[c-nsp] Router/switch suggestions James

Olav Langeland Olav.Langeland at activeisp.com
Thu Aug 26 13:11:16 EDT 2004 

> -----Original Message-----
> From: James [mailto:haesu at towardex.com] 
> Sent: 26. august 2004 00:08
> To: Olav Langeland
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Router/switch suggestions
> 
> On Wed, Aug 25, 2004 at 12:31:51PM +0200, Olav Langeland wrote:
> > Hi,
> > 
> > I am putting together a proposal for border routers and 
> core switches at
> > a new hosting facility.
> > 
> > The routers should be able to handle STM-1 (and up), 
> gigabit ethernet,
> > BGP, Netflow, CEF. Nothing exotic , so a stable workhorse 
> is good. I was
> > looking at 7206, but NSE-1? NPE-400? What is the major differences
> > between these two?
> 
> NPE-400... let see.. that thing tips over with OC3 full of 
> small-packet DDoS. :(
> 
> NSE-1 AFAIK (correct me please if I am wrong here..) is 
> NPE300 with PXF
> acceleration. I've heard mediocre to bad stories about PXF 
> mostly in software
> bugs.
> 
> If I were you... NPE-G1 finally makes a 7200 extremely useful 
> again.. ;)
> 
> Juniper M5 or M7i can also be a viable alternative as well. 

I have received some emails also suggesting "other vendors", read:
Juniper. Interesting to see converts on a Cisco mailinglist :) My boss
wants us to go with Cisco as much as possible, so that puts Juniper off
the list now.
But I see that NPE-400 is the option for saving money and living
dangerously, but NPE-G1 is the "proper" choice. 
 
> > 
> > Core switches, maybe 6503 or 6506? They would basically 
> push out fiber
> > to Catalyst 3500/3550 switches, do VLANs and ACL on VLANS. Peeked at
> > cisco.com and if I understand it correctly, sup720 is a big brother
> > version of the sup2? With a sup2 I would also need a MSFC2 module?
> 
> Depends on what you are trying to accomplish. Are you looking 
> for Layer3
> core routing using these switches? If so 6500 is the way to 
> go. Yes you
> definately need MSFC2 for routing heavy traffic with full routes.
> If you are looking for just layer2 and vlan capabilities, and 
> be able to just
> dot1q-trunk them up to the routers, then msfc2 isn't really 
> necessary; you 
> should be able to just do it fine with 3550, 3750's even.. 
> But since you 
> mentioned "ACL" I assume you are looking for layer3 routing.

Sorry about being unclear but I want Layer3 capability. I have followed
the thread about replacing a 7513 with a 6509, which is similar on what
I'm looking at. I have always been sceptical about mixing, so
router/firewall/switch as separate boxes was my starting point. Perhaps
a 6500 with Sup720 and lots of memory can do all in one (replacement for
7200 router with bgp/netflow/cef, and doing the 6500 work with layer3,
vlans, trunking)? Would using these Firewall Blades in the 6500 be an
idea for substituting the Pix firewall be an idea (alternative is Pix
535). VPN is not part of this, standalone Pixes will be used. 


/olav langeland

More information about the cisco-nsp mailing list