[c-nsp] advice for L2 switches

[Kevin Blackham]

We're promoting a one day event that requires around 500 FE access ports.  I
need to filter at layer 4 (block DHCP serving) and perform some QoS duties
to ensure a good experience.  40x 2950T-24 will do the job, but even on the
grey market I'm looking at a $20k project (including larger agg switch).  On
the lower end, I might be able to use 2924XL with protected port/port
blocking (effectively isolated private-vlan), as long as I can perform a
U-turn after filtering (sorta breaks split-horizon doesn't it, perhaps local
proxy-arp at L3) and instead have more intelligence at the aggregator.  I
would lose out on DHCP snooping and full control over QoS by this plan
though.  I'm willing to give up QoS at the access port, and apply to the agg
switch, but I really need option-82 so I know exactly who has what IP when
the time comes to kick someone in the head.

Recommendations?  The only hard requirements are low cost (grey market ok),
SNMP stats, option-82, and 24-25 100M ports.  Preferred are L4 QoS marking,
two egress queues per port, L4 filtering.  No L3 forwarding is needed.