[c-nsp] Cisco core router (for smaller sized colocation provider) recomendations please

[Peter Salanki]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

I'm impressed that you are actually using a npe-150 in a "core" :)

My quick comments are:

1. I don't see the npe-300 as a good investment for the future. It  
won't scale with two full bgp feeds, nor will it handle (D)DoSes.
2. You haven't added a GRP in the GSR package, the 12008 with GRP-B  
would probably fit your needs for a long time.
3. This is my favorite choice, you have written "WS-X6K-S1A-MSFC2  
Catalyst 6500 Supervisor Engine-2, 2GE". So, are you thinking of  
Supervisor 2 or Supervisor 1A? The MSFC2 is very capable of handeling  
a lot of BGP, we have 6509s with MSFC2s having 100 bgp peers (with 3  
different full-table-upstreams). If you are afraid of the redundancy,  
buy an extra supervisor and enjoy NSF :) Chassis don't break that often.

/Peter Salanki
Bahnhof AB (AS8473)
Stockholm, Sweden

24 jan 2006 kl. 00.11 skrev josh harrington:

> Hello, hope this isn't too far offtopic here but being a troller  
> for a long
> time here I've realized there is a great knowledge base so I wanted  
> to at
> least see if i could get some tips.  I help run a small colocation  
> company
> in California and I am in the middle of recommending a new 'core  
> router'
> platform for our network.  We offer mainly colo and dedicated  
> servers, and
> several of our clients use our space for VOIP services so quality  
> even under
> high peak usage is a must.  We are not huge, but as we have had  
> near 200%
> growth in the past 12 months and need to expand our network asap to  
> keep up.
> Simply put, I'd love to hear feedback and/or suggestions from any  
> of you
> guys who have gone through this already.
>
> Our network map is real simple:
>
> [Carrier 7609] --> 100 mbit --> Our cisco 7206 --> 100 mbit --> racks
>
> [the racks on our end are a series of switches, mainly 2948gl3's]
>
> We push about 60 mbit to/from our (1) carrier at peak right now,  
> and the
> router keeps up fine [its a cisco 7206 npe 150 btw, very low end on  
> the 7206
> line], and at peak we have under 50,000 packets per second, and our  
> 7206
> has little/no features enabled [just static routes and passing all  
> traffic
> between 2 Ethernet 100 mbit interfaces].
>
> To date we have had 2 problems, both were DOS attacks launched FROM  
> one of
> our customer's servers flooding a full 100 mbit wire with more  
> packets per
> second than the router could handle (the 2948gl3's spiked to about  
> 50% cpu
> load during the attack but the 7200 literally just died for 3  
> minutes as the
> interface(s) all rebooted].  So our main goal to grow is something  
> that can
> handle a lot more in this arena against a DOS, and handle our  
> future growth.
>
> In then next 12 months we plan to add a 2nd carrier, at t3,  
> 100mbit, or
> possibly oc3 speed, and possibly upgrade our main carrier to a GigE
> connection.  Probably maxing combined in the 300 mbit range, more  
> likely
> closer to half that in 12 months.
>
> ==== Problems/Requirements ====
> - Budget is in the $5k to $20k range ($20k if its going to outlast  
> me even
> past my 12 month projections)
> - must not 'collapse' under simple packet flow DOS attack
> - must handle BGP4 from 2 carriers with full route tables
> - We plan to buy used, prices below are based on USED, 30 day  
> warranty ebay
> postings
>
> ===== Choices/Options that we have looked at: ====
> Option #1: Cisco VXR 7206 [$4k to $12k]
> Option #2: Cisco 12008 [$7k to $14k]
> Option #3: Cisco 6509 [$10k to $15k]
>
> Here are the 3 main options, broken down a bit more in depth. [I  
> have not
> ruled out juniper all together, but not enough experience with them  
> and
> lots of experience with cisco, makes cisco our better option i think,
> especially since its easier to find used cisco gear than it is to  
