In a previous post I wanted to know about the throughput on a link between a 3825 and 2811 router over an IPSec tunnel. After some discussion it was decide that the IPSec AIMs would help. Before the AIMs I got about 30Mbps, after the AIMs I got about 32Mbps. Before IPSec was added to the link, the speeds were about 85Mbps.
The next option is to use the 3900 series ISR G2's. Does anyone have some performance metrics for IPSec tunnels? The datasheet only offers the following:
Embedded IP Security with Security Sockets Layer (IPSec/SSL) VPN hardware acceleration
• Embedded hardware encryption acceleration is enhanced to provide higher scalability, which, combined with an optional Cisco IOS Security license, enables WAN link security and VPN services (both IPSec and SSL acceleration).
• The onboard encryption hardware out-performs the advanced integration modules (AIMs) of previous generations.
ASRs offer better performance but are way over budget and I'd like something that I have the option to do UC with.
I also would like to know what linerate encryption can be achieved on the ISR G2 series 1900, 2900 and 3900. There is only the datasheets speaking of "speed with concurrent services enabled", but I would like to use these routers primarily for WAN encryption and therefore it would be good to know what speed is realistic.
all these values are only commercial informations and they don't reflect reality
I tried with Iperf/Netpipe 881/1841/3825 and the last 1941 (cpu usage always around 90%) without any other processes (qos, shaping, vlan..) and the tests were only between one computer (on one side) and an other (on the other side)... so very simple tests (using cef) :
between 2x 881 sec/k9 => ipsec (esp md5 tunnel mode aes256 psk) => around 30 Mbps
between 2x1841 hsec/k9 => ipsec (esp md5 tunnel mode aes256 psk) => around 23 Mbps
between 2x 3825 hsec/k9 => ipsec (esp md5 tunnel mode aes256 psk) => around 150 Mbps
between 2x 1941 => ipsec (esp md5 tunnel mode aes256 psk) => around 35 Mbps (so nothing exceptional)
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...