[125342] in North American Network Operators' Group
RE: Router for Metro Ethernet
daemon@ATHENA.MIT.EDU (Dylan Ebner)
Mon Apr 12 14:59:14 2010
From: Dylan Ebner <dylan.ebner@crlmed.com>
To: Jeffrey Negro <jnegro@billtrust.com>
Date: Mon, 12 Apr 2010 18:58:32 +0000
In-Reply-To: <z2le95dc4e71004121126y1254a46x130c9c1120544eaa@mail.gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Taffic shaping and eigrp eat a lot. inspection is huge as well. I have no=
ida what the new zone based firewalling will do to a 2800, but after seein=
g it on an 1800, I know it will not be pretty. static acls should be easy =
if they are not really large. I wouldn't go out and grab the new CRYMU bogo=
n list, that would kill you.
The problem is the router CAN do these things, but if you want any manageme=
nt on the back end you get in trouble. things like NBAR and netflow are inc=
redibly important, but the router cannot handle all these services and the =
routing protocols and the traffic. If you are not doing nbar or netflow tod=
ay, that doesn't mean you won't in the near future. I have been finding tha=
t getting a router that is too small puts you in a precarious position at t=
imes. You can either know where your traffic is going and have a router tha=
t drops packets, or you can run blind knowing that all those unmonitored pa=
ckets are getting through.
Dylan Ebner, Network Engineer
Consulting Radiologists, Ltd.
1221 Nicollet Mall, Minneapolis, MN 55403
ph. 612.573.2236 fax. 612.573.2250
dylan.ebner@crlmed.com<mailto:dylan.ebner@crlmed.com>
www.consultingradiologists.com<http://www.consultingradiologists.com>
From: Jeffrey Negro [mailto:jnegro@billtrust.com]
Sent: Monday, April 12, 2010 1:26 PM
To: Dylan Ebner
Cc: nanog@nanog.org
Subject: Re: Router for Metro Ethernet
In our case I believe we would be dealing with just static routes and a lin=
es of ACL. Do you think the routing protocols are your largest resource us=
age in your scenario, or is it also just simple routing as well?
Jeffrey Negro, Network Engineer
Billtrust - Improving Your Billing, Improving Your Business
www.billtrust.com<http://www.billtrust.com>
609.235.1010 x137
On Mon, Apr 12, 2010 at 1:55 PM, Dylan Ebner <dylan.ebner@crlmed.com<mailto=
:dylan.ebner@crlmed.com>> wrote:
We use metro E for our WAN and our internet access delivery. The 2600 serie=
s routers do not have enough horsepower to do a 40 Mb connection and eigrp.=
The 2811 can do 40 mb and eigrp but they start to have difficulty when you=
add in inspection or large ACLs. We just last week turned a 40mb metroe ci=
rcuit into a 60mb and the router, a 2811, is now have constant problems. We=
are replacing it with a 2921. However, this router also has 2 100mb connec=
tions from local lans that it is also terminiating. For our 100mb metro e c=
onnections we use 3845s. The 100 mb service terminates into NM-GEs, which h=
ave a faster throughput than the hwics. This setup works well.
On our internet edges we use 2811s with their memory maxed. We have partial=
BGP routers from 2 isps. One connection is a 30mb and the other is a 25mb.=
no inspection is done on these but we do have stateless acls running on th=
e inbound. these are running just fine today, but they sit at about 20% cpu=
all the time.
When doing a metro e connection, make sure the router/switch can do traffic=
shaping. If it can't, you are relying on the provider to shape your outgoi=
ng traffic, which of course will happen down the line, adding additional de=
lay during high usage times.
You should also look at the new cisco small metro switches. They can traffi=
c shape, do bgp and have more than one interface. one of the annoying thing=
about metro e(at least with qwest) is they have a tendancy to install new=
pe switches at your locations when you upgrade your service. this means a =
new connection from them and unless you have extra fiber or copper ports on=
your router. So to transition to the new circuit, you need to unplug your =
existing service first. And that means downtime, which no one likes.
Dylan
-----Original Message-----
From: Jeffrey Negro [mailto:jnegro@billtrust.com<mailto:jnegro@billtrust.co=
m>]
Sent: Monday, April 12, 2010 12:29 PM
To: nanog@nanog.org<mailto:nanog@nanog.org>
Subject: Router for Metro Ethernet
Before I get taken for a ride by salespeople, I figured it would be best to
ask the experts of Nanog....
My company is currently in talks to bring an ethernet circuit into our
headquarters, initially committing around 40Mbps. The ISP will be providin=
g
ethernet handoff, but I do not want their managed router offering (Adtran
4430) since it is pricey, non-redundant and I'd rather manage it myself. M=
y
question is about hardware. Can I assume that I can use something like a
Cisco 2000 series router with two built in fast/gig ethernet ports, without
a WIC? and since both sides are ethernet would the routing throughput be
near fast ethernet speed? This is my first dealing with metro ethernet
offerings, and I don't want to assume that the Cisco throughput rates liste=
d
for T1/ADSL etc. are the same for a metro ethernet as the WAN.
Any and all suggestions on the hardware would be greatly appreciated. Than=
k
you in advance!
