Cisco ASR 1000 router.Byline: jeevan@cpidubai.com (Jeevan Thankappan) In an exclusive test, the ASR (Automatic Speech Recognition) Using voice recognition to replace keypad entry for telephone voice menus. Typically used to speak the digits 0 through 9 insted of keying them, ASR systems may be able to recognize a limited vocabulary. See voice recognition and AVSR. not only moved traffic at 20Gbps but also did so while running QoS, security and monitoring functions on 120 million flows from hundreds of concurrent routing sessions.<p>The ASR also proved a capable performer when handling multicast and IPSec VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. traffic. And with a 40-core processor, the ASR has enough headroom to run firewalls, load balancers and other services without requiring additional hardware.<p>That's not to say the ASR isn't still a work in progress. Its data-plane capacity still needs to grow, and Cisco hasn't yet rolled out all the services that ASRs eventually will support. But this is a strong initial effort, well worth considering for the many enterprises looking to replace tiers of aging 7200 routers with a single more powerful system.<p>Introducing the ASR <p>The ASR's most notable new feature is its ESP (1) (Enhanced Service Provider) An organization that adds value to basic telephone service by offering such features as call-forwarding, call-detailing and protocol conversion. module, all of which features the 40-core Quantum Flow Processor (QFP (Quad FlatPack) A square, surface mount chip package that has leads on all four sides and comes in several varieties. PQFP (Plastic QFP) may refer to all of the following QFP types. All quad flatpacks use gull-wing leads, except for the CQFP, which stick straight out. ). Through separate software licenses In computing, software that is copyrighted and licensed under a software license is done under a variety of licensing schemes. For end-users there are proprietary licenses and there are free software licenses, and there are proprietary Within these schemes are further classifications. , QFP supports numerous services such as firewalls, NetFlow and Nbar classifiers and, in the future, caching load balancers. The ESP module also offers powerful QoS features, with 128,000 queues and support for up to 1,000 global policies and classification maps.<p>While the RP is functionally similar to Cisco 7200 routing modules, it scales higher; a million Border Gateway Protocol Border Gateway Protocol - (BGP) An Exterior Gateway Protocol defined in RFC 1267 and RFC 1268. Its design is based on experience gained with Exterior Gateway Protocol (EGP), as defined in STD 18, RFC 904 and EGP usage in the NSFNet backbone, as described in RFCs 1092 and 1093. routes and hundreds of thousands of Open Shortest Path First (OSPF (Open Shortest Path First) A routing protocol that determines the best path for routing IP traffic over a TCP/IP network based on distance between nodes and several quality parameters. ) routes are possible. Scalability also extends to the number of routing sessions: Our tests involved hundreds of concurrent OSPF sessions, something we haven't been able to set up with earlier midrange Cisco routers. The RP also offers an integrated session border controller A Session Border Controller is a device used in some VoIP networks to exert control over the signaling and usually also the media streams involved in setting up, conducting, and tearing down calls. for VoIP traffic and unified communications.<p>ASR line cards use the same shared port adapter (SPA) design as Cisco Catalyst 7600, Cisco 12000 and CRS-1 routers and are interchangeable among them, which should help control sparing costs. The SPA modules in turn fit into SPA interface processor (SIP) line cards.<p>The ASR's operating system is IOS (1) (Internetwork Operating System) An operating system from Cisco that is the primary control program used in its routers. IOS is widely used and robust system software that supports the common functions of all products under Cisco's CiscoFusion architecture. XE, a Linux-based variant of Cisco's IOS software. XE looks and feels similar to IOS on 7200 routers, but it's actually just another process running under Linux. Unlike earlier versions where a problem with one process could crash the whole system, this modular design should help contain faults.<p>On the downside, the IOS XE command-line interface doesn't leverage powerful Unix/Linux shell features. Pattern matching of command output is limited; there's no inline configuration editing; and IOS XE does not accept IPv4 addresses entered using classless inter-domain routing (networking) Classless Inter-Domain Routing - (CIDR) /sid*r/ A technique that summarises a block of Internet addresses in a routing table as an address in dotted decimal notation followed by a forward slash and a two-digit decimal number giving the number of leading one bits in the (CIDR (Classless Inter-Domain Routing) An expansion of the IP addressing system that allows for a more efficient and appropriate allocation of addresses. The original class-based method used fixed fields for network IDs, which was wasteful. ) notation.<p>We assessed the ASR with tests of unicast and multicast performance and scalability, high availability and IPSec tunnel capacity.<p>In unicast tests, we put an emphasis on services above and beyond simple packet blasting. In addition to enabling OSPF as the routing protocol, we configured the ASR 1006 so that each of 205 subinterfaces had two 103-line access control lists (ACL See access control list. 1. ACL - Access Control List. 2. ACL - Association for Computational Linguistics. 