Hmm, you need to perform UPSTREAM traffic, not your internal traffic. Hope CISCO people answer exact performance (through I can look for it myself), but really you does need the performance to develop all incoming/outgoing traffic, this means - if you have E3 upstream, you need E3 performance. And it hardly depends of the traffic itself. ACL's does not use much CPU, but _protocol inspection_ (sorry, there is some other word in IOS for it, I do not remember exactly) does use a lot of CPU. On Fri, 24 Sep 1999, Rubens Kuhl Jr. wrote:
Date: Fri, 24 Sep 1999 00:53:47 -0300 From: Rubens Kuhl Jr. <rkuhljr@uol.com.br> To: nanog@merit.edu Cc: Stephen Sprunk <ssprunk@cisco.com> Subject: FW: your mail
I have listened to their seminar about this... As the simple L5 firewall it's not bad, through it realise the fixed set of ruls and defends your from the simple SMTP attacks only. But anyway, IOS FW is just what 90% of the customers need...
How would IOS FW perform on Cisco 7x00-class equipment with 100M-to-Gigabit traffic ?
Rubens Kuhl Jr.
Aleksei Roudnev, Network Operations Center, Relcom, Moscow (+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 230-41-41, N 13729 (pager) (+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)