[c-nsp] Advise on 7609

Saku Ytti saku+cisco-nsp at ytti.fi
Fri Sep 1 07:02:59 EDT 2006 

On (2006-09-01 12:45 +0200), Jasper de Beer wrote:

I can't answer all your questions but some thoughts about your persieved
needs.

> We are considering migrating from our current network setup which uses 
> Juniper routers to a Cisco platform. We need to upgrade our network to 
> 10Gb/s, so we are considering a Cisco 7609, with one 6704-10GE and packed 
> several 6748-GE modules.

Personally I'd shop two 6704-10GE's, if we're talking moving 10G of 
traffic (I assume in and out:) do you really want to loose all that
if single LC dies. So I'd put 'hands' in different LC's.

> The box will be doing routing, as well as switching. We will need it to be 
> able to handle at least 300 peerings, and 4 full transits. Appart from BGP 
> we need firewalling: we have different lists of IPs that have certain 
> ports blocked from certain source addresses. The box should be able to 
> handle somewhere between 5Gb/s and 9Gb/s.

300 BGP-sessions seems rather much for 600MHz that MSFC3 is. 1GB DRAM
will do 4 full views though. So if it's single box that should do
300 BGP-sessions I'm not sure at all, if they are quite inactive, can
be done with regular eBGP timers, and not very many prefices, I'd 
guess it'll work. Depending you fast you need this, there might be something
with bit more software power coming up.
 Also you speak about firewalling, yet you describe packet filtering,
there is world of difference. If you can live with packet filtering,
you don't need FWSM/ACE and can do linerate performance in all situations.
Adding states in 10G device is risky business, and firewalling is
always stateful (if it's not stateful, it's packet filtering).

> No QOS, MPLS, or other services are needed. It just needs to push around 
> IP traffic on different BGP peers, reliably.
> Is it viable to have this done reliably on a 7609 with a 720-SUP-3BXL 
> engine?
> 
> Many thanks for your advices and insights,
> 
> Jasper
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

-- 
  ++ytti

More information about the cisco-nsp mailing list