Business Ready Branch Solutions for Enterprise and Small Office--Reference Design Guide
Choosing a Branch Office Platform
Downloads: This chapterpdf (PDF - 228.0KB) The complete bookPDF (PDF - 1.58MB) | Feedback

Choosing a Branch Office Platform

Table Of Contents

Choosing a Branch Office Platform


Choosing a Branch Office Platform


This chapter provides the network designer the information needed to successfully choose a routing platform to support a Business Ready office network.

Extensive Cisco testing has resulted in the collection of vital performance information that the network designer can use to determine an appropriate multiservice platform for an office network. Various office profiles that serve a specific number of users, voice lines, and feature combinations were tested and can be used as baselines for customer office networks.

The following exercise guides you through an example branch office design and shows how these performance results can be used to choose an appropriate platform.

Some of the fundamental questions that need to be answered when choosing a platform for a customer network are as follows:

What services will the office router be performing? (Cisco IOS Firewall, intrusion detection, WAN connection, voice gateway, SRST, Local Call Processing, voice mail, and so on.)

Does the routing platform have sufficient slot and performance capacity?

What "future-proofing" factors need to be considered, such as growth potential, including physical slot and packet processing capacity, new applications on the horizon, and so on?

Choosing the router platform requires the following basic steps:

Determining the number of slots required to house the appropriate network modules.

Ensuring that the platform can handle the processing required for that particular size office.

Figure 3-1 shows a diagram of the example branch office network.

Figure 3-1 Example Branch Office Network

Consider a branch office that has 46 users. The requirements at this location are as follows:

Dual IPSec VPN tunnels over the Internet are the connection back to the HQ site.

Enhanced Interior Gateway Routing Protocol (EIGRP) is used to provide routing between the HQ and branch offices.

Internet is accessed locally at the branch office, therefore mandating Cisco IOS Firewall and Port Address Translation (PAT).

Intrusion detection is implemented at all office perimeters.

Cisco CallManager provides the call control from the HQ site.

SRST provides backup call processing in case CallManager is inaccessible.

A 3:1 ratio of voice lines to IP phones is used to determine the number of voice lines required during the busiest hour to the PSTN and for toll-bypass.

Half of the voice lines are used for toll-bypass and half of the voice lines access the PSTN locally.

The first step is to choose the set of platforms that can be used for the office network and that have the appropriate slot capacity to handle the required interfaces:

(2) T1s to the Internet (VWIC-2MFT-T1)

(1) T1 to the PSTN (AIM-Voice 30, VWIC-1MFT-T1)

(1) Hardware-based VPN for voice over VPN (AIM-VPN/EP)

(1) Fast Ethernet to the LAN (built-in)

(1) Hardware IDS module (NM-CIDS)

Figure 3-2 shows the platform options.

Figure 3-2 Router Slot Chart

The platforms shown in green can accommodate the required number of network modules, Advanced Integration Modules (AIMs), and interfaces required for this office network.

Next, the performance must be validated as sufficient to handle the expected traffic in this office. Assuming the customer is cost sensitive and future growth in the platform is not important, you determine whether the performance is adequate in the 2800s as follows:

Two T1s are required for Internet and VPN

Two T1s amount to 1.536 Mbps * 4 = 6.144 Mbps full duplex or approximately 6 BW points.


Note This assumes that you have the T1 links fully utilized in both directions. This is probably not typically the case but is considered worst case for this design exercise.


This office network requires two T1s to the Internet, so you can calculate the approximate amount of bandwidth required from the platform. For simplification, the platform performance is defined by an allocation of bandwidth (BW) points. This is similar in concept to populating the 7200 with port adapters based on bandwidth points or the sizing of CallManager based on the number of devices and the associated device weights of the selected devices. BW points used for selecting a routing platform in this document are based on one BW point for every 1 Mbps of actual bandwidth that traverses the router. For example, the formula above shows that 6.144 Mbps or 6 BW points are required if both Internet T1s are loaded to capacity.

