I need help with this:
If i have 1Gb/s throughput.
I can receive how many pps in 64Byte each packet / s?
Let's say I can send (Packet / Second – 64Byte) 450,000, meaning I would not only have 230.4 Mbps?
So why is the maximum throughput limit is 1Gbps?
I found it in: https://www.cisco.com/c/dam/global/th_th/assets/docs/seminar/ASA5500_X.pdf
Stateful Inspection throughput (max1): 1Gbps
Packets/Second (64-byte) 450,000
PS (Note):
64Byte * 450,000 = 28800000 Byte = 230,4 Mbps (megabits per second)
I don't understand how Cisco works, is this a marketing move?
Best Answer
This is dependent on the platform. The more packets that must be processed in software, the fewer this will tend to be.
So for things like switches that may be entirely processed in hardware, this could be more than a million pps. For a router, this may be lower. For a firewall, IDS/IPS, application delivery controllers (aka ADCs or load balancers) or shaping platform that must process packets in some more detailed way, this will be even lower.
Some of these devices will have specialized hardware to help improve performance, for example many ADCs will have some sort of hardware SSL/TLS processing capability. In some cases, you can choose to process even that traffic in software (for example, if the hardware doesn't support the desired TLS ciphers). When you process the traffic through software instead of hardware, the performance loss can be significant (in some platforms, over 99%).
Yes, and no. Clearly marketing is at play to some degree, Cisco or any other vendor wants to sell customers on their product. They all do it in varied ways and to varying degrees. You may (or may not) see throughput/performance numbers in a number of ways.
Anyone can say their device has 1G interfaces, or that it has 1 Gbps throughput. But the question is then, "under what conditions?" Max length packets? With which (if any) features enabled? If those conditions change, how does that affect performance?
More than likely in an enterprise, you will have a list of requirements (i.e. x throughput, y PPS, and z concurrent sessions, n ACL lines, etc). When you go to choose a platform, you need to choose the platform that meets or exceeds those requirements. Or you may provide decision makers with options (#1 meets all requirements, #2 meets x and z but costs a% less than #1, and so on).
Vendors may provide a lot of information that is overwhelming to understand for new customers, or they may try to omit information that is less favorable in comparison to other vendors. Learning to sift through the information provided and ask the right questions for the environment is a skill one needs to learn when purchasing larger scale hardware.
In the Cisco document you reference, Cisco provides a number of different pieces of information to help you determine which platform would best meet the needs of your environment. This information is important, but always remember that it is still incomplete and not likely match your environment perfectly. Make sure to understand both your environment's needs and what this information gives or doesn't give you.