Edge Router Recommmendation

Unanswered Question

Hey,

I'm currently doing some research and planning for a core network refresh at one of our branch locations where I'm going to be upgrading our WAN link to a much higher speed and replacing our edge router and distribution switchers.

We are upgrading to a single 250MB Metro-Ethernet WAN link and our network will essentially be providing internet access to around 3,000 “untrusted” end users. Additionally, we will have a VLAN for approximately 50 “trusted” end users that we wish to operate a router-based IPS, ZBF FW and a GRE/IPSec Tunnel (approx. 10MB Bandwidth). We will have standalone appliances for WAN Optimization and firewalling for the “untrusted” users.

From the price-performance standpoint, the ASR series seems to be the best option thus far, but I'd like to get some outside input on the selection of the best device for our application. Due to the nature of our network, we provide internet access to untrusted users that we do NOT filter traffic for. Our past experience shows that the type and “quality” of traffic originating from some of our end users can artificially increase the load on our devices running NAT. For example, another location with a 100MB WAN link with a 3845 router experiences a constant 30-50% load during peak hours.

We are currently evaluating the prospects of three different routers:

-7300/NSE-150

-7600/RSP-720

-ASR 1000 ESP-5GB

I'm open to any input you guys have on our router selection and appreciate your help.

Thanks!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joseph W. Doherty Fri, 01/30/2009 - 10:31

All the platforms you've named should have the capacity. Others that might too would include the 7200 using the NPE-G1 or -GE, 7600/sup32, or 6500 with sup32/sup32-pisa/sup720.

The problem with any of the above, is to insure they truly offer the features you need. Although feature navigator and documentation is nice, with this level of platforms, I've sometimes found only actual hands on with the system will fully show features actually implemented.

Systems like the 7300 run special software trains; systems like the 6500/7600 features are impacted by the cards installed (e.g. FlexWAN and SIP-200 QoS enhancements). Systems like the 7200 with -G2 don't run a mainline IOS (yet).

Another important consideration is stability of the plaform's software. This is hard to predict other than it seems software that's more widely deployed and has been around awhile often seems more stable.

My only real suggestion is to continue your research and planning and try to obtain some hands on device access.

Actions

This Discussion