[131816] in North American Network Operators' Group
Re: BGP support on ASA5585-X
daemon@ATHENA.MIT.EDU (Pete Lumbis)
Fri Nov 5 13:01:42 2010
In-Reply-To: <017265BF3B9640499754DD48777C3D206A11E00AE9@MBX9.EXCHPROD.USA.NET>
Date: Fri, 5 Nov 2010 13:01:24 -0400
From: Pete Lumbis <alumbis@gmail.com>
To: Dylan Ebner <dylan.ebner@crlmed.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
The ASA, like the PIX does everything in software. More pps =3D higher
CPU. This is true of all non-crypto functions of the ASA. Crypto is
hardware accelerated.
On Tue, Nov 2, 2010 at 1:42 PM, Dylan Ebner <dylan.ebner@crlmed.com> wrote:
> IMHO, I don't think this is a marketing issue for cisco. It's a design is=
sue. PIX/ASA is good at some things, and bad at others. They have never bee=
n good as routers. You have to remember, EIGRP didn't even come to the secu=
rity line until 8.0 code and they still do not support traffic shaping. The=
se services use memory and cpu resources which can dramatically reduce your=
ability to get through very long access lists. I am not positive on the AS=
As, but I seem to remember that the routing features on the PIX was all don=
e in software. If that is still true today, I can't imagine you could effec=
tively perform stateful inspection, access lists, maybe VPN services, and B=
GP for a 100Mb+ internet connection on even a 5585. They just aren't that p=
owerful.
>
>
>
>
>
> Dylan Ebner
>
> -----Original Message-----
> From: srg [mailto:srgqwerty@gmail.com]
> Sent: Friday, October 29, 2010 12:43 PM
> To: nanog@nanog.org
> Subject: BGP support on ASA5585-X
>
> Hi:
>
> At this moment we know that ASA5585-X does not support BGP.
>
> Does anybody know if BGP support in the ASA5585-X is in roadmap?
> More precisely... MP-BGP support in the ASA5585-X?
> Any "oficial" link in the Cisco website about this? (I did't find it)
>
> Thanks a lot and best regards
>
>
>
