Hello Ishiaqahmed81
You’ve identified one of the most frustrating aspects of network design: the significant gap between Cisco’s datasheet “up to X Gbps” marketing numbers and actual real-world performance for specific services. This is a critical issue that affects router sizing and can lead to exactly the kind of cutover-day surprises you described.
First of all, let’s take a look at the difference between ASRs and ISRs.
- Aggregation Service Routers (ASRs)
- designed for use as service provider edge devices, WAN aggregation devices, large enterprise edge devices, or datacenter interconnect devices
- hardware-based forwarding using dedicated network processing units (NPU)
- separate control plane CPU from data plane NPU
- designed for higher performance forwarding
- Integrated Services Routers (ISRs) are designed for use in branch offices and small to medium enterprises.
- CPU-based (software) forwarding
- more of an all-in-one approach integrating routing, switching, voice, security, and WAN optimization in a single device
So in a sentence, ASRs are higher-performance devices designed for larger throughputs, while ISRs are more of a “swiss army knife” device, with more capabilities, but generally lower performance in forwarding and throughput.
Now concerning the issues with the datasheet. Typically, when you see throughputs on a datasheet, these are measured in laboratory conditions. Throughput depends on
- CPU and memory capabilities
- Hardware or software-based processing
- Other services that may be running that tax the capabilities of the resources, like CPU and memory (i.e. MPLS, VPNs, QoS, NAT, IPsec encryption, IPS/deep packet inspection)
- The overhead that certain features add in headers and encapsulation, including MPLS and VPNs.
So the evaluation of the true throughput in a particular scenario can be a complex exercise. The datasheets are intended to be a general guideline. They are not intended to provide you with the expected throughput in every situation.
So this does put you in a difficult position, especially when you’ve designed a network and you ship out equipment, only to find that it is insufficient! This aspect of design must be applied using the rule of oversubscription. (This is my rule, not a generally accepted rule).
Oversubscription just means that you provide infrastructure that, on paper, far outperforms your needs. Of course, this has to be done with care, as too much oversubscription can be costly. It’s a matter of balance and nuance.
In simple terms, this is a rule of thumb that says “don’t size your infrastructure at the specific throughput numbers.” Always leave a minimum of 2x safety margin for well-understood services, and even 3x for complex features that you may use in combination, or for uncertain traffic patterns.
So for your 400 Mbps MPLS L2 requirements, look for a router with 800 Mbps - 1.2 Gbps sustained throughput with services enabled. This ensures you can handle bursts and have headroom for additional features, as well as future scalability.
Now this margin may be too expensive, and I get that. It’s there that you have to weigh what’s most important to you and your customers and make an informed decision. Ultimately, if you do this enough times, you will gain from the experience, and will be able to size your infrastructure more accurately in the future.
As you can see, there’s no one simple answer. It can be a somewhat subjective process with nuance and intuition involved, but if you follow these general guidelines, you should iteratively become more experienced and capable of sizing your infrastructure accordingly.
I hope this has been helpful!
Laz
for e.g we can’t spec a powerful router if the margins are too low else its a loss to us. you know what I mean. I just wanted to see if I have the same issue on my side when doing kit verification kind of things for the network but I can see its a general issue for everyone. Thank you boss 