[c-nsp] Best practice in configuring internet access services.

Alex A. Pavlenko lex at sandy.ru
Thu Oct 5 07:12:30 EDT 2006


----- Original Message ----- 
From: "Shakeel Ahmad" <shakeelahmad at gmail.com>
To: "Alex A. Pavlenko" <lex at sandy.ru>
Cc: <cisco-nsp at puck.nether.net>
Sent: Wednesday, October 04, 2006 10:43 PM
Subject: Re: [c-nsp] Best practice in configuring internet access services.


> First of all , WAO you gotta a big Ethernet Metro...Perhaps you should
> concider moving on to a higher chasis like 6500 series which can perform
> almos tall L3 operations with high availability. terminating VLANs on router
> *in this big network* will not be wise in my opinion as you have already
> faced the limitation of ACL's....
> 

Thanks,
but AFAIK 6500 does not support NAT.  NAT is nessesary feature to access the
internet for customer computer, there is no way to get 30000+ real IP addresses :(
To perform NAT on the border router with BGP is not a good idea i think. Where to NAT then?
Who support rather big metro networks, how did you solve such problems? 
Thanks

Alex.

> 
> Shakeel
> 
> 
> On 10/4/06, Alex A. Pavlenko <lex at sandy.ru> wrote:
>>
>> Colleagues!
>>
>> Is there a common approach or best practice in providing internet access
>> services on Cisco router?
>> This question is quite general so let me to concrete it with my current
>> network as an example.
>> So there are few thousands of home customers(max 8000) connected to
>> Ethernet rings on the access layer. On the distribution layer those rings
>> are
>> aggregated on 3560G switch at layer 2.
>> Router is connected to aggregation switch and performs layer 3 operations
>> such as intervlan routing access control, NAT, traffic-shaping or
>> rate-limiting, netflow export,
>> may be DHCP. All customers are devided to groups of 256 or less, each
>> group is one VLAN
>> trminated on a router Ethernet subinterface. This scheme has a lot of
>> issues. For example
>> there are IOS configuration lmitations. I mean if I'm going  to limit
>> bandwidth in per
>> customer basis i have to specify an ACL with customers IP address to put
>> it in a traffic-shape
>> or rate-limit statement, however only 700 numbered access-lists can be
>> configured on a router :(
>> May be there are common approaches to configure routers and switches for
>> similar network layout
>> and services? I know about PPPoE but i think it is more aplicable in DSL
>> access networks,
>> not in Ethernet.
>> Thanks for any ideas.
>>
>> --
>> Alex Pavlenko
>> System Administrator
>> Sandy Info
>>
>>
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>


More information about the cisco-nsp mailing list