[j-nsp] Tower top switch/router recommendation..

Pavel Lunin plunin at senetsy.ru
Wed Mar 23 18:42:23 EDT 2011


                Each customer is on a separate non-overlapping subnet, but
> NOT on a different VLAN generally.. So filtering at the subnet level is
> easy.. does this change your response at all?
>
>
>
>
> No, not too much. Even worse :) Though, if so, you can try to implement
this on EX using an ingress filer on uplink interface. However, I am afraid,
it's not possible to support a filter with that hell of terms, which will
not only demultiplex customers by ther IPs but, at the same time, realize
the two-tier policing you wish to have. Although you can try, literally it's
supported :)

This is anyway must be done in some central aggregation point, not on the
top-of-the-rack switches (simply forget). Just like you do now but with a
'normal' router instead your self-made one. Switching is switching but some
router with all that aggregation stuff facing downwards + some features,
facing upwards, is needed.

To be honest, I would say, splitting the customers into separate VLANs is a
task to which you should pay much more attention, than to this fancy
two-rate billing scheme. These old good all-in-one IP address-based
customer-demux filters have kicked enough guys off the market :) Some of
them still really believe, that this was a fault of their network equipment
vendors )


More information about the juniper-nsp mailing list