We just finished up a proof of concept with the good ole boys in green. Yeah I said it… Cisco

Luxurious Cisco, no wonder they are so expensive

Luxurious Cisco Hotel and Spa…..ehhh.. maybe not.

Have I mentioned how proud Cisco is of their gear? I won’t mention any pricing here but WOW.  Not exactly stuff you would find down at Shirley’s discount match and gasoline factory.

So the PoC went a little like this:

  1. Two distinct regions or availability zones
  2. Each region’s security devices were in an HA cluster
  3. Each HA cluster could completely fail and the other region could pick up the slack (ala BGP, wait… Cisco firewalls don’t support BGP)
  4. Load balancing was shared across both regions equally (thanks again BGP)
  5. Each region could easily scale to a more than reasonable size without the use of spanning tree or virtual chassis
  6. Each region’s kit could be upgraded with no noticeable downtime
  7. And entire region could fail without the services behind it taking a hit.
  8. Each region could support 160Gb throughput to the other region and out to the WAN if need be.

Hardware included in the Proof of Concept

  1. Cisco Nexus 6001
  2. Cisco Nexus 6004
  3. Cisco ASR 9001
  4. Cisco ASR 9006
  5. Cisco ASR 9010
  6. Cisco ASR 1000 (used as a “firewall” because Cisco does not have a firewall that can participate in BGP) Our Design Calls for a Juniper SRX.
  7. A10 TH5430
  8. Spirent test boxes with a ton of 10Gb interfaces

Anyone care for the results?

Leave a Reply