Avi Vantage on Cisco CSP 2100 - Sizing Guidelines

This document provides Cisco CSP 2100 sizing guidelines for deploying Avi Vantage.

Overview

Cisco CSP 2100 is an NFV platform based on Intel x86 and the KVM hypervisor. Both the Avi Controller and Avi Service Engines can be deployed on Cisco CSP 2100.

Cisco CSP 2100 is generally available as a 2-socket server, with configurable options for CPU, memory, disk, and network interface cards. The following sections provide sizing guidelines for common deployment scenarios.

One of a CSP 2100’s n vCPUs is reserved for CSP software. The rest (n-1) are available for deploying Avi Vantage.

Deploying Avi Service Engines on Cisco CSP 2100

Avi Service Engines (SEs) are deployed as virtual machines (VMs) on Cisco CSP 2100. The SEs can be as small as a 1-vCPU VM. The performance of Avi SEs is dependent on the number of vCPUs per SE VM (for throughput and SSL TPS) and memory (for concurrent connections). For optimal performance, SE VMs must be deployed on Cisco CSP 2100 with SRIOV enabled.

Avi Vantage Performance on Cisco CSP 2100

The following table outlines Avi SE performance on Cisco CSP 2100, with Intel v3 CPU@2.4 GHz, hyper-threading disabled, and a 10-Gbps NIC with SRIOV enabled.

L4 Performance
L7 Performance
SE VM Size CPS Throughput RPS Throughput
2-vCPU, 4 GB 35,000 7 Gbps 75,000 5 Gbps
L7 SSL Performance
SE VM Size Throughput TPS (ECC) TPS (RSA 2K)
2-vCPU, 4 GB 2.4 Gbps 4,000 1,600

Table 1: Avi SE Performance

Notes:

  1. In general, the SSL/TLS performance (both throughput and TPS) scales linearly with number of vCPUs. For example, 4-vCPU SE would be 2x the performance listed in table 1.
  2. SSL/TLS performance on Intel v4 CPU is 20%-30% higher than SSL/TLS performance Intel v3 CPU (at the same CPU clock speed).

Deploying Avi Controller on Cisco CSP 2100

In addition to Avi SEs, Avi Controller can also be deployed (as a VM) on Cisco CSP 2100. Avi Controller VM sizing is based on the system scale as outlined in the Avi Controller Sizing article.

Depending on the network design, the Avi Controller cluster can be deployed on dedicated Cisco CSP 2100s, or can share Cisco CSP 2100s with Avi SEs.

The following are recommended Cisco CSP 2100 specifications for various deployment scenarios, and applies to either CSP 2100 X1 or X2 models:

Cisco CSP 2100 Sizing Recommendations
Scale Max Avi SE Performance+ CSP 2100 CPU Memory Storage NICs
Low 19 Gbps SSL
40k SSL TPS
2.40 GHz E5-2640
10 cores / socket
(Total 20 cores)
128 GB 4x 480 GB SSD 2x dual-port 10G NICs
(total 4x 10G ports)
Medium 27 Gbps SSL
60K SSL TPS
2.60 GHz E5-2690
14 cores / socket
(total 28 cores)
128 GB 4x 480 GB SSD 2x dual-port 10G NICs
(total 4x 10G ports)
High* 40 Gbps SSL
100k SSL TPS
2.20 GHz E5-2699
22 cores / socket
(total 44 cores)
256 GB 8x 480 GB SSD 4x dual-port 10G NICs
(total 8x 10G ports)

Table 2: Cisco CSP 2100 Sizing Recommendations

+Max Avi SE performance assumes all available vCPUs on the CSP 2100 are used for Avi SEs. If the Avi Controller is deployed on the same CSP 2100, the maximum SE performance depends on the total number of vCPUs available for Avi SEs.
*This configuration is recommended when Cisco CSP 2100 is used to deploy multiple NFV solutions (e.g., Avi Vantage, virtual ASA, etc.).

Logical Interfaces that can be Created on an SE

Logical Interface
Limit
Maximum number of vNICs attached to Avi Vantage's SE VNF 23 (out of which vNIC0 would be used for Avi SE management)
Maximum number of vLANs on Avi SE 200
Maximum number of vLANs per SRIOV passthrough interface 64