Catalyst 3750 EMI and BGP

Discussion in 'Cisco' started by Stevie, Apr 2, 2005.

  1. Stevie

    Stevie Guest

    Hello-
    So I'm looking to get my hands on a 3750 EMI unit for the purpose of doing
    BGP to 3 or 4 ISPs. I intend to have about about 3 dozen machines directly
    attached to it (by way of trunking to 2950 switches), and probably four to
    eight /24's. Is this unit going to be sufficient? I've used the SMI
    version for doing static routing before, but I'd like to make the jump to
    BGP in order to add redundancy. If I wanted to go with something beefier,
    what would be the next logical step up from the 3750s?

    Here's a bit more detail as to what I want to do...

    I'd like to have one main ISP which carries most of my traffic and will
    provide me with little /24's which I will route myself. I also plan to
    have 2-3 other smaller ISPs whom I only plan to use as "paid peering" (I'm
    buying transit to them, but the only traffic I want to come in on those
    links are direct customers of those ISPs.) Beyond this requirement,
    nothing special. I intend to use the ACL and VLAN maps as I have on the
    SMI switches will doing static routing.

    Thanks for your help.
     
    Stevie, Apr 2, 2005
    #1
    1. Advertising

  2. Stevie

    Steinar Haug Guest

    [Stevie]

    | So I'm looking to get my hands on a 3750 EMI unit for the purpose of doing
    | BGP to 3 or 4 ISPs. I intend to have about about 3 dozen machines directly
    | attached to it (by way of trunking to 2950 switches), and probably four to
    | eight /24's. Is this unit going to be sufficient? I've used the SMI
    | version for doing static routing before, but I'd like to make the jump to
    | BGP in order to add redundancy. If I wanted to go with something beefier,
    | what would be the next logical step up from the 3750s?

    The 3750 should handle your needs just fine, as long as you don't need
    a full Internet routing table.

    Steinar Haug, Nethelp consulting,
     
    Steinar Haug, Apr 3, 2005
    #2
    1. Advertising

  3. On 03.04.2005 07:46 Steinar Haug wrote

    > [Stevie]
    >
    > | So I'm looking to get my hands on a 3750 EMI unit for the purpose of doing
    > | BGP to 3 or 4 ISPs. I intend to have about about 3 dozen machines directly
    > | attached to it (by way of trunking to 2950 switches), and probably four to
    > | eight /24's. Is this unit going to be sufficient? I've used the SMI
    > | version for doing static routing before, but I'd like to make the jump to
    > | BGP in order to add redundancy. If I wanted to go with something beefier,
    > | what would be the next logical step up from the 3750s?
    >
    > The 3750 should handle your needs just fine, as long as you don't need
    > a full Internet routing table.
    >


    As you are connecting all machines by ways of 2950 trunks, you may want
    to look into a "real" router as well. Anything in the 18xx (up to 384MB
    RAM) or 28xx (up ro 1024 MB RAM) range should fit your needs and allow
    for sufficient upstreams.



    Arnold
    --
    Arnold Nipper, AN45
     
    Arnold Nipper, Apr 3, 2005
    #3
  4. Stevie

    Stevie Guest

    (Steinar Haug) wrote in
    news::

    > The 3750 should handle your needs just fine, as long as you don't need
    > a full Internet routing table.


    What is meant by a "full Internet routing table"? I've never done BGP
    before, so I'm not quite sure what is meant by this. If I didn't have a
    full table, would some parts of the internet be unroutable?
     
    Stevie, Apr 3, 2005
    #4
  5. Stevie

    Stevie Guest

    Arnold Nipper <> wrote in
    news:d2oef1$mfg$:

    > On 03.04.2005 07:46 Steinar Haug wrote
    >
    >> The 3750 should handle your needs just fine, as long as you don't
    >> need a full Internet routing table.

    >
    > As you are connecting all machines by ways of 2950 trunks, you may
    > want to look into a "real" router as well. Anything in the 18xx (up to
    > 384MB RAM) or 28xx (up ro 1024 MB RAM) range should fit your needs and
    > allow for sufficient upstreams.


    What advantages would these have over a 3750? Is an all-in-one approach of
    the 3750 not the right way to be going?
     
    Stevie, Apr 3, 2005
    #5
  6. Stevie

    Wayne Guest

    "Stevie" <> wrote in message
    news:...
    > (Steinar Haug) wrote in
    > news::
    >
    >> The 3750 should handle your needs just fine, as long as you don't need
    >> a full Internet routing table.

