[c-nsp] advice for L2 switches
Sridhar Ayengar
ploopster at gmail.com
Sat Jun 23 01:15:04 EDT 2007
Kevin Blackham wrote:
> We're promoting a one day event that requires around 500 FE access ports. I
> need to filter at layer 4 (block DHCP serving) and perform some QoS duties
> to ensure a good experience. 40x 2950T-24 will do the job, but even on the
> grey market I'm looking at a $20k project (including larger agg switch). On
> the lower end, I might be able to use 2924XL with protected port/port
> blocking (effectively isolated private-vlan), as long as I can perform a
> U-turn after filtering (sorta breaks split-horizon doesn't it, perhaps local
> proxy-arp at L3) and instead have more intelligence at the aggregator. I
> would lose out on DHCP snooping and full control over QoS by this plan
> though. I'm willing to give up QoS at the access port, and apply to the agg
> switch, but I really need option-82 so I know exactly who has what IP when
> the time comes to kick someone in the head.
>
> Recommendations? The only hard requirements are low cost (grey market ok),
> SNMP stats, option-82, and 24-25 100M ports. Preferred are L4 QoS marking,
> two egress queues per port, L4 filtering. No L3 forwarding is needed.
A pair of Cisco 5513s should get you to the number of ports and do it on
the cheap on the used market. They do have Layer 4 filtering features,
but what I don't know is whether you need the Route Switch Module + IOS
to use them.
Peace... Sridhar
More information about the cisco-nsp
mailing list