How many pps (64Byte each) i can receive in 1Gbps throughput modem / firewall












1














I need help with this:
If i have 1Gb/s throughput.
I can receive how many pps in 64Byte each packet / s?



Let's say I can send (Packet / Second - 64Byte) 450,000, meaning I would not only have 230.4 Mbps?
So why is the maximum throughput limit is 1Gbps?
I found it in: https://www.cisco.com/c/dam/global/th_th/assets/docs/seminar/ASA5500_X.pdf



Stateful Inspection throughput (max1): 1Gbps
Packets/Second (64-byte) 450,000



PS (Note):
64Byte * 450,000 = 28800000 Byte = 230,4 Mbps (megabits per second)



I don't understand how Cisco works, is this a marketing move?










share|improve this question







New contributor




LUCAS PAIXÃO SOARES RIBEIRO is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

























    1














    I need help with this:
    If i have 1Gb/s throughput.
    I can receive how many pps in 64Byte each packet / s?



    Let's say I can send (Packet / Second - 64Byte) 450,000, meaning I would not only have 230.4 Mbps?
    So why is the maximum throughput limit is 1Gbps?
    I found it in: https://www.cisco.com/c/dam/global/th_th/assets/docs/seminar/ASA5500_X.pdf



    Stateful Inspection throughput (max1): 1Gbps
    Packets/Second (64-byte) 450,000



    PS (Note):
    64Byte * 450,000 = 28800000 Byte = 230,4 Mbps (megabits per second)



    I don't understand how Cisco works, is this a marketing move?










    share|improve this question







    New contributor




    LUCAS PAIXÃO SOARES RIBEIRO is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.























      1












      1








      1







      I need help with this:
      If i have 1Gb/s throughput.
      I can receive how many pps in 64Byte each packet / s?



      Let's say I can send (Packet / Second - 64Byte) 450,000, meaning I would not only have 230.4 Mbps?
      So why is the maximum throughput limit is 1Gbps?
      I found it in: https://www.cisco.com/c/dam/global/th_th/assets/docs/seminar/ASA5500_X.pdf



      Stateful Inspection throughput (max1): 1Gbps
      Packets/Second (64-byte) 450,000



      PS (Note):
      64Byte * 450,000 = 28800000 Byte = 230,4 Mbps (megabits per second)



      I don't understand how Cisco works, is this a marketing move?










      share|improve this question







      New contributor




      LUCAS PAIXÃO SOARES RIBEIRO is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      I need help with this:
      If i have 1Gb/s throughput.
      I can receive how many pps in 64Byte each packet / s?



      Let's say I can send (Packet / Second - 64Byte) 450,000, meaning I would not only have 230.4 Mbps?
      So why is the maximum throughput limit is 1Gbps?
      I found it in: https://www.cisco.com/c/dam/global/th_th/assets/docs/seminar/ASA5500_X.pdf



      Stateful Inspection throughput (max1): 1Gbps
      Packets/Second (64-byte) 450,000



      PS (Note):
      64Byte * 450,000 = 28800000 Byte = 230,4 Mbps (megabits per second)



      I don't understand how Cisco works, is this a marketing move?







      cisco routing router ethernet firewall






      share|improve this question







      New contributor




      LUCAS PAIXÃO SOARES RIBEIRO is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      share|improve this question







      New contributor




      LUCAS PAIXÃO SOARES RIBEIRO is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      share|improve this question




      share|improve this question






      New contributor




      LUCAS PAIXÃO SOARES RIBEIRO is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 2 hours ago









      LUCAS PAIXÃO SOARES RIBEIRO

      61




      61




      New contributor




      LUCAS PAIXÃO SOARES RIBEIRO is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      LUCAS PAIXÃO SOARES RIBEIRO is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      LUCAS PAIXÃO SOARES RIBEIRO is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






















          2 Answers
          2






          active

          oldest

          votes


















          1














          The ethernet standard for 1 Gbps means that the ethernet interface can serialize frames at 1 Gbps. What you are seeing is the limitation of the device to process packets. That depends on many factors, including the CPU speed. Basically, the firewall software is slower than the interface hardware speed.



          This is something to check whenever you are researching hardware (all vendors, not just Cisco). Firewalls depend a lot on software to inspect the packets, and software will be slower than hardware. You can also run into this with routers, but switching is something that can be done almost completely in hardware, so wirespeed switching is common. The problem you may run into with switches is the backplane speed.



