Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to get an update on building scalable, secure, and reliable WAN network with the new Cisco ASR 1000 Series with Cisco experts Prashanth Shenoy and Kirk Spessard. Prashanth Shenoy is a product marketing manager in the Network Systems and Security Solutions Marketing Group at Cisco, responsible for Cisco's high-end routing portfolio including Cisco 7200, 7300, and 7600 Series, the Cisco ASR 1000 Series, and the Cisco Catalyst 6500 Series. Kirk Spessard is a technical marketing engineer for the Midrange Routing Business Unit in Cisco. There his responsibilities include Layer 3 VPN, traffic engineering, IP RAN, Multicast, and convergence. From hands-on network operations to the network design of multisite topologies, Spessard brings more than 20 years of design and operational experience to his role. He holds a bachelor of science degree in electrical engineering.
Remember to use the rating system to let Prashanth and Kirk know if you have received an adequate response.
Prashanth and Kirk might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through April 4, 2007. Visit this forum often to view responses to your questions and the questions of other community members.
Yes. From a casual user standpoint, IOS XE has the same classic IOS look and feel. Its not until users start taking advantage of enhanced IOS XE features that they will start noticing the differences. Enhance IOS XE features include:
1. The ability to run active and standby IOS processes on a single route processor.
2. The ability to perform ISSU upgrades on both redundant and non-redundant hardware systems.
3. The ability to upgrade individual SPA software drivers.
4. The ability to telnet/ssh into the router even though IOS is not running.
5. The ability to ftp/scp files into the router even though IOS is not running.
All those features sound very impressive, but I think for 4 and 5 to be possible, some kind of software must be running in the router :-) Do you mean that 4 and 5 are possible when some kind of enhanced bootloader software is running in the router ?
Cisco IOS XE is a Linux based, modular operating system. What this means from a practical standpoint is that each line card, i.e. the Route-Processor (RP), Embedded Services Processor (ESP) and SPA Interface Processor (SIP) is running a Linux kernel with protected memory processes running.
So one of the advantages of running a Linux based operating system is we can take advantage of features such as telnet, ssh, ftp and scp in the event that IOS is no longer running. (Note: This is referred to as 'Persistant Mode.')
In the event that IOS is no longer running, IOS XE will allow users access to the router with the ability to reload linecards, upload and download files and to boot a new image.
Thanks a lot for your reply.
I have been reading the product bulletin about the end-of-sale and end-of-life policy for the Cisco ASR 1000 with Cisco IOS XE and got a bit confused. Does this policy mean that software in a production router must be upgraded every 2 years or less to receive adequate support ? Could you please explain in simple terms what this policy means in terms of regular maintenance ?
Cisco IOS XE is going to a fixed software release schedule. For feature releases, we will be releasing software images on the following yearly schedule:
Apr - 1 year support
Aug - 1 year support
Dec - 2 year support
For each feature release, we will have two scheduled rebuilds. The first rebuild will take place two months after FCS of the feature release. The second rebuild will take place four months after FCS of the feature release.
Thanks a lot for your reply.
I would like to ask something about this router's hardware architecture. Is this a bus based system ? I mean are the various modules connected by an internal bus (or buses) ? If so, what is the internal bus architecture and relevant bus speeds ? (It seems to me like some architecture somewhere between the 7200 and 7500 architecture.) Or is there some switch matrix inside ?
The ASR 1000 utilizes a centralized forwarding architecture, i.e. all non-legacy protocol traffic is forwarded by the ESP forwarding processor. So in other words unlike other Cisco platforms, the only packet forwarding the SIP carrier performs is from the SPA to the ESP. (Note: The ASR 1000 has implemented a simple high/low priority scheme between the SIP and ESP.)
Connectivity between each SIP-10 and ESP is via an 11.5 Gbps ESI bus. On the ESP, a schedular chip will perform weighted fair queuing (with equal weighting for each SIP-10)between each SIP-10. In the event of congestion between the SIP and ESP, the ESP will backpressure the SIP resulting in ingress buffering on the SIP card.
I've such questions:
1. When ASR1002 will be added to DCT (Dynamic Configuration Tool)? - I'm interesting for its price.
2. Can you explan to me, how licensing schema for ASR are working?
For example: some features on PIX/ASA don't working without activation-key
Or will be IPsec VPN's works without FLASR1-IPSEC-RTU? Or this license types describes so called "AS-TRUST"-model - i.e. it's need for appropriate use for commercial purposes. But if I will want to test this functions at LAB - can I test this functions without license?
