|
North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: BGP support on ASA5585-X
- From: Tony Varriale
- Date: Fri Nov 05 16:47:42 2010
----- Original Message -----
From: "Dylan Ebner" <dylan.ebner@crlmed.com>
To: "srg" <srgqwerty@gmail.com>; <nanog@nanog.org>
Sent: Tuesday, November 02, 2010 12:42 PM
Subject: RE: BGP support on ASA5585-X
IMHO, I don't think this is a marketing issue for cisco. It's a design
issue. PIX/ASA is good at some things, and bad at others. They have >never
been good as routers. You have to remember, EIGRP didn't even come to the
security line until 8.0 code and they still do not support >traffic
shaping. >These services use memory and cpu resources which can
dramatically reduce your ability to get through very long access >lists.
What do you consider very long access lists? Are you aware of how ASAs
handle ACLs internally?
>I am not positive on the ASAs, but I seem to remember that the routing
features on the PIX was all done in software. If that is still true >today,
I can't imagine you could effectively perform stateful inspection, access
lists, maybe VPN services, and BGP for a 100Mb+ internet >connection on even
a 5585. They just aren't that powerful.
Although the ASAs do not support BGP, a ASA5505 will support a 100mbps
internet connection. The list price on that is around $700.
Stating a $100k+ firewall doesn't support a 100mbps internet connect today
is...1990.
tv
|
|
|
