[66788] in North American Network Operators' Group
Re: Any 1U - 2U Ethernet switches that can handle 4K VLANs?
daemon@ATHENA.MIT.EDU (Will Hargrave)
Sun Jan 25 19:19:01 2004
Date: Mon, 26 Jan 2004 00:18:27 +0000
From: Will Hargrave <will@harg.net>
To: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.44.0401252135400.3237-100000@uplift.swm.pp.se>
Errors-To: owner-nanog-outgoing@merit.edu
On Sun, Jan 25, 2004 at 09:39:05PM +0100, Mikael Abrahamsson wrote:
> This is interesting, what problems did you run into?
>
> We have an extensive Extreme networks used both for L2 and L3, and apart
> from the fact that it always cpu routes ICMP, I see no major flaw in the
> L3 forwarding function (for access/distribution) for all normal purposes.
ACLs are per-port and known to be buggy when operating on port numbers -
in particular UDP ACLs match will match arbritary data when presented
with a subsequent IP fragments (think NFS...)
As pointed out in a similar thread recently, the 'flow-based' (well,
destination IP based) ipfdb will crap out on the Extremes under heavy load
- e.g. virus'd machines internal to your network doing heavy scanning.
Symptom is very poor performance and the 'top' command will show heavy
CPU usage as subsequent flows are CPU routed.
> My few experiences with the Cisco 3550 as L3 routers has been much worse,
> even with claimed CEF capability I have seen it melt and die where the
> equivalent Extreme box didnt experience the same problems (of course there
> are cases where it's the other way around). Overall I have more confidence
> in the Extreme access boxes for L3 than Ciscos equivlanent, and they
> definately kick ciscos ass when it comes to L2 (mac address table size and
> number of vlans for instance).
The 'recommended max' number of SVIs for the 3550 is something low like 8.
There is no limited stated in the datasheet for the 3750 - is anyone
running more than 8 SVIs on a 3750?
The ACL capability on the 3550 seems a lot more capable but the lack of
unicast RPF is irritating. (More irritating, 'ip verify unicast
reachable-via...' is accepted but silently does nothing)
I'd be very interested to hear what conditions you've found cause
problems for Cat3550s. We're planning to buy quite a few more of this range
(probably 3750-24) to reduce L2 size in our network and for CPE-type
uses.
