[c-nsp] 7600 (RSP720) good for 1000 x DHCP server config?
Erik Sundberg
ESundberg at nitelusa.com
Fri Jul 16 16:10:35 EDT 2021
I think in this case it would make more sense for a 1 or more standalone Linux's server acting as a DHCP server. This will help relieve the CPU strain on the SUP720.
ip helper, i would think would be less CPU intensive than a DHCP server running on each vlan on the SUP720
It's also easier to troubleshoot DHCP issues and do packet captures on than on the SUP720. It would also give you a platform to test from in your setup.
________________________________
From: cisco-nsp <cisco-nsp-bounces at puck.nether.net> on behalf of Tom Hill <tom at ninjabadger.net>
Sent: Tuesday, July 13, 2021 9:22 AM
To: cisco-nsp at puck.nether.net <cisco-nsp at puck.nether.net>
Subject: Re: [c-nsp] 7600 (RSP720) good for 1000 x DHCP server config?
On 05/07/2021 12:20, chiel wrote:
> I might going to use a 7600 with RSP720 to terminate 1000 users, where
> each user has a own vlan and L3. I will also be making a 1000 DHCP
> config, one for each vlan.
>
> My question is will the RSP720 have no problem with a 1000 x a DHCP
> config? Because the DHCP will be handled by the CPU I guess? I guess
> this wont be an issue but just want to check.
>
> Other then a couple of static routes and fiber termination the 7600 will
> not be doing anything else.
My main concern with terminating segments on a SUP/RSP720 (in any
situation) would be MLD messages, which are punted. Even
link-local/site-local configuration will produce MLD join/part messages
for the associated solicited-node multicast groups (to enable DAD). A
few kpps of MLD will shoot the CPU load up.
The risks here are that flapping L1 links cause rapid or repeated
up/down of device interfaces, or (in my case) spammers adding and
removing IPv6 addresses quickly to give different source IP6 addresses.
Granted that there's some detail missing on the exact nature of this
connectivity you're providing, but it is of course worth bearing in mind
that even if you're not provisioning IPv6 forwarding (you should) most
devices available today will have an expectation of IPv6 connectivity &
and therefore will (or at least *should*) come with an IPv6 stack
enabled by default, and many will configure multiple addresses.
Might not matter, but these devices are well beyond their sell-by-date
for these functions.
--
Tom
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
________________________________
CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or previous e-mail messages attached to it may contain confidential information that is legally privileged. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. If you have received this transmission in error please notify the sender immediately by replying to this e-mail. You must destroy the original transmission and its attachments without reading or saving in any manner.
Thank you.
More information about the cisco-nsp
mailing list