dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
6014
cooldude9919
join:2000-05-29

cooldude9919

Member

New ISR 4000 Series

So what's the thoughts on this? Specifically the 4431, 4351, 4331, and 4321. List prices I could find on the SEC models.

$21000 ISR4451-X-SEC/K9 1GBPS to 2GBPS
$14000 ISR4431-SEC/K9 500MB to 1000MB
$10000 ISR4351-SEC/K9 200MB to 400MB
$4500 ISR4331-SEC/K9 100MB to 300MB
$2995 ISR4321-SEC/K9 50MB to 100MB
Higher speed numbers require license upgrade

So basically they are selling guaranteed throughput no matter what servers you have running, such as NAT/QOS/ZBFW, etc? So if you run tons of services, this may be better than the G2, but if you don't and have large packet sizes, you may have much better throughput on G2 than the new "G3".

Trying to read around to find out, but does anyone know how the throughput is measured? Is it egress only?
HELLFIRE
MVM
join:2009-11-25

HELLFIRE

MVM

...other than wanting one for my home internet / lab... not much. I forget who it was that mentioned they got into a technical deep dive on
this platform earlier this year. Position-wise, yeah, they're smack dab in the middle between ISR G2 and the ASR1Ks, I'd wager.

Anyone have them deployed, or planning to have them deployed where they are? Inquiring minds want to know!

Regards

tubbynet
reminds me of the danse russe
MVM
join:2008-01-16
Gilbert, AZ

tubbynet to cooldude9919

MVM

to cooldude9919
i'm tired and on my ipad.
i'll pull out my notes on the platform and summarize them tomorrow.

long story short -- its all about consistent performance.

q.

kamikatze
join:2007-11-02

kamikatze to cooldude9919

Member

to cooldude9919
Here's a beautiful thing.
»www.cisco.com/c/dam/en/u ··· ster.pdf

tubbynet
reminds me of the danse russe
MVM
join:2008-01-16
Gilbert, AZ

tubbynet

MVM

the funny part is that i have steffan mansson on audio saying that there will not be an isr/4400-series -- that the 4451-x is just to fill a gap in current cisco offerings.

we see how that went.

q.
tubbynet

1 recommendation

tubbynet to cooldude9919

MVM

to cooldude9919
said by cooldude9919:

So basically they are selling guaranteed throughput no matter what servers you have running, such as NAT/QOS/ZBFW, etc? So if you run tons of services, this may be better than the G2, but if you don't and have large packet sizes, you may have much better throughput on G2 than the new "G3".

Trying to read around to find out, but does anyone know how the throughput is measured? Is it egress only?

traffic is total aggregate across the box. essentially -- the goal of the isr/4400 is to create a qfp-like architecture using x86. in the 4400-series -- there are dedicated cores to data and control-plane, while the 4300-series has a processor sharing mechanism. as far as i've been told -- there is no way to adjust the core allocation for data or control-plane activities (i.e. pure control-plane box for bgp-rr or so).

the architecture is built with a shaper on the box that limits overall speed. if i purchase the 4451-x -- i get the 1gig license. this is 1gig throughout all traffic profiles (64-byte to jumbo mtu). this is with any number of services enabled on the platform. likewise -- if i purchase the 2gig box -- i get 2gig of services through all of my service combinations. this trickles down to all other platforms in the 4000-series portfolio -- just at different rates.

the thinking behind this is that we often play a guessing game with the current isr/g2 around throughput with service combinations enabled. nat, fw, h-qos all put a hit on the box -- but its an inexact science on how much and when. that has been removed.

additionally -- these routers run ios-xe -- which supports multi-threaded processes and service containers -- so its possible to instantiate different processes on the box (outside of iosd) in unique userspace. this allows for things like v-waas to be deployed on a single box to bolster things like the avc component of the router.

also -- while you may have corner cases of a performance/dollar ratio being better in the g2 -- in the long run -- the 4000-series will give you a better performance experience (especially as you look at the 4400-series -- since the isr/g2 tops out at a few hundred meg/sec -- which was why the whole incentive to produce the 4451-x was made in the first place).

q.
cooldude9919
join:2000-05-29

cooldude9919

Member

said by tubbynet:

said by cooldude9919:

So basically they are selling guaranteed throughput no matter what servers you have running, such as NAT/QOS/ZBFW, etc? So if you run tons of services, this may be better than the G2, but if you don't and have large packet sizes, you may have much better throughput on G2 than the new "G3".

