[c-nsp] pricing vs performance

sthaug at nethelp.no sthaug at nethelp.no
Wed Dec 1 17:11:03 EST 2004


> What about the 6500/7600 platform?  We're in a similar boat.  We're using
> a mix of 7206s and 7500s for our core routers, and they generally deal
> with "normal" traffic well enough, but if someone points a DDoS at us,
> even the 7500s tend to roll over and play dead under sufficiently high
> values of kpps.  Having heard good things about them, and since our
> transit connections have all moved to FE, we're looking at possibly moving
> to 6500s with MSFC2s to handle the transit connections.

At my previous employer we had generally good experience using 6500
with Sup2/MSFC2/PFC2 as border routers. Lots of DoS attacks, even Gbps
sized ones, and the boxes survived. Note that this depends on good ACLs
and/or rate limiting to make sure that the DoS traffic doesn't hit any
of the IP addresses of the box itself.

Steinar Haug, Nethelp consulting, sthaug at nethelp.no


More information about the cisco-nsp mailing list