[c-nsp] Equipment for a large-ish LAN event

Andrew Miehs andrew at 2sheds.de
Wed Dec 9 02:10:12 EST 2015


2000 users require 42x 48 port switches.
If you uplink these switches with 2x 10G to 2 core routers, you would
need 2 routers with at least 42x 10G ports each.

So you could probably do something like using
2x Nexus 9372PX as your core switches
45x Cisco 2960X (2x 10G, one to each Nexus).

Rather than the Nexus 9372PX, you could also use the
* 2x N7700 with a N77-F348XP-23 line card (probably also require a FEX)
* 2x C6509 SUP2T with 6x WS-X6908-10G-2T line cards

-- Andrew


On Wed, Dec 9, 2015 at 3:40 PM, Roland Dobbins <rdobbins at arbor.net> wrote:
> On 9 Dec 2015, at 8:19, Laurent Dumont wrote:
>
>> arp-inspection
>
>
> DAI is a self-defeating misfeature which can result in a self-DoS of the
> switch.  Don't enable it!
>
> DHCP Snooping and IP Source Guard are very useful anti-spoofing mechanisms,
> and should be enabled on the access ports.
>
> Also, Root Guard, Loop Guard, and BPDU-Guard should be enabled in a
> situationally-appropriate manner.
>
> -----------------------------------
> Roland Dobbins <rdobbins at arbor.net>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list