[c-nsp] IPv6 on C3550, finally? (12.2(44)SE)

neal rauhauser nrauhauser at gmail.com
Fri Feb 1 13:02:31 EST 2008 

   Actually you might be pleasantly surprised with an IPv6 attack on a 3550
- I suspect the IPv4 traffic would just keep on truckin', less any routing
updates that might arrive during the event. I had a customer with about 14k
public IP addresses passing through a 3550. The machine was crazy stressed
and the management engine was crashing several times a day - management
would report it down for the duration of a reboot, but traffic  otherwise
kept moving. The processor seems to instruct the ASICs to forward as needed,
then it sits quietly ...

On Feb 1, 2008 3:07 AM, Richard A Steenbergen <ras at e-gerbil.net> wrote:

> On Fri, Feb 01, 2008 at 08:00:41AM +0000, Simon Lockhart wrote:
> > On Fri Feb 01, 2008 at 08:56:59AM +0100, sthaug at nethelp.no wrote:
> > > And what's the point, anyway? As far as I know the 3550 *hardware*
> > > can't do IPv6 routing. As long as you're talking about *software*
> > > IPv6 routing, a suitable 2800 router would probably give you better
> > > performance...
> >
> > The point is that I've got a whole load of 3550's providing
> customer-edge
> > for colo'd servers, and customers are starting to ask for IPv6. Given
> the
> > volume of IPv6 traffic I'll see in the short term, I'm happy enough with
> > process switched.
>
> Yes but I wonder how much the v4 customers on that switch will appreciate
> it the day someone gets a DoS or even tries to do an FTP over IPv6. :)
> FastE is more than enough to do in a 3550 CPU.
>
> Then again it's a lot easier than moving the v6 requesters to 3560s, and
> besides doing dual-stack on 3560s does bad things to your available v4
> TCAM. Some things you just can't win.
>
> --
> Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
> GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>



-- 
mailto:Neal at layer3arts.com //
GoogleTalk: nrauhauser at gmail.com
IM: nealrauhauser

More information about the cisco-nsp mailing list