          The vendors need to explain the ethernet standard used by the interfaces (10/100 Mbps or 1/10/40/100 Gbps), but that doesn't mean that the software of the device can process that fast, which is why you look at the pps (among other things), which can also vary greatly by the services enabled. For example, encryption/decryption can greatly slow a device.






          share|improve this answer































            1















            If i have 1Gb/s throughput. I can receive how many pps in 64Byte each packet / s?




            This is dependent on the platform. The more packets that must be processed in software, the fewer this will tend to be.



            So for things like switches that may be entirely processed in hardware, this could be more than a million pps. For a router, this may be lower. For a firewall, IDS/IPS, application delivery controllers (aka ADCs or load balancers) or shaping platform that must process packets in some more detailed way, this will be even lower.



            Some of these devices will have specialized hardware to help improve performance, for example many ADCs will have some sort of hardware SSL/TLS processing capability. In some cases, you can choose to process even that traffic in software (for example, if the hardware doesn't support the desired TLS ciphers). When you process the traffic through software instead of hardware, the performance loss can be significant (in some platforms, over 99%).




            I don't understand how Cisco works, is this a marketing move?




            Yes, and no. Clearly marketing is at play to some degree, Cisco or any other vendor wants to sell customers on their product. They all do it in varied ways and to varying degrees. You may (or may not) see throughput/performance numbers in a number of ways.



            Anyone can say their device has 1G interfaces, or that it has 1 Gbps throughput. But the question is then, "under what conditions?" Max length packets? With which (if any) features enabled? If those conditions change, how does that affect performance?



            More than likely in an enterprise, you will have a list of requirements (i.e. x throughput, y PPS, and z concurrent sessions, n ACL lines, etc). When you go to choose a platform, you need to choose the platform that meets or exceeds those requirements. Or you may provide decision makers with options (#1 meets all requirements, #2 meets x and z but costs a% less than #1, and so on).



            Vendors may provide a lot of information that is overwhelming to understand for new customers, or they may try to omit information that is less favorable in comparison to other vendors. Learning to sift through the information provided and ask the right questions for the environment is a skill one needs to learn when purchasing larger scale hardware.



            In the Cisco document you reference, Cisco provides a number of different pieces of information to help you determine which platform would best meet the needs of your environment. This information is important, but always remember that it is still incomplete and not likely match your environment perfectly. Make sure to understand both your environment's needs and what this information gives or doesn't give you.






            share|improve this answer





















              Your Answer








              StackExchange.ready(function() {
              var channelOptions = {
              tags: "".split(" "),
              id: "496"
              };
              initTagRenderer("".split(" "), "".split(" "), channelOptions);

              StackExchange.using("externalEditor", function() {
              // Have to fire editor after snippets, if snippets enabled
              if (StackExchange.settings.snippets.snippetsEnabled) {
              StackExchange.using("snippets", function() {
              createEditor();
              });
              }
              else {
              createEditor();
              }
              });

              function createEditor() {
              StackExchange.prepareEditor({
              heartbeatType: 'answer',
              autoActivateHeartbeat: false,
              convertImagesToLinks: false,
              noModals: true,
              showLowRepImageUploadWarning: true,
              reputationToPostImages: null,
              bindNavPrevention: true,
              postfix: "",
              imageUploader: {
              brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
              contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
              allowUrls: true
              },
              noCode: true, onDemand: true,
              discardSelector: ".discard-answer"
              ,immediatelyShowMarkdownHelp:true
              });


              }
              });






              LUCAS PAIXÃO SOARES RIBEIRO is a new contributor. Be nice, and check out our Code of Conduct.










              draft saved

              draft discarded


















              StackExchange.ready(
              function () {
              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f55828%2fhow-many-pps-64byte-each-i-can-receive-in-1gbps-throughput-modem-firewall%23new-answer', 'question_page');
              }
              );

              Post as a guest















              Required, but never shown

























              2 Answers
              2






              active

              oldest

              votes








              2 Answers
              2






              active

              oldest

              votes









              active

              oldest

              votes






              active

              oldest

              votes









              1














              The ethernet standard for 1 Gbps means that the ethernet interface can serialize frames at 1 Gbps. What you are seeing is the limitation of the device to process packets. That depends on many factors, including the CPU speed. Basically, the firewall software is slower than the interface hardware speed.



              This is something to check whenever you are researching hardware (all vendors, not just Cisco). Firewalls depend a lot on software to inspect the packets, and software will be slower than hardware. You can also run into this with routers, but switching is something that can be done almost completely in hardware, so wirespeed switching is common. The problem you may run into with switches is the backplane speed.



