| 1811 Load / Performance Testing Results 1811loadtest···nfig.txt 7,812 bytes
1811 Testing Config | | | 
JPERF test, 1 stream 64KB Window size | 
JPERF test, 10 streams 64KB Window size | 
JPERF test, 50 stream 8KB Window size | 
1811 throughput, IPS off | 
1811 throughput, IPS on |
Had some free time today so I got around to testing the 1811 to see what
performance limits it has. Short-version, 180x / 181x can DEFINATELY
move wirespeed with services. Attached is the IPERF graphs I got and a
copy of the test config I was using, in case anyone's interested.
Would've added HQOS but I didn't have any other traffic to classify other
than the IPERF data, and testing was done PC to PC only to minimize the
variables.
Also thought I'd share some performance graphs of what IPS does to the
router CPU and throughput. As already noted before, IPS kills the CPU,
bar none. The highlighted line on the graph is thoughput, but the CPU
for the same time is pretty much 95%+ all the way through. I turned off
IPS a few hours later and grabbed a snapshot of the router performance.
I'll do some more testing as time permits.
Router Details : 1811 ISR / 384MB RAM / 12.4.15T9 IOS
Regards |
|
elnino
join:2006-08-27
Akron, OH | Excellent work! |
|
| reply to HELLFIRE
1 TCP stream, 8K window | 
1 TCP streams, 64K window | 
10 TCP streams, 8K window | 
10 TCP streams, 64K window | 
50 TCP streams, 64K window | 1811loadtest···1001.txt 8,180 bytes
ZBFW config | | | 
Got bored and did a UDP stream test as well |
For some reason, ZBFW eats up alot more CPU than basic CBAC does, and this was
with a single TCP/UDP inspection rule. Also noted a less consistent throughput
than compared with CBAC. I'll have to do more testing, or someone more
versed in the IOS intricacies can explain.
Config attached for anyone that wants to replicate the results.
Regards |
|
aryobaPremium,MVM
join:2002-08-22
kudos:3 | How did you actually do the test? Were you downloading some a large file between PCs?
How about Internet connectivity test? Was the Internet connectivity seem to be faster when your network uses 1811 compared to older Cisco routers (such as 2610XM let's say)? |
|
| reply to HELLFIRE
Would you mind testing NAT throughput on it? (unless I'm oblivious and you already have....) |
|
|
|
sk1939Premium
join:2010-10-23
Washington, DC
kudos:9 | reply to HELLFIRE
Interesting results. I've found that the 2811 can also push wire speed, and can handle a DS3 line with firewall and NAT enabled. I have yet to get my hands on an 1811 though, let us know what you find. |
|
| reply to HELLFIRE
@aryoba
2 laptops, one connected on VLAN1 on the 8port switch, the second on one of the routed FE interfaces.
Testing was done with XJPERF blasting traffic across.
Funny you ask how the 1811 is for internet, I recently decomm'd my trusty old 2621 as my home edge router.
Other than seeing a SIGNIFICANTLY more stable CPU util graph when torrents are running, I wouldn't say
I've percieved necessarily a 'better' experience in comparison to the 2621. I am hoping for a more
functional one as I plan to add QOS and VPN to my config. I also added IOS IPS originally, but based on
my original testing, I'm going to leave that off.
@OVERKILL
You mean just a NAT-only config? Or were you asking if NAT was part of the config?
@sk1939
That's actually my next IPERF project is on some 2801s I picked up recently and seeing what they do
with a similar config. Wondering how they fare versus what some of the earlier debates on 28xx performance
in general viewed them in a less than complimentary way.
I'm also up for any ways anyone can think of config-wise to ab/mis/use my gear to see where it cries 'Uncle!'
Top of the wishlist is another two PCs with a seperate stream of traffic for HQOS classification.
Regards |
|
sk1939Premium
join:2010-10-23
Washington, DC
kudos:9 | They'll do pretty well, but the 2801's are the worst performers of the line. I'd say that it would be on par with an 1841, which is slower than an 1811 (strangely enough). |
|
aryobaPremium,MVM
join:2002-08-22
kudos:3 | reply to HELLFIRE
What I also wonder is that whether there are actual differences between the following
1. Using wireless laptop to connect to the 1811W (integrated wireless)
2. Using wireless laptop to connect to the 1811 with external AP
3. Using wired laptop to connect to one of the Ethernet switch port of 1811
As experiment, I have 1811 with external AP 1230 where the 1811 connects to Catalyst 2950 switch. I notice my wireless laptop has significantly faster Internet connectivity (i.e. Internet video streaming, opening up some websites) when connecting to the switch directly instead of wirelessly. |
|
| reply to HELLFIRE
said by HELLFIRE:@aryoba
2 laptops, one connected on VLAN1 on the 8port switch, the second on one of the routed FE interfaces.
Testing was done with XJPERF blasting traffic across.
Funny you ask how the 1811 is for internet, I recently decomm'd my trusty old 2621 as my home edge router.
Other than seeing a SIGNIFICANTLY more stable CPU util graph when torrents are running, I wouldn't say
I've percieved necessarily a 'better' experience in comparison to the 2621. I am hoping for a more
functional one as I plan to add QOS and VPN to my config. I also added IOS IPS originally, but based on
my original testing, I'm going to leave that off.
@OVERKILL
You mean just a NAT-only config? Or were you asking if NAT was part of the config?
@sk1939
That's actually my next IPERF project is on some 2801s I picked up recently and seeing what they do
with a similar config. Wondering how they fare versus what some of the earlier debates on 28xx performance
in general viewed them in a less than complimentary way.
