[nsp] hardware

Stephen J. Wilcox steve at telecomplete.co.uk
Sat Jul 3 18:21:17 EDT 2004 

Hi Shaun,
 what you have described will work just fine for your purpose..

You dont need the 2950s tho if you dont need to connect more customers than you 
have ports on the 3550 (depends on which you get - up to 48 FE)

You're not going to be handle anything other than small DoS attacks, 
unfortunately thats true unless you spend some more money on bigger boxes. Altho 
unless you have access to large amounts of capacity you will likely see your 
upstream bandwidth as the limiting factor when under attack anyway. ie if you're 
buying bandwidth via a 100Mb port, if this port is filled by an attack then its 
going to stop your services whether or not the router holds up.

Steve

On Sat, 3 Jul 2004, Shaun R wrote:

> Currently I have a few /24 subnets but I want to start breaking those off into
> smaller subnets so that each one of my customers can have there own
> subnet/vlan.  I've been searching around, and talking on some of the IRC
> channels and I've been told that I should purchase a 3550 as the 'core' and a
> few 2950G-48's for my 'edge'.
> 
> I need to be able to rate-limit both in and out at the edge to keep
> collocation customers from going over there limit.
> 
> Also, would I just trunk the port that links the 2950 to the 3550 and then
> just create that customers subnet as a sub interface on the 3550 and then
> setup a vlan on the 2950 from the uplink port to the customers port?
> 
> I'm trying to find out the best way possible to do this and give me the
> ability to easily grow.  I don't want to be redesigning this anytime soon.
> 
> I was talking to the head network guy at the datacenter and he didn't have
> much experience with the lower model switches but told me that I should ask
> and find out how well they will hold up to DOS attacks.  He said he used the
> 2948-L3 and it was a terrible switch.
> 
> Thanks in advance
> 
> ~Shaun R.
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list