              The vendors need to explain the ethernet standard used by the interfaces (10/100 Mbps or 1/10/40/100 Gbps), but that doesn't mean that the software of the device can process that fast, which is why you look at the pps (among other things), which can also vary greatly by the services enabled. For example, encryption/decryption can greatly slow a device.






              share|improve this answer




























                1














                The ethernet standard for 1 Gbps means that the ethernet interface can serialize frames at 1 Gbps. What you are seeing is the limitation of the device to process packets. That depends on many factors, including the CPU speed. Basically, the firewall software is slower than the interface hardware speed.



                This is something to check whenever you are researching hardware (all vendors, not just Cisco). Firewalls depend a lot on software to inspect the packets, and software will be slower than hardware. You can also run into this with routers, but switching is something that can be done almost completely in hardware, so wirespeed switching is common. The problem you may run into with switches is the backplane speed.



                The vendors need to explain the ethernet standard used by the interfaces (10/100 Mbps or 1/10/40/100 Gbps), but that doesn't mean that the software of the device can process that fast, which is why you look at the pps (among other things), which can also vary greatly by the services enabled. For example, encryption/decryption can greatly slow a device.






                share|improve this answer


























                  1












                  1








                  1






                  The ethernet standard for 1 Gbps means that the ethernet interface can serialize frames at 1 Gbps. What you are seeing is the limitation of the device to process packets. That depends on many factors, including the CPU speed. Basically, the firewall software is slower than the interface hardware speed.



                  This is something to check whenever you are researching hardware (all vendors, not just Cisco). Firewalls depend a lot on software to inspect the packets, and software will be slower than hardware. You can also run into this with routers, but switching is something that can be done almost completely in hardware, so wirespeed switching is common. The problem you may run into with switches is the backplane speed.



                  The vendors need to explain the ethernet standard used by the interfaces (10/100 Mbps or 1/10/40/100 Gbps), but that doesn't mean that the software of the device can process that fast, which is why you look at the pps (among other things), which can also vary greatly by the services enabled. For example, encryption/decryption can greatly slow a device.






                  share|improve this answer














                  The ethernet standard for 1 Gbps means that the ethernet interface can serialize frames at 1 Gbps. What you are seeing is the limitation of the device to process packets. That depends on many factors, including the CPU speed. Basically, the firewall software is slower than the interface hardware speed.



                  This is something to check whenever you are researching hardware (all vendors, not just Cisco). Firewalls depend a lot on software to inspect the packets, and software will be slower than hardware. You can also run into this with routers, but switching is something that can be done almost completely in hardware, so wirespeed switching is common. The problem you may run into with switches is the backplane speed.



                  The vendors need to explain the ethernet standard used by the interfaces (10/100 Mbps or 1/10/40/100 Gbps), but that doesn't mean that the software of the device can process that fast, which is why you look at the pps (among other things), which can also vary greatly by the services enabled. For example, encryption/decryption can greatly slow a device.







                  share|improve this answer














                  share|improve this answer



                  share|improve this answer








                  edited 2 hours ago

























                  answered 2 hours ago









                  Ron Maupin

                  62.5k1265119




                  62.5k1265119























                      1















                      If i have 1Gb/s throughput. I can receive how many pps in 64Byte each packet / s?




                      This is dependent on the platform. The more packets that must be processed in software, the fewer this will tend to be.



                      So for things like switches that may be entirely processed in hardware, this could be more than a million pps. For a router, this may be lower. For a firewall, IDS/IPS, application delivery controllers (aka ADCs or load balancers) or shaping platform that must process packets in some more detailed way, this will be even lower.



                      Some of these devices will have specialized hardware to help improve performance, for example many ADCs will have some sort of hardware SSL/TLS processing capability. In some cases, you can choose to process even that traffic in software (for example, if the hardware doesn't support the desired TLS ciphers). When you process the traffic through software instead of hardware, the performance loss can be significant (in some platforms, over 99%).




                      I don't understand how Cisco works, is this a marketing move?




                      Yes, and no. Clearly marketing is at play to some degree, Cisco or any other vendor wants to sell customers on their product. They all do it in varied ways and to varying degrees. You may (or may not) see throughput/performance numbers in a number of ways.



                      Anyone can say their device has 1G interfaces, or that it has 1 Gbps throughput. But the question is then, "under what conditions?" Max length packets? With which (if any) features enabled? If those conditions change, how does that affect performance?