> find used
> juniper gear at a decent price].
>
> [option #1 - Cisco 7206 VXR]
> --------------------------------
> Estimated: $4,000 [$6,000 with 400 mhz, $12,000 with the 1 ghz cpu  
> upgrade]
> 1 Cisco 7206 VXR NPE 300 mhz w/max ram
> 2 AC Power
> 2 Fast Ethernet Adapters (1 included on the NPE)
>
> + lots of experience on this unit
> + lots of spare cards (most compatible)
> + can keep old 7200 as a hot standby, minimizing long term downtime
> - END OF LIFE/sale/support on most of the 7200 product line over 5  
> years
> ago! The VXR model is darn close to end of life i suspect
> - minimal horse power here for the money, prone to death by packet  
> attack
>
> [option #2 - Cisco GSR (12008)]
> --------------------------------
> Estimated: $7,000 to $14,000 [varies if I start with GigE or just  
> 100mbit]
> 1 Cisco12008 GSR 40Gbps
> 1 Clock Scheduler Card (GSR8)
> 3 Switch Fabric Card (GSR8)
> 2 AC Power
> 1 4 port OC-3c/STM-1 Single Mode
> 1 GE card or a 4 port x 100 mbit
>
> + much higher total bandwidth/packet processing power compared to  
> 7200, for
> similar money
> - product is long since obsolete and outclassed by the 760x cisco  
> router, as
> well as just about any juniper router in the m20+ tier.
> - I'd bet if i buy this, cisco will classify it end of life within  
> 3 months
> :)
> - over priced 'blade cards' to add any other functions/circuits  
> (high costs)
>
> [option #3 - Cisco 6509 switch'router' w/MSFC2]
> ------------------------------------------------------------
> Estimated: $10,000 - $15,000 (and up depending on config)
> 1 WS-C6509 Cisco Catalyst 6500 9-Slot Chassis
> 1 WS-C6K-9SLOT-FAN Catalyst 6000 Fan Tray for 9-Slot Systems
> 1 WS-C6X09-RACK Catalyst 6x09 Rack Mount Kit
> 2 WS-CAC-1300W 1300W AC Power Supply
> 1 CAB-7513AC AC Power Cord
> 1 WS-X6K-S1A-MSFC2 Catalyst 6500 Supervisor Engine-2, 2GE, plus  
> MSFC-2 / PFC
> (WS-X6K-S1A-2GE + MSFC-2 & PFC)
> 1 MEM-C6K-FLC24M  24MB Flash Card
> 1 WS-X6408A-GBIC Catalyst 6500 8-Port Gigabit Ethernet Module (Req.  
> GBICs)
> 1 WS-X6348-RJ-45 Catalyst 6500 48-Port 10/100 RJ-45 Module
>
>
> + could consolidate router/switch into 1 [i.e. replace my 48 port  
> switches
> in each rack]
> + still a major product with sales/support, no end of life 'soon',  
> this is
> still a primary flag ship product
> - 'not a router' as some would say [though this one is as good as  
> it gets
> for a switch with router ability built in, so i read at least]
> - bgp4 support appears limited in previous versions, but the MSFC2  
> processor
> supposedly can handle (2) bgp4 sessions properly [makes me nervous]
> - no support for anything but 100mbit, or gigE links, wont work  
> with t3, or
> oc3 lines [since i don't know what ill buy from my next carrier  
> this is a
> draw back since i may very well get a circuit this switch/router  
> can't use]
> - 'all eggs in 1 basket' theory, if it breaks you loose all your ether
> switches! [at least with separate routers/switches i can swap in an  
> old 7206
> router spare and get back online fast in a worst case scenario.
>
>
> -- OK so if you read this far, you probably wonder why the heck am  
> i asking
> you guys and not calling cisco and juniper, and others?  Well I  
> have, and I
> have, they all gave me their input- but I'd love to hear from some  
> real
> people in the field rather than sales engineers and bloated brochures
> claiming much more capacity than true world usage will produce etc.
>
>                           - Josh Harington  jharington68 at hotmail.com
>
> _________________________________________________________________
> On the road to retirement? Check out MSN Life Events for advice on  
> how to
> get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)

iD8DBQFD1WowiQKhdiFGiogRAkv0AKCc0lsPzGE6sZN2nAzubsNR25UvGgCgm0zD
jVbDjdUvYR79Ph5yKWI42Kw=
=eWId
-----END PGP SIGNATURE-----