I have some questions about ipsec implementation on SRX 550 and EX4300 switches.
1)Does SRX perform IPSEC in hardware ? Generally, On Cisco, it is implemented on route engine ( control plane) therefore CPU intensive, though now we can use dedicated card for ipsec on some platform.
2) On SRX 550, what is maximum throughput we can expect on SRX 550?
3) Can st0 interface particapte in PIM dense mode?
1) Can EX 4300 do IPSEC in hardware? does it support st0 interface?
2)Does it support st0 interface?
3) What is the maximum IPSEC throughput we can expect on EX 4300?
4) Can st0 interface particapte in PIM dense mode?
Thanks and have a nice day!!
1) HE SRXs does IPsec in hardware while Branch SRXs does it on routing-engine.
2) Asuming you are asking for VPN throughput, as per the following datasheet it is 1.0 Gbps. Expect less than that because you will achieve that number if you forward only large packets which is not the case on any real network.
3) The st0 interface does work with PIM Dense mode.
As for EX switches, they dont support IPsec VPNs.
I hope this answer your queries.