    >
    > What is meant by a "full Internet routing table"? I've never done BGP
    > before, so I'm not quite sure what is meant by this. If I didn't have a
    > full table, would some parts of the internet be unroutable?


    No, because you would still have a default route to fall back on. Looking
    at your requirements your first post, I would say you will not be using the
    full internet routing table.
     
    Wayne, Apr 3, 2005
    #6
  7. On 03.04.2005 18:30 Stevie wrote

    > Arnold Nipper <> wrote in
    > news:d2oef1$mfg$:
    >
    >> On 03.04.2005 07:46 Steinar Haug wrote
    >>
    >>> The 3750 should handle your needs just fine, as long as you don't
    >>> need a full Internet routing table.

    >>
    >> As you are connecting all machines by ways of 2950 trunks, you may
    >> want to look into a "real" router as well. Anything in the 18xx (up to
    >> 384MB RAM) or 28xx (up ro 1024 MB RAM) range should fit your needs and
    >> allow for sufficient upstreams.

    >
    > What advantages would these have over a 3750? Is an all-in-one approach of
    > the 3750 not the right way to be going?


    IMHO if you need a router, take a router. If you need a switch, take a
    switch. From what you wrote ("I intend to have about about 3 dozen
    machines directly attached to it (by way of trunking to 2950 switches)")
    I've concluded that you actually need a router and not a switch with
    routing functionality.

    As Steinar already pointed out, the 3750 is not suited to take a full
    routing table (128MB RAM only), hence not well suited as a "real"
    upstream router.



    Arnold
    --
    Arnold Nipper, AN45
     
    Arnold Nipper, Apr 3, 2005
    #7
  8. Stevie

    Stevie Guest

    "Wayne" <> wrote in
    news:d3V3e.135868$Ze3.106432@attbi_s51:

    > "Stevie" <> wrote in message
    > news:...
    >> (Steinar Haug) wrote in
    >> news::
    >>
    >>> The 3750 should handle your needs just fine, as long as you don't
    >>> need a full Internet routing table.

    >>
    >> What is meant by a "full Internet routing table"? I've never done
    >> BGP before, so I'm not quite sure what is meant by this. If I didn't
    >> have a full table, would some parts of the internet be unroutable?

    >
    > No, because you would still have a default route to fall back on.
    > Looking at your requirements your first post, I would say you will
    > not be using the full internet routing table.


    So how do I tell my router how much of a routing table do I want? Also,
    does my lack of a full view limit the number of ways a customer on the
    internet can reach me?
     
    Stevie, Apr 3, 2005
    #8
  9. On 03.04.2005 18:43 Wayne wrote

    > "Stevie" <> wrote in message
    > news:...
    >> (Steinar Haug) wrote in
    >> news::
    >>
    >>> The 3750 should handle your needs just fine, as long as you don't need
    >>> a full Internet routing table.

    >>
    >> What is meant by a "full Internet routing table"? I've never done BGP
    >> before, so I'm not quite sure what is meant by this. If I didn't have a
    >> full table, would some parts of the internet be unroutable?

    >
    > No, because you would still have a default route to fall back on. Looking
    > at your requirements your first post, I would say you will not be using the
    > full internet routing table.
    >
    >


    A 3750 may fit the current needs (default to one ISP, paid peering to a
    couple of smaller ISP) but leaves imho no room for upgrades ("two or moe
    full table upstreams). Given that the 3750 is only used for routing I
    would go for a real router (18xx or 28xx).


    Arnold
    --
    Arnold Nipper, AN45
     
    Arnold Nipper, Apr 3, 2005
    #9
  10. On 03.04.2005 18:51 Stevie wrote

    > "Wayne" <> wrote in
    > news:d3V3e.135868$Ze3.106432@attbi_s51:
    >
    >> "Stevie" <> wrote in message
    >> news:...
    >>> (Steinar Haug) wrote in
    >>> news::
    >>>
    >>>> The 3750 should handle your needs just fine, as long as you
    >>>> don't need a full Internet routing table.
    >>>
    >>> What is meant by a "full Internet routing table"? I've never
    >>> done BGP before, so I'm not quite sure what is meant by this. If
    >>> I didn't have a full table, would some parts of the internet be
    >>> unroutable?

    >>
    >> No, because you would still have a default route to fall back on.
    >> Looking at your requirements your first post, I would say you will
    >> not be using the full internet routing table.