Trying to read around to find out, but does anyone know how the throughput is measured? Is it egress only?

traffic is total aggregate across the box. essentially -- the goal of the isr/4400 is to create a qfp-like architecture using x86. in the 4400-series -- there are dedicated cores to data and control-plane, while the 4300-series has a processor sharing mechanism. as far as i've been told -- there is no way to adjust the core allocation for data or control-plane activities (i.e. pure control-plane box for bgp-rr or so).

the architecture is built with a shaper on the box that limits overall speed. if i purchase the 4451-x -- i get the 1gig license. this is 1gig throughout all traffic profiles (64-byte to jumbo mtu). this is with any number of services enabled on the platform. likewise -- if i purchase the 2gig box -- i get 2gig of services through all of my service combinations. this trickles down to all other platforms in the 4000-series portfolio -- just at different rates.

the thinking behind this is that we often play a guessing game with the current isr/g2 around throughput with service combinations enabled. nat, fw, h-qos all put a hit on the box -- but its an inexact science on how much and when. that has been removed.

additionally -- these routers run ios-xe -- which supports multi-threaded processes and service containers -- so its possible to instantiate different processes on the box (outside of iosd) in unique userspace. this allows for things like v-waas to be deployed on a single box to bolster things like the avc component of the router.

also -- while you may have corner cases of a performance/dollar ratio being better in the g2 -- in the long run -- the 4000-series will give you a better performance experience (especially as you look at the 4400-series -- since the isr/g2 tops out at a few hundred meg/sec -- which was why the whole incentive to produce the 4451-x was made in the first place).

q.

Makes sense. We run a lot of services on ISR G2 boxes, and the throughput really does fall pretty quick. Does the 43xx/44xx do IOS IPS? The spec sheet just says "Yes" for IPS, but they do have some CON-SU1 part numbers which leads me to believe it does it just like the ISR G2. So if the throughput is total both ways, if you had a 100mb/100mb circuit, you would need at least something with a 200mb license to cover full duplex traffic if you wanted to be able to max it out both ways?

IMHO 4331 with the license upgrade to 300MB looks like a decent good deal to me. License upgrade is only around 1k, so for ~$5500 list you can do 300MB guaranteed.

KA0OUV
Premium Member
join:2010-02-17
Jefferson City, MO

KA0OUV to kamikatze

Premium Member

to kamikatze
Is it just me, or is the 1900/2900/3900 series missing from this .pdf? Or is this .pdf aimed at a different wedge of the userbase?

kamikatze
join:2007-11-02

kamikatze

Member

G2 is no longer on their website. But this guy here says that it's not even close to EOL and you can still order it.

»m.youtube.com/watch?v=M2 ··· Lg1FZRXU

tubbynet
reminds me of the danse russe
MVM
join:2008-01-16
Gilbert, AZ

tubbynet

MVM

said by kamikatze:

G2 is no longer on their website. But this guy here says that it's not even close to EOL and you can still order it.

in everything that i've been told -- the g2 will be supported the same length of time as the g1 series. as such -- they are predicting about 7-7.5 years of support on those boxen. given that they were introduced about 3.5-4 years ago -- i'd say that those boxen will be supported for another 3ish years.

q.
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to cooldude9919

MVM

to cooldude9919
said by tubbynet:

the thinking behind this is that we often play a guessing game with the current isr/g2 around throughput with service combinations enabled. nat, fw, h-qos all put a hit on the box -- but its an inexact science on how much and when. that has been removed.

...think all of us can see that here, given the number of threads we see that say "I have speed X, what router
should I buy," and we direct them to routerperformance.pdf, but have to add "oh, by the way..." at the end.

8:43 of kamikatze See Profile 's video... I TOTALLY agree with that guy. Cisco PLEASE communicate CLEARLY exactly
what this can and cannot do.
said by tubbynet:

they were introduced about 3.5-4 years ago

...I seem to recall G2 came out 2009?

Thanks for the info so far, I LOVE the learning!

Regards

tubbynet
reminds me of the danse russe
MVM
join:2008-01-16
Gilbert, AZ

tubbynet

MVM

meh -- semantics.
i still see the g2 line being supported until 2017. too large of an install base (much like the 6500 zealots).
the isr/4000-series is a kick ass upgrade though. and honestly -- 7 year lifecycles are damn good.

q.
HELLFIRE
MVM
join:2009-11-25

HELLFIRE

MVM

said by tubbynet:

meh -- semantics.

Mathematics is a VERY precise language... unless you're talking irrational numbers XP
said by tubbynet:

7 year lifecycles are damn good.

I was chuckling at that number during the video clip.. then realized that that's how most networks I've
touched seem to operate. Wierd....

Regards

tubbynet
reminds me of the danse russe
MVM
join:2008-01-16
Gilbert, AZ

tubbynet

MVM

did you forget just how irrational i really am??!

q.
cooldude9919
join:2000-05-29

cooldude9919

Member

Got a call setup on monday with our reseller, will try to get some of my remaining questions answered, but im thinking i may get one in house in the next month or two for testing. Since we are service heavy it should really make sense for us. Really weird timing as i was just thinking last week about how our 2921's arent so great when loaded down with services. I actually took the time to make a spreadsheet calcuating values based on the cost and performance specs (IMIX,Firewall,PAT,etc) and it was interesting as the 2951 was a worse value per dollar when compared to performance than the 2921, so i was looking at the 3925 or 3925E for new sites. Now with the new 43xx or 44xx I know what i need for a given circuit size to nearly guarantee throughput levels no matter the services.
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to cooldude9919

MVM

to cooldude9919
...we gotta go drinking sometime tubbynet See Profile

@cooldude9919 See Profile
Let us know how that goes... and if you do get one inhouse... can you leave a remote access session for me?

