[c-nsp] Cisco gear for hosting provider
Adrian Chadd
adrian at creative.net.au
Sun Nov 19 20:05:41 EST 2006
On Mon, Nov 20, 2006, Alex Campbell wrote:
> 3750G EMI
> + great price/performance ratio, 24xGE interfaces builtin
> + no need for separate switches (uplink servers to both devices with
> active/passive teaming)
> + very fast hardware L3 forwarding
> + lot of room for growth in traffic
> + great for diffusing DDoS attacks
> - limited QoS capabilities
> - can't take anywhere near full internet tables (limited to something like
> 11,000 unicast routes)
I hate to suggest even the remotest of ghetto solutions but I'm using
a 3550-EMI (soon to be a pair of 3550's) as a border router/switch in
precisely the same setup as your suggesting.
It takes BGP from the local NAP (around 4600 routes) and a handful of OSPF
routes for ADSL customers. Its got half a dozen SVIs and a handful of ACL
entries per interface. I've done testing at home simulating traffic flows
to/from a few ten-thousand source/destination addresses and it seems to work
just fine right up to and long past a couple hundred megabits/sec - perfect for
this particular environment.
Don't let it run out of TCAM memory though or things go a tad weird. :)
Downsides of the 3550/3750/3560 platforms from what I've seen: their feature
set can be a tad weird. 3550 at least doesn't do netflow and I'm not sure
whether 3560/3750 does (maybe the "metro" version does, I'm not sure.)
TCAM limits ACL and routing complexity somewhat. As you've noted the QoS
support is a bit "different" - but this does apply across the board. Check and
double-check the feature support before you buy them or you might find
certain "router" features just don't work.
I'm happy with the 3550 and 3550 paired in HSRP-standby. (It even did WCCPv2
interception and routing at just under a gigabit; but thats a different story
altogether.)
Adrian
More information about the cisco-nsp
mailing list