    >
    > So how do I tell my router how much of a routing table do I want?


    via inbound access-lists/route-maps applied to your peers

    > Also, does my lack of a full view limit the number of ways a customer
    > on the internet can reach me?


    yes and no. The number of paths from you to a customer on the internet
    is not only a function of your number of the next hops to the internet
    but also of the number of AS numbers passed and of the connectivity of
    your customer.

    Usually having two providers to give you full connectivity to the
    internet increases resilience of your internet connectivity but of
    course also increases management complexity.



    Arnold
    --
    Arnold Nipper, AN45
     
    Arnold Nipper, Apr 3, 2005
    #10
  11. Stevie

    Stevie Guest

    Arnold Nipper <> wrote in
    news:d2oef1$mfg$:

    > As you are connecting all machines by ways of 2950 trunks, you may
    > want to look into a "real" router as well. Anything in the 18xx (up to
    > 384MB RAM) or 28xx (up ro 1024 MB RAM) range should fit your needs and
    > allow for sufficient upstreams.


    Hm, okay. I'm looking at the 2800 at the moment, and I'm seeing SFP ports
    clocking in at ~$1250/ea (new). Four of those costs more than a 3750G-24TS
    (which includes four SFP ports). I was also looking at GigE options and
    didn't see much either (looking at
    http://www.cisco.com/en/US/products/ps5854/products_data_sheet0900aecd8016f
    a68.html ). What hardware configuration would one purchase to have 1
    1000BaseSX (via SFP) port and 2 FastE ports as connections to ISPs, and
    then a handful of GigE ports for trunking 2950s?

    Also, what's the difference between a Network Module and an Interface Card
    (HWIC in this case, I guess).

    Thanks.
     
    Stevie, Apr 4, 2005
    #11
  12. On 04.04.2005 06:26 Stevie wrote

    > Arnold Nipper <> wrote in
    > news:d2oef1$mfg$:
    >
    >> As you are connecting all machines by ways of 2950 trunks, you may
    >> want to look into a "real" router as well. Anything in the 18xx (up to
    >> 384MB RAM) or 28xx (up ro 1024 MB RAM) range should fit your needs and
    >> allow for sufficient upstreams.

    >
    > Hm, okay. I'm looking at the 2800 at the moment, and I'm seeing SFP ports
    > clocking in at ~$1250/ea (new). Four of those costs more than a 3750G-24TS
    > (which includes four SFP ports). I was also looking at GigE options and
    > didn't see much either (looking at
    > http://www.cisco.com/en/US/products/ps5854/products_data_sheet0900aecd8016f
    > a68.html ).


    You didn't look very carefully. Table 1, row 4 says: The Cisco 2800
    Series provide two 10/100 on the Cisco 2801 and Cisco 2811 and two
    10/100/1000 on the Cisco 2821 and Cisco 2851



    Arnold
    --
    Arnold Nipper, AN45
     
    Arnold Nipper, Apr 4, 2005
    #12
  13. Stevie

    Stevie Guest

    Arnold Nipper <> wrote in
    news:d2qmoc$gen$:

    >> Hm, okay. I'm looking at the 2800 at the moment, and I'm seeing SFP
    >> ports clocking in at ~$1250/ea (new). Four of those costs more than
    >> a 3750G-24TS (which includes four SFP ports). I was also looking at
    >> GigE options and didn't see much either (looking at
    >> http://www.cisco.com/en/US/products/ps5854/products_data_sheet0900aecd
    >> 8016f a68.html ).

    >
    > You didn't look very carefully. Table 1, row 4 says: The Cisco 2800
    > Series provide two 10/100 on the Cisco 2801 and Cisco 2811 and two
    > 10/100/1000 on the Cisco 2821 and Cisco 2851


    As I understand it, those are all 1000BaseTX ports, not SFP ports. Getting
    the four SFP port density of the 3750 still seems a bit difficult on the
    2800s.
     
    Stevie, Apr 4, 2005
    #13
  14. On 04.04.2005 09:58 Stevie wrote

    > Arnold Nipper <> wrote in
    > news:d2qmoc$gen$:
    >
    >>> Hm, okay. I'm looking at the 2800 at the moment, and I'm seeing SFP
    >>> ports clocking in at ~$1250/ea (new). Four of those costs more than
    >>> a 3750G-24TS (which includes four SFP ports). I was also looking at
    >>> GigE options and didn't see much either (looking at
    >>> http://www.cisco.com/en/US/products/ps5854/products_data_sheet0900aecd
    >>> 8016f a68.html ).

