[131829] in North American Network Operators' Group
Re: BGP support on ASA5585-X
daemon@ATHENA.MIT.EDU (Tony Varriale)
Fri Nov 5 22:50:31 2010
From: "Tony Varriale" <tvarriale@comcast.net>
To: <nanog@nanog.org>
Date: Fri, 5 Nov 2010 21:50:17 -0500
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
----- Original Message -----
From: <khatfield@socllc.net>
To: "Greg Whynott" <Greg.Whynott@oicr.on.ca>
Cc: <nanog@nanog.org>
Sent: Friday, November 05, 2010 6:47 PM
Subject: Re: BGP support on ASA5585-X
>They could make it out of the box but this is why Dylan made his statement.
His statement is far fetched at best. Unless of course he's speaking of 100
million line ACLs.
>I know first-hand from much of our testing the ASA's rarely meet the box
>specs for PPS/throughput simply serving the purpose as a static >firewall.
>They would have to dramatically improve the system performance prior to
>adding any additional CPU / timing dependent features.
Would you please post your test methodology and data for external analysis?
I've tested a few of the platforms (including FWSM) with specific traffic
profiles (including DoS specific) and I'd like to see what you came up with.
tv
