[c-nsp] Migrating small distribution network to support IPv6

Jon Lewis jlewis at lewis.org
Mon Feb 11 09:52:49 EST 2013

On Mon, 11 Feb 2013, Bill Jones wrote:

> It's a straightforward setup: two 7204s (NPE-G2) connected to two 
> gigabit upstreams, with a collection of several 3550s doing a 
> combination of layer 2 and 3 with a lot of tenants and ethernet 
> customers having their upload speeds rate-limited depending on the 
> negotiation...average tenant would get 10 mbps upload, but some are tech 
> businesses who can push some decent bandwidth (enough to require gige). 
> The routers are running 12.4(24)T. It's my understanding that to support 
> the existing network configuration, I would need to replace the switch 
> infrastructure to support IPv6 properly (hardware layer3 forwarding).

AFAIK, the 3550s don't do IPv6 at all, so the only way they'd be useful in 
a dual-stack network would be as layer 2 switches trunking all L3 traffic 
back to the 7204s.  Doing your rate-limiting/policing/shaping up at the 
routers is undesireable since it allows any one customer to flood the 
layer 2 network with up to their port speed of traffic.

> However, I remember reading that on the switches in the upgrade path 
> from the 3550, you couldn't do rate-limiting, or at least do it as well 
> as the 3550...I'm foggy on the details, I remember finding this out when

The 3560 series does shaping in a totally different way than the 3550's 
policing, and you'll have to look at it and see if you can live with the 
lack of granularity its capable of providing.

OTOH, if your network is entirely ethernet, I'd look at whether you 
actually need to be using 7204s and see if something like a 6500 can do 
all you need.  Something like a 6500 with Sup32 might handle things and 
can do more flexible policing (similar to what you're used to on the 
3550s).  Depending on how many ports you need, a 6506 or 6509 with a few 
6148A's might do.

> dozen different ports. Funding is limited (the connectivity is looked at 
> as a loss leader, the money is in having low vacancy), primarily because 
> there is no customer demand for IPv6 yet. I don't want to wait for some 
> big potential tenant to require it, and then have to scramble to 
> implement it, and potentially do it half-assed. What would what you do 
> if this was your network? Thanks,Bill

You could just keep going, business as usual, and for the first few IPv6 
customers, trunk them back to the 7204s, and eventually upgrade to a 
better dual-stack capable network.

  Jon Lewis, MCP :)           |  I route
  Senior Network Engineer     |  therefore you are
  Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

More information about the cisco-nsp mailing list