    >>
    >> You didn't look very carefully. Table 1, row 4 says: The Cisco 2800
    >> Series provide two 10/100 on the Cisco 2801 and Cisco 2811 and two
    >> 10/100/1000 on the Cisco 2821 and Cisco 2851

    >
    > As I understand it, those are all 1000BaseTX ports, not SFP ports. Getting
    > the four SFP port density of the 3750 still seems a bit difficult on the
    > 2800s.


    It's not difficult, but expensive. Just buy 4 HWIC-1GE-SFP à $3.500 GPL
    which will nicely fit into the 28xx (xx = 11,21,51)



    Arnold
    --
    Arnold Nipper, AN45
     
    Arnold Nipper, Apr 4, 2005
    #14
  15. Stevie

    Stevie Guest

    Arnold Nipper <> wrote in news:d2qslt$qlu$1
    @nntp.ilk.net:

    > It's not difficult, but expensive. Just buy 4 HWIC-1GE-SFP à $3.500 GPL
    > which will nicely fit into the 28xx (xx = 11,21,51)


    Ouch, that's really expensive. I suppose that's the price to be paid in
    order to get a "real" router, huh? :)

    Still, what's the difference between an "Interface Card" and a "Network
    Module"?
     
    Stevie, Apr 4, 2005
    #15
  16. Stevie

    Stevie Guest

    (Steinar Haug) wrote in
    news::

    > [Stevie]
    >
    >| So I'm looking to get my hands on a 3750 EMI unit for the purpose of
    >| doing BGP to 3 or 4 ISPs. I intend to have about about 3 dozen
    >| machines directly attached to it (by way of trunking to 2950
    >| switches), and probably four to eight /24's. Is this unit going to
    >| be sufficient? I've used the SMI version for doing static routing
    >| before, but I'd like to make the jump to BGP in order to add
    >| redundancy. If I wanted to go with something beefier, what would be
    >| the next logical step up from the 3750s?
    >
    > The 3750 should handle your needs just fine, as long as you don't need
    > a full Internet routing table.


    How much of a routing table could I expect to squeeze into the 3750's 128MB
    of RAM? How much memory does a full view take up nowadays? Thanks.
     
    Stevie, Apr 4, 2005
    #16
  17. Stevie

    Steinar Haug Guest

    [Stevie]

    | > It's not difficult, but expensive. Just buy 4 HWIC-1GE-SFP à $3.500 GPL
    | > which will nicely fit into the 28xx (xx = 11,21,51)
    |
    | Ouch, that's really expensive. I suppose that's the price to be paid in
    | order to get a "real" router, huh? :)

    Before you continue along this route, you need to decide for yourself:

    1. What number of routes do you need to handle?
    2. What forwarding capacity (pps and Mbps) do you need?

    3750 is a hardware forwarding platform, and will easily outstrip 28xx
    which is a software forwarding platform.

    28xx can handle more memory than 3750 - enough to handle a full Internet
    routing table if you need it (which the 3750 cannot).

    GE ports for the 28xx are expensive, as you have found out.

    So, for the two alternative platforms outlined here:

    - Low pps/Mbps, full Internet routing table: 28xx should work fine.
    - High pps/Mbps, not a full Internet routing table: 3750 should work fine.
    - High pps/Mbps *and* a full Internet routing table: You need to look at
    a different platform entirely.

    Steinar Haug, Nethelp consulting,
     
    Steinar Haug, Apr 4, 2005
    #17
  18. Stevie

    Stevie Guest

    (Steinar Haug) wrote in
    news::

    > [Stevie]
    >
    >| > It's not difficult, but expensive. Just buy 4 HWIC-1GE-SFP à
    >| > $3.500 GPL which will nicely fit into the 28xx (xx = 11,21,51)
    >|
    >| Ouch, that's really expensive. I suppose that's the price to be
    >| paid in order to get a "real" router, huh? :)
    >
    > Before you continue along this route, you need to decide for yourself:
    >
    > 1. What number of routes do you need to handle?
    > 2. What forwarding capacity (pps and Mbps) do you need?
    >
    > 3750 is a hardware forwarding platform, and will easily outstrip 28xx
    > which is a software forwarding platform.
    >
    > 28xx can handle more memory than 3750 - enough to handle a full
    > Internet routing table if you need it (which the 3750 cannot).
    >
    > GE ports for the 28xx are expensive, as you have found out.
    >
    > So, for the two alternative platforms outlined here:
    >
    > - Low pps/Mbps, full Internet routing table: 28xx should work fine.
    > - High pps/Mbps, not a full Internet routing table: 3750 should work
    > fine. - High pps/Mbps *and* a full Internet routing table: You need to
    > look at a different platform entirely.


    Mmm interesting. How "partial" of a view can expect out of the 3750?

    It's not uncommon for me to see a 600Mbps DDoS attack come in, so the 2800
    series is already out (I read somewhere on Cisco's site that each HWIC only
    has 400Mbps of full duplex capability). I'd rather not have my router keel
    over from something like that.

    Just for future reference, what platform would one be looking at for both a
    full route table and line Mbps rates?

    Thanks.
     
    Stevie, Apr 4, 2005
    #18
  19. Stevie

    Steinar Haug Guest

    [Stevie]

    | Mmm interesting. How "partial" of a view can expect out of the 3750?

    According to the documentation at

    http://www.cisco.com/en/US/products/hw/switches/ps5023/products_data_sheet09186a0080161371.html

    up to 20K unicast routes on 3750G-12S and 11K unicast routes for the
    other models. But note that this depends on the TCAM size, and interacts
    with space reserved for MAC address tables, ACLs etc. See documentation
    for the "sdm prefer" command,

    http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3750/12225se/3750cr/cli2.htm#wp4293323

    | It's not uncommon for me to see a 600Mbps DDoS attack come in, so the 2800
    | series is already out (I read somewhere on Cisco's site that each HWIC only
    | has 400Mbps of full duplex capability). I'd rather not have my router keel
    | over from something like that.

    For DoS attacks on a software forwarding platform like the 2800, it's
    not the Mbps that matters but the packet rate. An attack with minimum
    size packets can normally kill a software forwarding platform well
    before the rated Mbps. If it's not uncommon to see 600Mbps DDoS attacks,
    it sure sounds like you need a hardware forwarding platform.

    | Just for future reference, what platform would one be looking at for both a
    | full route table and line Mbps rates?

    If you're limited to Cisco:

    6500/Sup2/MSFC2, or 6500/Sup720
    7304 with the NSE-100
    12000

    Steinar Haug, Nethelp consulting,
     
    Steinar Haug, Apr 4, 2005
    #19
  20. Stevie

    Stevie Guest

    (Steinar Haug) wrote in
    news::

    >| It's not uncommon for me to see a 600Mbps DDoS attack come in, so
    >| the 2800 series is already out (I read somewhere on Cisco's site
    >| that each HWIC only has 400Mbps of full duplex capability). I'd
    >| rather not have my router keel over from something like that.
    >
    > For DoS attacks on a software forwarding platform like the 2800, it's
    > not the Mbps that matters but the packet rate. An attack with minimum
    > size packets can normally kill a software forwarding platform well
    > before the rated Mbps. If it's not uncommon to see 600Mbps DDoS
    > attacks, it sure sounds like you need a hardware forwarding platform.


    Indeed, my normal traffic is lots of small UDP packets, so "normal
    operation" is in the 300kpps range as is. A DDoS will drive that into the
    Mpps range.

    >| Just for future reference, what platform would one be looking at for
    >| both a full route table and line Mbps rates?
    >
    > If you're limited to Cisco:
    >
    > 6500/Sup2/MSFC2, or 6500/Sup720
    > 7304 with the NSE-100
    > 12000


    I'm open to options from Juniper or Alcatel if they'll do better for
    cheaper. :)
     
    Stevie, Apr 4, 2005
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. desdronox
    Replies:
    1
    Views:
    2,952
    Terry Baranski
    Jul 10, 2003
  2. Brian V

    3750's mixing EMI and SMI

    Brian V, Feb 10, 2004, in forum: Cisco
    Replies:
    5
    Views:
    2,346
    Chris Thomas
    Feb 11, 2004
  3. Replies:
    2
    Views:
    6,909
    martin schneidhofer
    Nov 19, 2005
  4. Replies:
    4
    Views:
    10,169
    DigitalVinyl
    Nov 20, 2005
  5. Trouble
    Replies:
    3
    Views:
    5,810
    Trouble
    Feb 22, 2006
Loading...

Share This Page