Home

This document is a cache from http://www.cisco.com/en/US/docs/nsite/network_virtualization/NV_AC_SAG/E2E_NV_AC.pdf


Enterprise Network Virtualization - Access Control System ...

Document source : www.cisco.com

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 All Pages

B-7
Enterprise Network Virtualization ­ Access Control System Assurance Guide
Appendix B Network Virtualization Access Control Solution Validation Strategy
B.5 Scalability
Access Control scale included the simulation of 150 aggregate 802.1X supplicant clients equally
distributed across the access layer platforms (3750, 4500, and 6500) using the Spirent Avalanche test
tool. Within each access platform, various user types were simulated, which included: Employee, Partner
and Guest supplicants. End-to-End HTTP traffic flows are generated across each supplicant to their
respective servers based on supplicant types. Further supplicant details are described in
Table B-5
.
Downloadable ACL Scalability (CATOS):
The scale of dACL is determined by TCAM ACL storage usage. There are two components that use the
storage: number of independent ACEs, and number of ports that the ACEs are mapped to. Following are
three scenarios that are validated:
·
a) 750 independent ACEs with a single dot1x access port
·
b) 600 independent ACEs with 42 dot1x access ports
·
c) 500 independent ACEs with 47 dot1x access ports
Table B-4
Device Role and Network Scalability Information
Role
Network Scalability
Access L2
100 Vlans
Distribution L2
100 Vlans
Distribution (PE) L3
3000 EIGRP routes
50 VRFs
100 HSRPs
5000 VPN prefixes
Core (P) L3
50 EIGRP neighbors
3000 EIGRP routes
Table B-5
802.1x Supplicant Scalability Information
Platform
Supplicant Scale and Type
Traffic Destination
Route Path
3750
43 Employee
Employee Server
Global Table
5 Partner
Partner Server
MPLS VPN
2 Guest
Internet Access
4500
43 Employee
Employee Server
Global Table
5 Partner
Partner Server
MPLS VPN
2 Guest
Internet Access
6500
43 Employee
Employee Server
Global Table
5 Partner
Partner Server
MPLS VPN
2 Guest
Internet Access

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 All Pages



Share |
    |     Download PDF



Summary :

Following are three scenarios that are validated: · a) 750 independent ACEs with a single dot1x access port · b) 600 independent ACEs with 42 dot1x access ports · c) 500 independent ACEs with 47 dot1x access ports Table B-4 Device Role and Network Scalability Information Role Network Scalability Access L2 100 Vlans Distribution L2 100 Vlans Distribution (PE) L3 3000 EIGRP routes 50 VRFs 100 HSRPs 5000 VPN prefixes Core (P) L3 50 EIGRP neighbors 3000 EIGRP routes Table B-5 802.1x Supplicant Scalability Information Platform Supplicant Scale and Type Traffic Destination Route Path 3750 43 Employee Employee Server Global Table 5 Partner Partner Server MPLS VPN 2 Guest Internet Access 4500 43 Employee Employee Server Global Table 5 Partner Partner Server MPLS VPN 2 Guest Internet Access 6500 43 Employee Employee Server Global Table 5 Partner Partner Server MPLS VPN 2 Guest Internet Access


Tags : partner,employee,table,supplicant,serer,aces,scalability,network,independent,guest,scale,100,internet




Terms    |    Link pdf-search-files.com    |    Site Map
   |    Content Removal Notice   
   |    Contact   

All books are the property of their respective owners.
Please respect the publisher and the author for their creations if their books copyrighted