Avi Vantage on Cisco CSP 2100 - Sizing Guidelines

This document provides Cisco CSP 2100 sizing guidelines for deploying Avi Vantage.

Overview

Cisco CSP 2100 is a Network Function Virtualization (NFV) platform based on Intel x86 and the KVM hypervisor. Both the Avi Controller and the Avi Service Engines can be deployed on Cisco CSP 2100.

Cisco CSP 2100 is generally available as a 2-socket server, with configurable options for CPU, memory, disk, and network interface cards. This article provides sizing guidelines for common deployment scenarios.

One of a CSP 2100’s n vCPUs is reserved for CSP software. The rest (n-1) are available for deploying Avi Vantage.

Deploying Avi Service Engines on Cisco CSP 2100

Avi Service Engines (SEs) are deployed as virtual machines (VMs) on Cisco CSP 2100. The SEs can be as small as a 1-vCPU VM. The performance of Avi SEs is dependent on the number of vCPUs per SE VM (for throughput and SSL TPS) and memory (for concurrent connections). For optimal performance, SE VMs must be deployed on Cisco CSP 2100 with Single-root Input/Output Virtualization (SRIOV) enabled.

Avi Vantage Performance on Cisco CSP 2100

The following table outlines Avi SE performance on Cisco CSP 2100, with Intel v3 CPU@2.4 GHz, hyper-threading disabled, and a 10-Gbps NIC with SRIOV enabled.

L4 Performance
L7 Performance
SE VM Size CPS Throughput RPS Throughput
2-vCPU, 4 GB 35,000 7 Gbps 75,000 5 Gbps
L7 SSL Performance
SE VM Size Throughput TPS (ECC) TPS (RSA 2K)
2-vCPU, 4 GB 2.4 Gbps 4,000 1,600

Table 1: Avi SE Performance

Notes:

  1. In general, the SSL/TLS performance (both throughput and TPS) scales linearly with number of vCPUs. For example, 4-vCPU SE would be 2x the performance listed in table 1.
  2. SSL/TLS performance on Intel v4 CPU is 20%-30% higher than SSL/TLS performance Intel v3 CPU (at the same CPU clock speed).

Deploying Avi Controller on Cisco CSP 2100

In addition to Avi SEs, the Avi Controller can also be deployed (as a VM) on Cisco CSP 2100. The Avi Controller VM sizing is based on the system scale as outlined in the Avi Controller Sizing article.

Depending on the network design, the Avi Controller cluster can be deployed on dedicated Cisco CSP 2100s, or can share Cisco CSP 2100s with Avi SEs.

The following are recommended Cisco CSP 2100 specifications for various deployment scenarios, and applies to either CSP 2100 X1 or X2 models:

Cisco CSP 2100 Sizing Recommendations
Scale Max Avi SE Performance+ CSP 2100 CPU Memory Storage NICs
Low 19 Gbps SSL
40k SSL TPS
2.40 GHz E5-2640
10 cores / socket
(Total 20 cores)
128 GB 4x 480 GB SSD 2x dual-port 10G NICs
(total 4x 10G ports)
Medium 27 Gbps SSL
60K SSL TPS
2.60 GHz E5-2690
14 cores / socket
(total 28 cores)
128 GB 4x 480 GB SSD 2x dual-port 10G NICs
(total 4x 10G ports)
High* 40 Gbps SSL
100k SSL TPS
2.20 GHz E5-2699
22 cores / socket
(total 44 cores)
256 GB 8x 480 GB SSD 4x dual-port 10G NICs
(total 8x 10G ports)

Table 2: Cisco CSP 2100 Sizing Recommendations

+Max Avi SE performance assumes all available vCPUs on the CSP 2100 are used for Avi SEs. If the Avi Controller is deployed on the same CSP 2100, the maximum SE performance depends on the total number of vCPUs available for Avi SEs.
*This configuration is recommended when Cisco CSP 2100 is used to deploy multiple NFV solutions (e.g., Avi Vantage, virtual ASA, etc.).