[c-nsp] 2948G replacement?
Church, Chuck
cchurch at netcogov.com
Mon Aug 30 23:07:44 EDT 2004
I've had good luck with the 2948G switches as well. They're based on
the Cat4000, and seem pretty solid. We used them for server
aggregation, with gig channel back to the core a couple years ago;
worked flawlessly. I imagine a DDOS could overload an ethernet link to
the point of frames being dropped. But I'd hope that the switch would
drop user traffic before it dropped any of it own stuff, such as BPDUs,
CDP, PagP, etc. Anyone know for sure if this is how it queues, or if
it's configurable for that?
Chuck Church
Lead Design Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services - Design & Implementation
1210 N. Parker Rd.
Greenville, SC 29609
Home office: 864-335-9473
Cell: 703-819-3495
cchurch at netcogov.com <-note new address!
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Gert Doering
Sent: Monday, August 30, 2004 6:07 PM
To: matthew zeier
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] 2948G replacement?
Hi,
On Mon, Aug 30, 2004 at 01:37:21PM -0700, matthew zeier wrote:
> I have a handful of 2948Gs that cause me no end of grief, mostly
because
> they can't handle inbound DDoS or, in odd cases, because STP fails and
a
> trunk that should be blocking starts fowarding and takes the switch
down
> with it.
Is that a 2948G or a 2948G-L3?
If it's a 2948G, why is it affecte by DDoS? The management VLAN should
not be reachable by the outside world, so DDoSes should not be able to
affect the 2948G at all.
Our experience with the 2948G was very good (standard rock solid CatOS
switch, albeit lacking IGMP snooping), while the 2948G-L3 is just pure
and
solid crap.
These days, we use 2950Gs for smaller L2-only LANs and are quite happy
with them.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany
gert at greenie.muc.de
fax: +49-89-35655025
gert at net.informatik.tu-muenchen.de
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
----------------------------------------------------------------------------
NOTE: As of 8/1/2004 my email address has changed to cchurch at netcogov.com
----------------------------------------------------------------------------
More information about the cisco-nsp
mailing list