[j-nsp] One router/two firewalls config question
Jesper Skriver
jesper at skriver.dk
Wed Mar 12 12:37:48 EDT 2008
On Thu, Mar 13, 2008 at 12:14:14AM +0800, Mark Tinka wrote:
> On Tuesday 11 March 2008, Chuck Anderson wrote:
>
> > Any my switch has multiple switch fabrics, multiple CPUs,
> > multiple fan trays, and multiple power supplies :-)
>
> I've found it's easier to justify this on edge and border
> routers, where the box-level redundancy depends on the
> connectivity density required and where multiple links
> would be aggregated into one chassis without the need to
> multi-home them.
>
> Of course, box-level redundancy goes without saying for core
> routers.
I'd say exactly the opposite, it's trivial to build a core network
with redundancy, so it doesn't depend on any single box or link.
But on the edge a given customer is typically connected to one
box, when that box goes down, the customer looses connectivity, so
on edge boxes you need redundant boxes much more than in the core.
/Jesper
> However, for core switches in a specific site/PoP, I've
> always wondered whether having redundant switch fabrics and
> CPU's was necessary, especially if those switch fabrics and
> CPU's don't contribute to the forwarding of traffic unless
> the primary switch fabric has failed.
>
> Since all connections to the core switches are mirrored to
> the corresponding routers, the failure of one switch would
> be mitigated by the presence of another, with a similar
> hardware/software configuration.
>
> On paper, core switches this redundant make sense. In
> practice, however, given the "reliability" of today's
> platforms, having this in a mirrored state seems more like
> just a nice-to-have.
>
> Mark.
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
/Jesper
--
Jesper Skriver, jesper(at)skriver(dot)dk - CCIE #5456
One Unix to rule them all, One Resolver to find them,
One IP to bring them all and in the zone to bind them.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : https://puck.nether.net/pipermail/juniper-nsp/attachments/20080312/2b3092dc/attachment.bin
More information about the juniper-nsp
mailing list