//> A L C A T R O N . N E T //> – Page 7 – networking-computers-music-health & everything else!

Cisco ASA 5506-X IPv6

Published August 31, 2016

On the 24th of August 2016 Cisco released version 9.6.2 of its ASA software. The new version brings in more IPv6 support for the platform.

The ASA now supports the following features for IPv6 addressing:

DHCPv6 Address client—The ASA obtains an IPv6 global address and optional default route from the DHCPv6 server.
DHCPv6 Prefix Delegation client—The ASA obtains delegated prefix(es) from a DHCPv6 server. The ASA can then use these prefixes to configure other ASA interface addresess so that StateLess Address Auto Configuration (SLAAC) clients can autoconfigure IPv6 addresses on the same network.
BGP router advertisement for delegated prefixes
DHCPv6 stateless server—The ASA provides other information such as the domain name to SLAAC clients when they send Information Request (IR) packets to the ASA. The ASA only accepts IR packets, and does not assign addresses to the clients.

If you have loaded the new software how did you go in getting IPv6 working in your environment ?

At the moment I am trialing the new software on my carrier, to see whether I can get the full IPv4 and IPv6 dual stack working on the ASA platform.

I recently got the new Cisco 5506-X and I thought to benchmark the WAN speed on it and see what it can actually push. I got 3 x 100mb WAN links and connected them in and assigned 3 outside interfaces and decided to run a 5GB speedtest file on each link terminating. I used the PBR (Policy Based Routing) on the device to and some access lists to forward traffic where I wanted it to go.
Here are some of the specs of the 5506-X using show version:

Hardware: ASA5506, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores)

Upon testing and maxing the speed at 300mbit across 3 interfaces, the CPU on the device reached to 67%. This is only with the firewall on, and no other features turned on such as the Firepower. Upon looking at the Cisco documentation they mention at minimum it will do is 750mbit for firewall performance. If 3 WAN links @300mbit already reach 67% CPU, if I did add another link it, the CPU will nearly be maxed out at 400mbits. In my opinion, I think the 750mbits will not be reached or very difficult to get to as the CPU on the device will be quite high and packets might start getting dropped. Anyone else done speedtesting on it? Let me know your thoughts!

Here is a screenshot of the WAN performance of the ASA 5506-X @ 300mbit.

7 Comments

NBN Fiber is Active

Published December 12, 2015

I finally managed to get NBN Fiber activated at my place. I have purchased a Cisco 5506-X to service the NBN Link to terminate 2 x 100/40mb services as this is the max available speed per carrier. I plan on using the Policy Based Routing function on the Cisco 5506-X to load balance the links a bit and setup traffic types and how it should flow. I will later document my config of the Cisco and the funky type PBR I have setup on it. The NBN box offers 2 voice ports and 4 ethernet ports. The 4 Ethernet Ports can provide up to 4 ISPs to service the traffic to your premise. Since I have dual links at present techincally I have a 200/80 link load balanced on the ASA which is quite nice 🙂

Here are some of the photos of my setup and how its functioning, in a later post I will go through the 5506-X configuration.