highest ACL throughput

What's your experience on highest ACL throughput on a Cisco device?
Let's say you had multiple islands of 4500's with 10-gig uplinks.
There are numerous VLANs, and you need to have a central device for
these VLANs' default gateway where you can control access between
VLANs with highest possible throughput. There are two options I can
think of:

1. Connect all 4500's to two 6500-SUP720. Configure ACL's on L3 SVIs
on 6500. 6500 has all 6700+DFC3 cards installed. I believe I should be
getting around 15Gbps max throughput, but I did not confirmed this
yet. I got this number from a Cisco routing performance PDF that shows
7600-MSFC3 (Sup720) having 15360 Mbps throughput when no classic cards
are installed.

2. Connect all 4500's to a wire-speed 4900M aggregation, and then
connect 4900M with a 802.1q trunk to ASA5580-40. This way I should get
throughput close to 10Gbps.

3. Connect all 4500's to a wire-speed 4900M and configure L3 SVI's and
ACLs on the 4900M. I'm not sure what ACL performance numbers a 4900M
has.

Any other ideas?

Mike

Blogs and organic groups at http://www.ccie.net
Received on Thu May 21 2009 - 08:58:08 ART