Apologies for the delay in my response, I just got back from vacation...
I'm looking to replace our Asus RT-N53 with a business class router and two access points each servicing a private and a guess SSID on separate VLANs. We currently have 35 Mbps down, 7 Mbps up, internet service with intentions to upgrade to a faster package or provider in the near future.
...
1) Table 8's numbers are Cisco's attempt to simulate real-world performance, correct?
On this point, you are correct. Table 8 illustrates how the router would perform using a realistic combination of "enterprise" features.
Specifically, Table 8 (shown above) uses a custom IMIX (average packet size: 409 bytes) traffic stream as defined in this paper:
- 61 packets at 64 bytes (ethernet frame size), 3904 bytes total [10.13% by bytes]
- 24 packets at 594 bytes (ethernet frame size), 11856 bytes total [30.77% by bytes]
- 15 packets at 1518 bytes (ethernet frame size), 22770 bytes total [59.09% by bytes]
Given that IMIX distribution, they send unidirectional traffic using pre-defined NAT + HQoS + ACL configurations on the router, until the CPU reaches 75% load.
Take special note of the unidirectional nature of the test traffic, this unidirectional traffic is relevant to the next answer.
Figure 1's numbers are an RFC-2544 NDR measure of CPU performance, correct?
This is not correct; Figure 1 recommends an ISR G2 model based on Table 8, which is not a 2544 NDR test. RFC 2544 NDR tests typically run at about 90% CPU or higher. Table 8 gives you a performance sample at 75% CPU.
By way of comparison, let's look at the RFC 2544 NDR test results shown in Table 1:
Table 1 shows the Cisco 3945E can handle up to 8.675 Gbps of RFC 2544 NDR traffic; however, Figure 1 merely recommends it for a 350Mbps circuit.
There are a few of implied realities in Figure 1:
- The ISR G2 switches packets in software, instead of ASIC-based packet forwarding. Because the ISR G2 packet-per-second performance degrades as you turn on features, you should take this into consideration.
- Enterprise networks need more features than you would enable in the typical RFC 2544 NDR test
- Enterprise networks usually send a mix packet sizes, as represented by IMIX packet distributions
- Enterprise traffic is bi-directional, but they often upgrade the router before hitting 100% circuit utilization.
- Enterprise networks don't want their ISR G2 router running at more than 80% CPU for sustained periods of time.
To be explicit, real networks have to use NAT (to conserve IPv4 address space), QoS to prioritize VoIP traffic, and ACLs for basic security. Every time you enable a feature like this, you're sucking packet processing power from the router; that's why there is such a big difference between the Cisco 3945E numbers shown in Table 1 (8675 Mbps) vs Table 8 (668 Mbps).
Depending on your perspective:
- Cisco is doing you a favor by giving you a recommendation in Figure 1, based on bi-directional traffic using typical enterprise features.
- Cisco is doing themselves a favor by basing recommendations on such a rich combination of features. Not all customers will need NAT, QoS or ACLs on a WAN circuit; furthermore, the assumptions in the IMIX traffic they used may not be valid in your case. If they upsell you on a more powerful router than you need, that is obviously profit for them.
2) Given the above is correct, should I take one of these numbers literally, in that if I wanted to fully utilize a 100 Mbps connection I'd need to chose a router with a listed value of at least 100 Mbps in Table 8?
No based on Figure 1, you should select the Cisco 2951 or Cisco 3925; this assumes that you really will need NAT, QoS, and ACLs on that 100Mbps circuit.
The Cisco 2951 is a little light for this application at an average IMIX packet size of 409 bytes + features. If you aren't going to turn on a lot of features, or your average packet size will be much higher (as I'd expect for backup traffic), then you can get by with the Cisco 2951 (or even smaller - see my next answer).
3) Or will real-world performance issues (such as if most of the bandwidth was from a single computer running a backup) not stress the router in the same way as Cisco's tests do?
This is a judgement call, and I don't have enough information to say. If you'd like to join me in NE chat, I could walk you through some questions to isolate this further.
The biggest question I have is whether you would need 100Mbps any time other than your PC backup case. Leveraging the reality that your average packet size is high for backup traffic, one could potentially buy an even smaller router than the Cisco 2951 if you police the traffic to the systems other than the one that needs 100Mbps for backup traffic. That said, now we are talking about a more complicated configuration; perhaps you have the money to burn on a Cisco 3925 and don't want to deal with configuration complexities.
Finally think about site growth... if this site grows rapidly, or people are prone to changing their minds about requirements on a whim, just buy the Cisco 3925 and be done with it :-).
Best Answer
A quick Internet search turns up Network > WAN Failover & LB directly from the source:
The SonicWALL assigns interfaces based on individual traffic flows (source IP address and TCP port to a destination IP address and TCP port). A single traffic flow will not be spread across multiple links. This prevents the problems caused by out-of-order packet delivery (slows TCP and kills many UDP applications, especially real-time traffic).
Round-robin - A single traffic flow needing more bandwidth than a single link will still be capped at the bandwidth of the link to which it is assigned. With a lot of traffic flows, you will get close to the combined bandwidth of both links since different traffic flows will be assigned to different links.
Spillover-based - You specify at what percentage of the bandwidth the primary link uses before starting to use the secondary link, but, again, each traffic flow will only flow over a single link, so a traffic flow needing more than the configured percentage will not use the second link and be capped at the bandwidth of the primary link.
Percentage-based -. You can define the the flow percentages each link gets. For instance primary 75%, secondary 25% will use the primary link for the first three flows, but the fourth flow (assuming the first three flows are still active) will be assigned to the secondary link. This is useful if the different links have disparate bandwidths.
You should consider that the primary use for multiple WAN connections is failover. If you use bandwidth larger than one link, you will be crippled to some degree in the event of a link failure. This may or may not matter to you, and management often says this doesn't matter until a failure actually happens.