I'm also up for any ways anyone can think of config-wise to ab/mis/use my gear to see where it cries 'Uncle!'
Top of the wishlist is another two PCs with a seperate stream of traffic for HQOS classification.
Regards
Yeah, a NAT-only config. |
|
sk1939Premium
join:2010-10-23
Washington, DC
kudos:9 | reply to aryoba
That's sort of a given since wireless always has a higher latency than wired connections. |
|
| reply to HELLFIRE
@sk1939
Amazing what the MPC8500 does vs the crappy CPU Cisco decided to stick into the initial x8xx
line of routers 
@aryoba
I have nearly the same setup here as well, except the 1811 hangs off the 1811's internal switch
rather than an intermediary. Better, worse, I hold no particular opinion on the performance.
Unfortunately, all my 1811s are the non-W model, so I can't test.
@OVERKILL
...I'll put it on the todo list, but likely wirespeed and very low CPU util, without a doubt
Regards |
|
sk1939Premium
join:2010-10-23
Washington, DC
kudos:9 Reviews:
 ·T-Mobile US
| Well yeah, and it's frankly kind of sad. I was thinking about an ISR G2 till I got a deal on the 2811's.
The 1811 is rated at 70k PPS CEF and 35.84 mbps throughput.
The 1841 is 75k / 38.40
The 2801 is 90k / 46.08
The 2811 is 120k / 60.44mbps
However, we know these numbers aren't the most accurate as the 1811 is faster than the 1841 when multitasking. |
|
| reply to HELLFIRE
1811loadtest···only.txt 6,668 bytes
NAT only CPU graphs from the router |  1811loadtest···only.zip 1,024,197 bytes
NAT only throughput graphs from XJPERF | 1811loadtest···.txt.txt 1,561 bytes
Got bored again so I added IPS (basic+advanced) to NAT to see overall CPU performance | 
XJPERF throughput with NAT / IPS, 1stream 64K window | 
XJPERF throughput with NAT / IPS, 50stream 64K window |
Testing methodology remains the same - PC to PC on an 1811 / 384MB RAM. The only change is I've
switched to 12.4.24T6 code, IPS sigs loaded was S349. While running the IPS tests, suffice to say
that CPU utilization was high enough it took the whole testing timeframe (60secs) for the CLI to
register I'd typed "show cpu proc hist"
Regards |
|
aryobaPremium,MVM
join:2002-08-22
kudos:3 | reply to HELLFIRE
said by HELLFIRE:@aryoba
2 laptops, one connected on VLAN1 on the 8port switch, the second on one of the routed FE interfaces.
Testing was done with XJPERF blasting traffic across.
Funny you ask how the 1811 is for internet, I recently decomm'd my trusty old 2621 as my home edge router.
Other than seeing a SIGNIFICANTLY more stable CPU util graph when torrents are running, I wouldn't say
I've percieved necessarily a 'better' experience in comparison to the 2621. I am hoping for a more
functional one as I plan to add QOS and VPN to my config. I also added IOS IPS originally, but based on
my original testing, I'm going to leave that off.
This reminded me a situation where we upgraded a 1721 router with 1921 router, using the same T1 circuit. We noted the CPU and memory utilization was much lower however the circuit utilization was still high. Even when the new router was able to push more traffic out and in, the bandwidth was unable to keep up. We then had to consider upgrading the circuit bandwidth afterwards to get faster Internet access  |
|
| reply to HELLFIRE
Had another idea for load testing, wondered if anyone could give me a quick way to get a bunch
of BGP routes into this thing quick... I'm REALLY rusty on my BGP config, and Cisco keeps harping
about how 256MB minimum is needed for a full BGP table
Regards |
|
sk1939Premium
join:2010-10-23
Washington, DC
kudos:9 | Other than doing a full BGP config I have no idea. Besides, you would have to get someone to peer with you to start with. |
|
cramer
join:2007-04-10
Raleigh, NC
kudos:7 | reply to HELLFIRE
That was true 7 years ago. A 7206/NPE200 with 256MB ran over 90% with a full BGP table. I don't work for an ISP anymore, and don't have access to a full BGP table. (other than route-servers.) I would expect it would be better at it than an old NPE200, 'tho. |
|
aryobaPremium,MVM
join:2002-08-22
kudos:3 | reply to HELLFIRE
You don't need to peer with ISP to simply get a large BGP table. Since you mentioned you had more than one 1811 router, you could internally run BGP where you had dedicated router as traffic generator advertising lots of BGP routes. Simply create tons of static routes and advertise them through BGP using that BGP traffic generator router.
In the case where you use the routers as part of your home production network, you may want to create some VRF lite or Layer-3 MPLS (at least two PE routers with point-to-point connection) where the BGP routes coming from the traffic generator router is at one VRF and your home production network is at another VRF to separate the network, so that your production network won't get confused in terms of routing.
With this two PE setup, you can have the traffic generator router as one CE and its counterpart (another router that receive the BGP routes) as another CE. There will be another set of CE routers to handle your production network. The two PE routers may then handle those hefty BGP routes in addition to your actual production network traffic. See if any routers break with this setup |
|
| I never figured I'd get an ISP to send me a full BGP table -- one can wish, though.
@aryoba
That's kind of the direction I'm leaning right now, though I have to admit VRF and
L3 MPLS is DEFINATELY outside my skillset at this time. Think I found a config I
can use, what the PITA part is going to be is manually copy-pasting 128K or more
lines into the config for the networks advertised. *sighs*
If I figure out a way to test this, will let ppl know.
Regards |
|
