BGP support on ASA5585-X

Tony Varriale tvarriale at comcast.net
Fri Nov 5 21:50:17 CDT 2010


----- Original Message ----- 
From: <khatfield at socllc.net>
To: "Greg Whynott" <Greg.Whynott at oicr.on.ca>
Cc: <nanog at nanog.org>
Sent: Friday, November 05, 2010 6:47 PM
Subject: Re: BGP support on ASA5585-X


>They could make it out of the box but this is why Dylan made his statement.

His statement is far fetched at best.  Unless of course he's speaking of 100 
million line ACLs.

>I know first-hand from much of our testing the ASA's rarely meet the box 
>specs for PPS/throughput simply serving the purpose as a static >firewall. 
>They would have to dramatically improve the system performance prior to 
>adding any additional CPU / timing dependent features.

Would you please post your test methodology and data for external analysis?

I've tested a few of the platforms (including FWSM) with specific traffic 
profiles (including DoS specific) and I'd like to see what you came up with.

tv 





More information about the NANOG mailing list