[f-nsp] BGP Sanity check please...

Erik Haagsman erik at we-dare.net
Wed Nov 23 12:12:15 EST 2005


Depending on how much traffic you'll be pushing I'd seriously consider
going with a JetCore set-up, since 3 full views and a number of smaller
peers makes this a rather important little edge box. Depending on
traffic levels you might get a reasonably long way, but in case of DDoS
traffic or other unusual amounts of traffic hitting the ACLs or CPU in
another way, you're gone when using the IronCore set-up. 
All ACL processing is handled in software through the CPU, on top of
things like ICMP generation/processing, and it's able to very
effectively bring a box down to it's knees in no-time when under attack
or abnormal circumstances. I'd consider either JetCore or a dedicated
Layer 3 router with the NI as a simpler pure Layer2/basic Layer3 device
behind that.

Cheers,

-- 
---
Erik Haagsman
Network Architect
We Dare BV
Tel: +31(0)10-7507008
Fax: +31(0)10-7507005
http://www.we-dare.nl


On Wed, 2005-11-23 at 17:18 +0000, Howard Jones wrote:
> Hi,
> 
> We're considering aquiring a pair NetIron 400 routers to use for 
> Internet transit. It will be for 2-3 full views per router, plus private 
> peering, all on Gig-E. I just wanted to ask the collective voice of 
> experience if this type of setup is a good idea. Has anyone else already 
> suffered from putting these devices in this situation?
> 
> The provisional spec is NI400, NI4GMR (2), BxG and B24E in each box.
> 
> Thanks in advance for any warnings, or advice, you could offer...
> 
> Cheers,
> 
> Howie
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp





More information about the foundry-nsp mailing list