----- Original Message ----- From: <khatfield@socllc.net> To: "Greg Whynott" <Greg.Whynott@oicr.on.ca> Cc: <nanog@nanog.org> Sent: Friday, November 05, 2010 6:47 PM Subject: Re: BGP support on ASA5585-X
They could make it out of the box but this is why Dylan made his statement.
His statement is far fetched at best. Unless of course he's speaking of 100 million line ACLs.
I know first-hand from much of our testing the ASA's rarely meet the box specs for PPS/throughput simply serving the purpose as a static >firewall. They would have to dramatically improve the system performance prior to adding any additional CPU / timing dependent features.
Would you please post your test methodology and data for external analysis? I've tested a few of the platforms (including FWSM) with specific traffic profiles (including DoS specific) and I'd like to see what you came up with. tv