3. Why SASR1R1-AESK9-21SR (Advanced Enterprise Services) costs $10000US (GPL), but SASR1R1-AISK9-21SR (Advanced IP Services) cost s $15000US (GPL) in DCT. Is it true? I cannot find what are the difference between them through Feature Navigator.
1. The latest word is early April for orderability. Sind an email to ask-mcp-marketing if you would like to see pricing information before that time.
2. We are using the honor system. So as long as the correct IOS XE release is selected, the feature should just work.
3. From a BU perspect, in order to create an Advanced IP Services we have to remove features from Advanced Enterprise Services. Since this requires additional resources from a support and testing perspective, the BU has decided to charge an additional cost.
document it says that Cisco ASR 1000 Series Router is ideally suited for deployment as a Point-to-Point Termination and Aggregation (PTA) device, L2TP Access Concentrator (LAC), or L2TP Network Server (LNS).
So, does it mean, that ASR1000 supports PPPoE?
ASR, at FCS, does not support EoMPLS and VPLS. Please check with your Cisco account team or local Cisco representative for more details on future feature support / roadmap on the ASR 1000.
Hello again :-),
I would like to ask about the ASR 1000 inherent capability as a hardware platform compared to other Cisco aggregation platforms. Other such platforms might currently have more features implemented (such as the MPLS features just mentioned), but those kind of things are not set in stone. How would you compare it to the 7200, 7600, 10K for example ? Where does the ASR 1000 fit compared to those (or other platforms you have in mind) ? If you have some presentation or document or demo with comparisons between platforms, I would be glad to see it.
By the way, the platform numbering scheme where higher number indicates more powerful platform is quite intuitive for me, since I tend to forget performance numbers :-) Why did Cisco chose the 1000 number for ASR ? Should we expect a new numbering scheme for future platforms ?
The ASR 1000 is a mid-ranged platform that is being positioned between the lower bandwidth Cisco 7200 series and the higher bandwidth routers such as the 7600 and CRS.
As far as the numbering schema, historically the higher product number does not always mean more capacity. For example the Cisco 10000 vs the Cisco 7600...
Hi Guys - We're very excited to hear about this product and how it would fit in to our Service Provider Edge!
A couple questions:
1) Do the ASR 1000s support 10 GE Interfaces?
2) What is a theoretical throughput with and without encryption/filtering/packet inspection, etc
1) Yes, 10 GE interfaces will be supported.
2) We are quoting 10 Gbps for IMIX traffic with QoS, Netflow, ACL's enabled, and 3 Gbps with IPSEC, QoS, NetFlow and ACLs.
Just to be clear, the traffic rate quoted is traffic leaving the router. For example 10 Gbps of unicast traffic coming in and 10 Gbps of unicast traffic coining out.
Good stuff. In a deployment where the traffic is mixed (some IPSec, some non-IPSec) how would this affect throughput. Also, what about when using GET?
Also a question about the Firewall features...I assume CLI is the primary management interfaces, but is there a GUI as well? If so, is it the same as PDM or ASDM?
Since IPSec traffic is offloaded to a crypto chip, non-IPSec traffic performance should not be effected.
NM GUI planned so far is CSM at first, PDM/ASDM is on the radar.
Also, when we say 3Gbps for IPsec traffic throughput, the remaining 7Gbps of throughput can be still be utilized for clear-text non-encrypted traffic. So we still get 10G throughput with IPsec enabled on ASR 1000.
At FCS, the ASR1000 will support the following serial SPA's:
SPA-8xCHT1/E1 - Cisco 8-Port Channelized T1/E1 Shared Port Adapter
SPA-4XCT3-DS0 - Cisco 4-Port Channelized T3 (DS0) Shared Port Adapter
SPA-2XCT3/DS0 - Cisco 2-Port Channelized T3 (DS0) Shared Port Adapter
SPA-2XT3/E3 - Cisco 2-Port Clear Channel T3/E3 Shared Port Adapter
SPA-4XT3/E3 - Cisco 4-Port Clear Channel T3/E3 Shared Port Adapter
SPA-4XT-Serial -Cisco 4-Port Serial Interface Shared Port Adapter