Mind also posting up that spreadsheet... just for some reference?

Regards
cooldude9919
join:2000-05-29

cooldude9919

Member

Router Compa···.xls.zip
2,252 bytes
File
  
Click for full size
white_paper_···5485.pdf
358,732 bytes
White Paper
said by HELLFIRE:

...we gotta go drinking sometime tubbynet See Profile

@cooldude9919 See Profile
Let us know how that goes... and if you do get one inhouse... can you leave a remote access session for me?

Mind also posting up that spreadsheet... just for some reference?

Regards

Here it is, keep in mind it was quick and dirty, router pricing is based off MSRP, but obviously the differential will be the same no matter your discount level. Some things to keep note of, as i said the 2951 is a worse value per dollar than the 2921, and the 3925E is approximately a 3x better value per dollar than the 3925, given you have to spend more to get there. Also the values for the calculation were gotten from the PDF i attached, which is a white paper that gives "real world" g2 performance specs.

tubbynet
reminds me of the danse russe
MVM
join:2008-01-16
Gilbert, AZ

tubbynet to HELLFIRE

MVM

to HELLFIRE
said by HELLFIRE:

...we gotta go drinking sometime tubbynet See Profile

get your ass south of the 48th and that may happen. the weather is much warmer down here. hell -- half of your country comes down here in the winter anyway.

;-P

q.
cooldude9919
join:2000-05-29

cooldude9919

Member

said by tubbynet:

said by HELLFIRE:

...we gotta go drinking sometime tubbynet See Profile

get your ass south of the 48th and that may happen. the weather is much warmer down here. hell -- half of your country comes down here in the winter anyway.

;-P

q.

Actually ill be in phoenix in a few weeks, will you be in town the week of the 17th tubby?

tubbynet
reminds me of the danse russe
MVM
join:2008-01-16
Gilbert, AZ

tubbynet

MVM

said by cooldude9919:

Actually ill be in phoenix in a few weeks, will you be in town the week of the 17th tubby?

as far as i know.
always subject to change, however.

q.
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to cooldude9919

MVM

to cooldude9919
@cooldude9919 See Profile
Thanks for that... though if I'm reading your numbers right, the 2951 is actually cheaper on a cost per Mbit throughput vs the 2921 in some cases, no? Or am I reading something incorrectly?

@tubbynet See Profile
If I'm in the neighborhood, you'll be the first to know, man

Regards
cooldude9919
join:2000-05-29

cooldude9919

Member

said by HELLFIRE:

@cooldude9919 See Profile
Thanks for that... though if I'm reading your numbers right, the 2951 is actually cheaper on a cost per Mbit throughput vs the 2921 in some cases, no? Or am I reading something incorrectly?

@tubbynet See Profile
If I'm in the neighborhood, you'll be the first to know, man

Regards

No, the higher the numbers at the bottom the better, so the 2951 is a higher cost per mbit for the values than the 2921.
aryoba
MVM
join:2002-08-22

aryoba to HELLFIRE

MVM

to HELLFIRE
said by HELLFIRE:

said by tubbynet:

meh -- semantics.

Mathematics is a VERY precise language... unless you're talking irrational numbers XP

Irrational number? Did you mean i in i^2 = -1?
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to cooldude9919

MVM

to cooldude9919
@cooldude See Profile
...aaah, thanks for the clarification

@aryoba See Profile
Sorry man, I'm in IT, I don't have any good math jokes

Regards
markysharkey
Premium Member
join:2012-12-20
united kingd

markysharkey

Premium Member

said by HELLFIRE:

Sorry man, I'm in IT

That's no excuse...
»rekrowten.wordpress.com/ ··· k-jokes/

And on a serious note, check out that test crash command. Scary [/serious]
macallah
join:2003-01-22
Wichita Falls, TX

macallah to cooldude9919

Member

to cooldude9919
So, essentially Cisco is selling a connection speed and you buy your speed, and do not have to worry about how many services you want on your router. So, will this obsolete the asa firewall line?

tubbynet
reminds me of the danse russe
MVM
join:2008-01-16
Gilbert, AZ

tubbynet

MVM

said by macallah:

So, will this obsolete the asa firewall line?

no. not by a long shot.
for the edge -- as things like dmvpn come into vogue, asa at the edge is going away -- regardless of the isr/4000. for times when you need a firewall -- you need an asa. they are purpose built for high-speed ipsec, nigh numbers of connections per second, and as vpn concentrators.

q.
cooldude9919
join:2000-05-29

cooldude9919 to macallah

Member

to macallah
said by macallah:

So, essentially Cisco is selling a connection speed and you buy your speed, and do not have to worry about how many services you want on your router. So, will this obsolete the asa firewall line?

FYI, services are still a factor, just not quite as much as before as they are throwing a ton of cpu cores at it. Check out this report, first real data i could find, given its for the 4451 thats been out for a while now. Main part i am talking about is the graph on page 1 with the details on page 2 talking about performances with different services.

»miercom.com/pdf/reports/ ··· 0605.pdf