPU. This is true of all non-crypto functions of the ASA. Crypto is
hardware accelerated.

On Tue, Nov 2, 2010 at 1:42 PM, Dylan Ebner <dylan.ebner at crlmed.com> wrote:
> IMHO, I don't think this is a marketing issue for cisco. It's a design issue. PIX/ASA is good at some things, and bad at others. They have never been good as routers. You have to remember, EIGRP didn't even come to the security line until 8.0 code and they still do not support traffic shaping. These services use memory and cpu resources which can dramatically reduce your ability to get through very long access lists. I am not positive on the ASAs, but I seem to remember that the routing features on the PIX was all done in software. If that is still true today, I can't imagine you could effectively perform stateful inspection, access lists, maybe VPN services, and BGP for a 100Mb+ internet connection on even a 5585. They just aren't that powerful.
>
>
>
>
>
> Dylan Ebner
>
> -----Original Message-----
> From: srg [mailto:srgqwerty at gmail.com]
> Sent: Friday, October 29, 2010 12:43 PM
> To: nanog at nanog.org
> Subject: BGP support on ASA5585-X
>
> Hi:
>
> At this moment we know that ASA5585-X does not support BGP.
>
> Does anybody know if BGP support in the ASA5585-X is in roadmap?
> More precisely... MP-BGP support in the ASA5585-X?
> Any "oficial" link in the Cisco website about this? (I did't find it)
>
> Thanks a lot and best regards
>
>
>




More information about the NANOG mailing list