[119297] in North American Network Operators' Group
Re: Layer 2 vs. Layer 3 to TOR
daemon@ATHENA.MIT.EDU (Malte von dem Hagen)
Thu Nov 12 16:10:06 2009
Date: Thu, 12 Nov 2009 22:08:57 +0100
From: Malte von dem Hagen <mvh@hosteurope.de>
To: Raj Singh <raj.singh@demandmedia.com>
In-Reply-To: <6CDE22DE80A63A4DACF4FE2C916519A53F4E63E3DD@BLV11EXVS01.corp.dm.local>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Reply-To: mvh@hosteurope.de
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig186D5C4ABC2050BB13464897
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Hej,
Am 12.11.2009 21:04 Uhr schrieb Raj Singh:
> We are actually looking at going Layer 3 all the way to the top of rack=
and
> make each rack its own /24.
what a waste of IPs and unnecessary loss of flexibility!
> This provides us flexibility when doing maintenance (spanning-tree).
If you use a simple setup for aggregation, you do not need xSTP. Even inc=
luding
redundancy, RTG (big C: flex-link) will be sufficient. Spanning the L2 ov=
er more
than one rack is dirty when you do L3 on the TORs, because you need to bu=
ild a
Virtual Chassis or VPLS tunnels (not sure if EX4200 does that as of today=
).
> Also, troubleshooting during outages is much easier by using
> common tools like ping and trace routes.
Oh, c'mon. Yes, Layer 2 is a wild jungle compared to clean routing, but t=
racing
isn't that magic there. You have LLDP, mac-address-tables, arp-tables...
> I want to make sure this is something other people are doing out there =
and
> want to know if anyone ran into any issues with this setup.
=46rom the design POV, it is a clean and nice concept to do L3 on the
TOR-switches, but in real life, it's not working very well. Everytime I p=
layed
with such, with every vendor I've seen, there is just always the same con=
clusion:
Let routers route and let switches switch.
Switches which are supposed to do routing never scale, provide almost alw=
ays
immature implementations of common L3 features and run into capacity prob=
lems
just too fast (too small tables for firewall roules, route entries, no fu=
ll IPv6
capabilities, sometimes expensive licenses needed for stuff like IS-IS...=
).
I understand the wish to keep broadcast domains small and network paths
deterministic and clean, but the switches you can buy today for
not-too-much-money aren't ready yet.
So my hint is: Look at model #4 from the mentioned NANOG presentation.
My 2 Euro-Cents,
=2Em
--------------enig186D5C4ABC2050BB13464897
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkr8eWkACgkQLuLG3RMdjsIW0QCePEvhzYPdqarQ+IfnfOxtib19
Br8An0Y+Otz1O2P9xrdZXa6AGAVdl9wV
=zCwX
-----END PGP SIGNATURE-----
--------------enig186D5C4ABC2050BB13464897--