                      More than likely in an enterprise, you will have a list of requirements (i.e. x throughput, y PPS, and z concurrent sessions, n ACL lines, etc). When you go to choose a platform, you need to choose the platform that meets or exceeds those requirements. Or you may provide decision makers with options (#1 meets all requirements, #2 meets x and z but costs a% less than #1, and so on).



                      Vendors may provide a lot of information that is overwhelming to understand for new customers, or they may try to omit information that is less favorable in comparison to other vendors. Learning to sift through the information provided and ask the right questions for the environment is a skill one needs to learn when purchasing larger scale hardware.



                      In the Cisco document you reference, Cisco provides a number of different pieces of information to help you determine which platform would best meet the needs of your environment. This information is important, but always remember that it is still incomplete and not likely match your environment perfectly. Make sure to understand both your environment's needs and what this information gives or doesn't give you.






                      share|improve this answer


























                        1















                        If i have 1Gb/s throughput. I can receive how many pps in 64Byte each packet / s?




                        This is dependent on the platform. The more packets that must be processed in software, the fewer this will tend to be.



                        So for things like switches that may be entirely processed in hardware, this could be more than a million pps. For a router, this may be lower. For a firewall, IDS/IPS, application delivery controllers (aka ADCs or load balancers) or shaping platform that must process packets in some more detailed way, this will be even lower.



                        Some of these devices will have specialized hardware to help improve performance, for example many ADCs will have some sort of hardware SSL/TLS processing capability. In some cases, you can choose to process even that traffic in software (for example, if the hardware doesn't support the desired TLS ciphers). When you process the traffic through software instead of hardware, the performance loss can be significant (in some platforms, over 99%).




                        I don't understand how Cisco works, is this a marketing move?




                        Yes, and no. Clearly marketing is at play to some degree, Cisco or any other vendor wants to sell customers on their product. They all do it in varied ways and to varying degrees. You may (or may not) see throughput/performance numbers in a number of ways.



                        Anyone can say their device has 1G interfaces, or that it has 1 Gbps throughput. But the question is then, "under what conditions?" Max length packets? With which (if any) features enabled? If those conditions change, how does that affect performance?



                        More than likely in an enterprise, you will have a list of requirements (i.e. x throughput, y PPS, and z concurrent sessions, n ACL lines, etc). When you go to choose a platform, you need to choose the platform that meets or exceeds those requirements. Or you may provide decision makers with options (#1 meets all requirements, #2 meets x and z but costs a% less than #1, and so on).



                        Vendors may provide a lot of information that is overwhelming to understand for new customers, or they may try to omit information that is less favorable in comparison to other vendors. Learning to sift through the information provided and ask the right questions for the environment is a skill one needs to learn when purchasing larger scale hardware.



                        In the Cisco document you reference, Cisco provides a number of different pieces of information to help you determine which platform would best meet the needs of your environment. This information is important, but always remember that it is still incomplete and not likely match your environment perfectly. Make sure to understand both your environment's needs and what this information gives or doesn't give you.






                        share|improve this answer
























                          1












                          1








                          1







                          If i have 1Gb/s throughput. I can receive how many pps in 64Byte each packet / s?




                          This is dependent on the platform. The more packets that must be processed in software, the fewer this will tend to be.



                          So for things like switches that may be entirely processed in hardware, this could be more than a million pps. For a router, this may be lower. For a firewall, IDS/IPS, application delivery controllers (aka ADCs or load balancers) or shaping platform that must process packets in some more detailed way, this will be even lower.



                          Some of these devices will have specialized hardware to help improve performance, for example many ADCs will have some sort of hardware SSL/TLS processing capability. In some cases, you can choose to process even that traffic in software (for example, if the hardware doesn't support the desired TLS ciphers). When you process the traffic through software instead of hardware, the performance loss can be significant (in some platforms, over 99%).




                          I don't understand how Cisco works, is this a marketing move?




                          Yes, and no. Clearly marketing is at play to some degree, Cisco or any other vendor wants to sell customers on their product. They all do it in varied ways and to varying degrees. You may (or may not) see throughput/performance numbers in a number of ways.



                          Anyone can say their device has 1G interfaces, or that it has 1 Gbps throughput. But the question is then, "under what conditions?" Max length packets? With which (if any) features enabled? If those conditions change, how does that affect performance?



                          More than likely in an enterprise, you will have a list of requirements (i.e. x throughput, y PPS, and z concurrent sessions, n ACL lines, etc). When you go to choose a platform, you need to choose the platform that meets or exceeds those requirements. Or you may provide decision makers with options (#1 meets all requirements, #2 meets x and z but costs a% less than #1, and so on).



                          Vendors may provide a lot of information that is overwhelming to understand for new customers, or they may try to omit information that is less favorable in comparison to other vendors. Learning to sift through the information provided and ask the right questions for the environment is a skill one needs to learn when purchasing larger scale hardware.



                          In the Cisco document you reference, Cisco provides a number of different pieces of information to help you determine which platform would best meet the needs of your environment. This information is important, but always remember that it is still incomplete and not likely match your environment perfectly. Make sure to understand both your environment's needs and what this information gives or doesn't give you.






                          share|improve this answer













                          If i have 1Gb/s throughput. I can receive how many pps in 64Byte each packet / s?




                          This is dependent on the platform. The more packets that must be processed in software, the fewer this will tend to be.



                          So for things like switches that may be entirely processed in hardware, this could be more than a million pps. For a router, this may be lower. For a firewall, IDS/IPS, application delivery controllers (aka ADCs or load balancers) or shaping platform that must process packets in some more detailed way, this will be even lower.



                          Some of these devices will have specialized hardware to help improve performance, for example many ADCs will have some sort of hardware SSL/TLS processing capability. In some cases, you can choose to process even that traffic in software (for example, if the hardware doesn't support the desired TLS ciphers). When you process the traffic through software instead of hardware, the performance loss can be significant (in some platforms, over 99%).




                          I don't understand how Cisco works, is this a marketing move?




                          Yes, and no. Clearly marketing is at play to some degree, Cisco or any other vendor wants to sell customers on their product. They all do it in varied ways and to varying degrees. You may (or may not) see throughput/performance numbers in a number of ways.



                          Anyone can say their device has 1G interfaces, or that it has 1 Gbps throughput. But the question is then, "under what conditions?" Max length packets? With which (if any) features enabled? If those conditions change, how does that affect performance?



                          More than likely in an enterprise, you will have a list of requirements (i.e. x throughput, y PPS, and z concurrent sessions, n ACL lines, etc). When you go to choose a platform, you need to choose the platform that meets or exceeds those requirements. Or you may provide decision makers with options (#1 meets all requirements, #2 meets x and z but costs a% less than #1, and so on).



                          Vendors may provide a lot of information that is overwhelming to understand for new customers, or they may try to omit information that is less favorable in comparison to other vendors. Learning to sift through the information provided and ask the right questions for the environment is a skill one needs to learn when purchasing larger scale hardware.



                          In the Cisco document you reference, Cisco provides a number of different pieces of information to help you determine which platform would best meet the needs of your environment. This information is important, but always remember that it is still incomplete and not likely match your environment perfectly. Make sure to understand both your environment's needs and what this information gives or doesn't give you.







                          share|improve this answer












                          share|improve this answer



                          share|improve this answer










                          answered 50 mins ago









                          YLearn

                          21.6k544101




                          21.6k544101






















                              LUCAS PAIXÃO SOARES RIBEIRO is a new contributor. Be nice, and check out our Code of Conduct.










                              draft saved

                              draft discarded


















                              LUCAS PAIXÃO SOARES RIBEIRO is a new contributor. Be nice, and check out our Code of Conduct.













                              LUCAS PAIXÃO SOARES RIBEIRO is a new contributor. Be nice, and check out our Code of Conduct.












                              LUCAS PAIXÃO SOARES RIBEIRO is a new contributor. Be nice, and check out our Code of Conduct.
















                              Thanks for contributing an answer to Network Engineering Stack Exchange!


                              • Please be sure to answer the question. Provide details and share your research!

                              But avoid



                              • Asking for help, clarification, or responding to other answers.

                              • Making statements based on opinion; back them up with references or personal experience.


                              To learn more, see our tips on writing great answers.





                              Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                              Please pay close attention to the following guidance:


                              • Please be sure to answer the question. Provide details and share your research!

                              But avoid



                              • Asking for help, clarification, or responding to other answers.

                              • Making statements based on opinion; back them up with references or personal experience.


                              To learn more, see our tips on writing great answers.




                              draft saved


                              draft discarded














                              StackExchange.ready(
                              function () {
                              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f55828%2fhow-many-pps-64byte-each-i-can-receive-in-1gbps-throughput-modem-firewall%23new-answer', 'question_page');
                              }
                              );

                              Post as a guest















                              Required, but never shown





















































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown

































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown







                              Popular posts from this blog

                              Eastern Orthodox Church

                              Zagreb

                              Understanding the information contained in the Deep Space Network XML data?