I'm testing throughput on an active/passive FWSM deployment prior to putting it into production and I'm getting confusing results. Here they are:
* When I test Gig-to-Gig throughput between two of our distribution blocks (6500's w/o FWSM) I get around 550Mbps.
* When I test Gig-to-Gig throughput between one of our existing distribution blocks (6500 w/o FWSMs) and the new distribution block (6500 w/ FWSMs) I can't get better than 300Mbps.
I've tried the test to a VLAN on the new distribution block that doesn't go "through" the FWSM and I get 550Mbps. This is, unfortunately, really looking like the FWSM restricts throughput.
Some specifics on the testing:
* I'm using a CLI tool Iperf
* I've tried different packet sizes (64k - 512k) all with an appreciable differences between disti blocks w/ FWSM and w/o
* There is no production traffic to speak of -- so no contention on the devices
* I've done testing after-hours and during production (for the other, in-use disti blocks)
* All distribution blocks are dual Gig-connected, L3 routed to the core
* The FWSM is configured in routed-mode
I can't find any architecture difference between the distribution layers that would account for the difference; it just looks like the FWSM can't push a single connection above 350Mbps on throughput.
Thoughts? Am I missing something? Has anyone else done these kinds of tests?