3. ACL - A Coroutine Language. A Pascal-based implementation of coroutines. ["Coroutines", C.D. ) applied. On the QoS front, the routers classified and queued up to four different traffic types. We also enabled unicast reverse path forwarding Overview Reverse path forwarding (RPF) is a technique used in modern routers for the purposes of ensuring loop-free forwarding of multicast packets in multicast routing and to help prevent IP address spoofing in unicast routing. (uRPF) is correct and NetFlow accounting. (See the full system configurations used for testing.)<p>The ASR's NetFlow cache can track 2 million flows at any one time. But with even more flows -- and our tests introduced 120 million flows in as little as 12 seconds -- the ASR will simply do "emergency aging" of older flows with no performance penalty. This is with full NetFlow monitoring; larger numbers of flows could be monitored using sampling techniques.<p>Cisco supplied the ASR 1006 with SPAs in three of its 12 slots. Adding more ports won't increase aggregate bandwidth or packet-per-second performance, at least not with current hardware; 20Gbps throughput and 10.4 mpps is as fast as current ESP modules will go. Thus, oversubscription Oversubscription The excess number of shares or bonds that investors want to buy but are not available due to high demand. of up to 6:1 is possible with current line cards and ESP modules. That's not necessarily a showstopper showstopper - A hardware or (especially) software bug that makes an implementation effectively unusable; one that absolutely has to be fixed before development can go on. Opposite in connotation from its original theatrical use, which refers to something stunningly *good*. -- many enterprises never come anywhere close to fully utilizing a fully loaded ASR 1006 -- but it is something to bear in mind when doing capacity planning.<p>IPSec tunnel capacity <p>We also validated the ability of the ASR 1006 to handle 2,000 concurrent IPSec tunnels, fielding both encrypted and a mix of encrypted and cleartext traffic. We connected a pair of ASR 1006s using a Cisco Catalyst 7604 as an intermediate router. One ASR emulated a headquarters router at a large enterprise while the other emulated 2,000 remote "sites."<p>We offered cleartext frames from Spirent TestCenter from the remote "sites" bound for networks at headquarters, and used a packet sniffer to verify that the ASRs put all traffic into 2,000 unique IPSec tunnels. As is common with tests of security devices, throughput was significantly lower than with cleartext traffic alone because of the extra processing required for encryption and authentication.<p>Throughput for 64-, 256- and 1400-byte frames was equivalent to 14%, 41% and 81% of line rate, respectively -- far lower than the line-rate results we saw for midsized and large packets in the unicast tests.<p>But lower crypto performance doesn't mean lower overall performance. We retested IPSec with a mix of encrypted and cleartext traffic. This time, aggregate throughput was essentially line rate in both directions. This suggests enabling encryption won't cause any performance penalty for other traffic.<p>High availability <p>We assessed high-availability and resiliency features with four sets of failover and software installation tests. Since the ESP and RP modules directly handle packets, we conducted separate failover tests of each. Failover was virtually instantaneous with both: The ESP module dropped 408 packets out of more than 600 million offered, for a cutover (communications, networking) cutover - /cut-ov*/ Switching from an old (hardware and/or software) system to a replacement system, covering the overlap from when the new system is live until the old system has been shut down. time of 39 microsec. The RP modules failed over perfectly: They dropped zero packets in the transition from active to standby modules.<p>We also measured the time necessary for software upgrades and downgrades of the ASR. These both involve multiple steps, starting with software changes to the ESP and RP modules and then moving onto the SIP (line card) modules.<p>This was not a truly "hitless" procedure. The SIP modules were not redundant; thus, significant packet loss occurred as we upgraded or downgraded the SIP modules. An upgrade took about nine minutes while a downgrade took eight minutes. As the ESP and RP failover numbers indicate, the downtime is almost entirely attributable to software changes on the line cards.<p>Cisco noted that the upgrade/downgrade times were a result of not using redundant interfaces in this test. We'd agree that adding redundancy would mitigate or eliminate downtime caused by SIP module software changes. Also, we conducted the high availability tests with 64-byte frames offered at the throughput rate; downtime would have been lower with less heavy traffic loads.<p>The Cisco 7200 seemed mighty powerful when Cisco introduced it around a decade ago, with what seemed at the time like a speedy CPU CPU in full central processing unit Principal component of a digital computer, composed of a control unit, an instruction-decoding unit, and an arithmetic-logic unit. and a decadent 256MB of RAM. In the same way, the 40 cores of today's ASR 1000 seem extravagant today. But as enterprises look to replace their aging 7200s -- and perhaps consolidate many of them onto a single, more powerful platform -- the ASR 1000 series represents a promising option.<p>Copyright 2009 IDG IDG International Data Group IDG Integrated Drive Generator IDG Installation Design Guide IDG Internet Discussion Group IDG Inset Dielectric Guide IDG International Dangerous Goods (mail, shipping) Middle East. All rights reserved. Provided by Syndigate.info an Albawaba.com company |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion