Results 1 to 21 of 21
Thread: Routers, Switches Layout
-
06-23-2005, 11:55 PM #1Newbie
- Join Date
- Feb 2004
- Posts
- 7
Routers, Switches Layout
We have decided to move away from renting the servers for our webhosting needs. After some research in datacenters available in the Washington state area. AboveNet, internap and the WestinBuilding(Nuetral Carrier Facility).
Some had some nice benefits for example. internap provided 2 100mbps lines 1 primary and 1 failover uplinked to 6 gige lines.
but their prices were outragous, they wanted $2000 a month just for the rack space not including bandwidth.
Abovenet was well priced and offered similar as far as uplink though you had to pay extra for the failover which is expected.
but the downfall is you are limited to abovenet and their peering with other networks so if abovenet goes down you are screwed.
So we have decided on the WestinBuilding. We were quoted $750 a month for a full rack including power. additionally we were able to obtain quotes for 2 x 100mbps lines from seperate carriers with 10mbps commit at $40 per mbps which = $800 a month for bandwidth while we are getting started.
We were also quoted for each line $20 per mbps once we move to 100mbps commit on each.
this has already shown to be a huge plus over internap cost effective wise that is.
Okay now for the question Routers, Switched Layout.
as we are unfamiliar with how this type of setup would take place in a nuetral carrier facility can you guys please give your input on what we should do to achieve the best redundancy.
we were thinking 2 cisco routers for the edge routers each one handling the imput from a single backbone connection.
from there to our distribution layer consisting of 2 Multilayer (Layer2/Layer3) switches. so each of these switches would receive a line from each of the edge routers.
from there to the switches located on the racks for the customer layer.
I really don't see the point of having an aggregation layer but you could enlighten me on that one.
Also what do you suggest for switches and routers? which routers with which options?
We want the ability to pull the plug on the 100Mbps lines at any time and plug in a gig-e with no upgrades required.
also where in this schematic where would you recommend pluggin in a cisco pix firewall to help mitigate ddos?
the goal here is redundancy. and if there is anything I am missing here from a complete setup please do inform me of it. We are trying to get a solid plan together before the move.
right now this will be used for a few boxes running webhosting , IRCd hosting and shellhosting.
eventually we are looking into offering co-location and dedicated hosting.
Your Help is much appreciated thank you in advance.
-
06-24-2005, 12:47 AM #2Web Hosting Master
- Join Date
- Aug 2001
- Location
- California
- Posts
- 1,211
Are your providers giving you a gig handoff or a fastE as the answer will help us determine what type of equipment you need.
Will you need to do any rate limiting/traffic shaping on the switches?
-Stevenhttps://www.ihnetworks.com
BGP Blend of Telia, GTT, Zayo, and Tata in One Wilshire, Los Angeles! Enterprise Datacenters around the world, including Amsterdam, Singapore, London, and the United States.
True Definition of Managed Hosting
Proudly Offering Shared Hosting, Reseller Hosting, VPS, Dedicated Servers, and Co-location
-
06-24-2005, 12:48 AM #3Web Hosting Master
- Join Date
- Aug 2002
- Location
- Atlanta, GA
- Posts
- 1,114
Go with something simple that you can grow with. I'd suggest something like a Foundry BigIron 4000 for the router. Get two management moduals and redundant power supplies add a 8GC or 24E card and you are in business. You can pick them up used for around 10K. In my opinion, it's a much better option then most of the used Cisco stuff out there.
SiteSouth
Atlanta, GA and Las Vegas, NV. Colocation
-
06-24-2005, 02:31 AM #4Newbie
- Join Date
- Feb 2004
- Posts
- 7
at first it is only 2x 100mbps ethernet handoff's
I juist want to be able to at anytime upgrade the equiptment to 2 gig-e's
as far as the foundery that is pretty big for this application. I was looking to start small and work up from there.
I just am looking for routers and switches that can handle 2 gig-e handoff's for when we do upgrade to that point.
I was thinking Cisco 7200's for the edge routers.
and I am not quite sure how to handle the distribution layer switches what to go with that is and if I even need a aggrigation layer why that is required I dunno.
-
06-24-2005, 03:28 AM #5Web Hosting Master
- Join Date
- Feb 2004
- Location
- Louisville, Kentucky
- Posts
- 1,083
Given the available new Cisco equipment available these days, spending $10k on an antiquated Foundry (a questionable platform for layer-3 especially as a BGP-speaker) is not a cost-effective short-term solution, let along a good long-term move. Likewise, Cisco 7200-series is generally expensive on the used market and is a poor long-term choice.
You haven't really posted enough information to get good suggestions regarding your distribution and access needs. Port count, type of customers (dedicated / co-lo or shared/fully managed), and required features (policing/rate-limiting) are all information you'll want to share to get good advice.
Also important, of course, is how sensitive you are to price, both in terms of cost/port in the long-term, and immediate expenses for your initial build. Sometimes you spend more per port on access switching now but you later make a topology change to reduce overall cost, leaving you with some access switches that do substantially more than you need. You spend more money in the long-run but you put off a large capital expense until you have a budget (and customer base) for it.