The performance tables shown in Table 3-1 and Table 3-2 show the BW points allotted to each platform with a specific combination of features enabled. The tables are divided into two general applications of traffic: data only, and voice and data.

Table 3-1 Bandwidth Points per Routing Platform (1)

 
3745
3725
2691
2651XM
1760
Feature Combinations (Data Only)
BW Points
BW Points
BW Points
BW Points
BW Points

IDS-SW

119

64

43

13

17

IDS-HW

96

62

42

15

N/A

FW/PAT

80

53

38

9

7

FW/PAT/IDS-SW

72

53

42

8

6

FW/PAT/IDS-HW

58

32

23

6

N/A

FW/PAT/IPSec

41

30

27

7

4

FW/PAT/IPSec/IDS-SW

40

28

21

6

3

FW/PAT/IPSec/IDS-HW

36

19

13

3

N/A

 
3745
3725
2691
2651XM
1760
Feature Combinations (Data and Voice)
BW Points
BW Points
BW Points
BW Points
BW Points

SRST/QoS (32K)

65

48

39

11

12

SRST/QoS/FW/PAT

49

20

18

5

5

SRST/QoS/FW/PAT/
IDS-SW

42

19

17

4

4

SRST/QoS/FW/PAT/
IDS-HW

30

16

12

2

N/A

SRST/QoS/FW/PAT/
IPSec

20

13

9

2

2

SRST/QoS/FW/PAT/
IPSec/IDS-SW

19

12

9

2

2

SRST/QoS/FW/PAT/
IPSec/IDS-HW

19

10

7

2

N/A


Table 3-2 Bandwidth Points per Routing Platform (2) 

 
3845
3825
2851
2821
2811
2801
Feature Combinations (Data Only)
BW Points
BW Points
BW Points
BW Points
BW Points
BW Points

IDS-SW

178

112

94

81

31

25

IDS-HW

148

119

104

81

52

NA

FW/PAT

145

126

98

81

26

34

FW/PAT/IDS-SW

94

92

68

55

16

20

FW/PAT/IDS-HW

88

82

63

50

17

NA

FW/PAT/IPSec

53

42

30

24

7

6

FW/PAT/IPSec/IDS-SW

43

35

27

20

6

6

FW/PAT/IPSec/IDS-HW

43

35

26

19

6

N/A

 
3845
3825
2851
2821
2811
2801
Feature Combinations (Data and Voice)
BW Points
BW Points
BW Points
BW Points
BW Points
BW Points

SRST/QoS (32K)

145

104

85

46

29

26

SRST/QoS/FW/PAT

70

50

47

21

12

13

SRST/QoS/FW/PAT/
IDS-SW

39

28

28

25

6

6

SRST/QoS/FW/PAT/
IDS-HW

40

30

29

25

6

N/A

SRST/QoS/FW/PAT/
IPSec

23

24

16

12

3

3

SRST/QoS/FW/PAT/
IPSec/IDS-HW

23

23

21

10

2

N/A


Now that you have validated that the 2821 can support traffic that goes between the LAN and WAN, what capacity is left for LAN-to-LAN traffic? In other words, does the access router have enough capacity to do the Layer 3 routing between LAN subnets, or will a Layer 3 switch have to be deployed?

Determining the amount of capacity left for LAN-to-LAN traffic can be calculated by taking the BW points left over after subtracting out the BW points required for the WAN. Figure 3-3 works through this calculation for determining the LAN-to-LAN bandwidth capacity.

Figure 3-3 Determining the Switching Capacity for LAN-to-LAN Traffic

Subtracting the WAN BW points from the total BW points allocated to the 2821 equals the approximate amount of remaining bandwidth that can be switched by the router; in this case, it is approximately 4 Mbps. This customer expects to have a very small amount of LAN-to-LAN traffic because all corporate resources are located at the HQ site, so the 2821 is a sufficient router platform for this size office.


Note If a Layer 3 switch is required, some features such as IDS that are implemented in the router are not available and standalone appliances may be required.