I'm glad you decided to locate in the Westin Building. What two transit providers did you choose?Jeff at Innovative Network Concepts / 212-981-0607 x8579 / AIM: jeffsw6
Expert IP network consultation and operation at affordable rates
95th Percentile Explained Rate-Limiting on Cisco IOS switches
-
06-24-2005, 06:33 AM #6Newbie
- Join Date
- Feb 2004
- Posts
- 7
well at first it is going to be shared hosting servers, and eventually move onto dedicated/managed servers and co-location
each box we plan on running a 100Mbit port to.
I do want to keep price down by only selecting routers and switches that will get us by on 2 gig-e lines.
as far as providers we have chosen abovenet and level3 for now.
also we would like bgp to be integrated into this if possible on lower cost switches.
problem I am having is there is so many different cisco products it is making my head spin. I am currently going to school for me E-Businesss Administration degree but I have not yet got to my cisco networking classes.
Hopeing to get some good info on which products to choose for the 3 layer system recommended by cisco
Core Layer
Distribution Layer
Access Layer
-
06-24-2005, 01:41 PM #7Web Hosting Master
- Join Date
- Feb 2004
- Location
- Louisville, Kentucky
- Posts
- 1,083
You still didn't post answers to several of my questions, e.g. port count and desired features; and I would like to know more about your bugetary situation. That said, here are some suggestions. Keep in mind I really don't know enough about your plans to give you a good recommendation that will grow with you, but you haven't supplied enough information yet.
Starting out with two transit providers, you will need to either operate as two basically seperate networks without redundancy, or you will need BGP-speaking equipment now.
Cisco 3750/3560/3550-series layer-3 switches are inexpensive and do have BGP support, however, they have limited hardware routing tables and memory. You cannot accept a full BGP table on these switches, but you could use one of your transit providers, say Level3, for your egress traffic; with traffic shifting to Abovenet only if Level3 fails. Inbound traffic would reach you via both transit providers. This gives you redundancy, but you have a transit circuit that you're paying for, but are not getting very much use out of due to equipment limitations.
That option would be inexpensive in terms of capital dollars, however you would be wasting some OpEx dollars on a transit circuit. That might be a perfectly good way for you to get started, though.Jeff at Innovative Network Concepts / 212-981-0607 x8579 / AIM: jeffsw6
Expert IP network consultation and operation at affordable rates
95th Percentile Explained Rate-Limiting on Cisco IOS switches
-
06-24-2005, 04:47 PM #8Newbie
- Join Date
- Feb 2004
- Posts
- 7
as far as needed features for this kind of operation I would hope you could fill in the gaps for me let me know what I need to accomplish this.
I am looking for ddos midigation is a must, because I will be allowing IRC
definately want bgp full no limitations
port count how many ports do I really need on Core layer and Distribution Layer?
As far as access layer max ports.
I am trying to put together a required hardware list for the investors. But I want to be able to go at them with a this is why this type of hardware is required and this is why the price is justified type of approach.
Idea is on whatever size loan I receive to keep at least one year of cash to pay for operation costs such as bandwidth ect.
then we will probably be purchasing about
20 x P4 3.2Ghz with dual 160GB sata drives.
10 x Dual Xeon 3.2's with 2 x 72GB SCSI
10 x Dual Xeon 3.2's with 2 x 200GB sata drives RAID 1.
2 x NAS system
we will only be starting off with one rack but the hardware will be there for immediate exapansion.
We estimate an approximate 3 servers per month expansion in sales.
As far as what routers and switches with what options we need to do this type of operation we have no idea what would you do if you were starting this type of operation?
-
06-24-2005, 10:28 PM #9Web Hosting Master
- Join Date
- Feb 2004
- Location
- Louisville, Kentucky
- Posts
- 1,083
To be honest, your expectations are a bit unrealistic. IRC hosting attracts multi-gigabit DDoS attacks on routine basis. With just two 100baseT transit circuits, you will never be able to offer reliable services with that target painted on your network.
You'll also need to invest substantially more in routers to handle the heavy PPS loads that come with IRC hosting.Jeff at Innovative Network Concepts / 212-981-0607 x8579 / AIM: jeffsw6
Expert IP network consultation and operation at affordable rates
95th Percentile Explained Rate-Limiting on Cisco IOS switches
-
06-27-2005, 05:47 AM #10New Member
- Join Date
- Jun 2005
- Posts
- 4
If you're looking for superb filtering and ddos protection I encourage you to check with Prolexic Technologies ( formerly DigiDefense International ). They provide superb filtering and ddos protection.. its not cheap, but it essentially assures you of no downtime due to ddos attacks. Of course you can do all the filtering yourself, but as someone else said - hosting irc servers is like painting a giant target on yourself and do you therefore want to be dealing with filtering all the time, or would you rather pay someone else to do the grunt work? Not to mention since Prolexic absorbs the attacks on their bandwith you can also figure a lower ammount of bandwith needed due to not carry as much overhead for attacks...
-
06-27-2005, 12:05 PM #11Backup Guru
- Join Date
- Feb 2002
- Location
- New York, NY
- Posts
- 4,618
Originally posted by TechnoGecko
If you're looking for superb filtering and ddos protection I encourage you to check with Prolexic Technologies ( formerly DigiDefense International ). They provide superb filtering and ddos protection.. its not cheap, but it essentially assures you of no downtime due to ddos attacks.Scott Burns, President
BQ Internet Corporation
Remote Rsync and FTP backup solutions
*** http://www.bqbackup.com/ ***
-
06-27-2005, 01:21 PM #12Aspiring Evangelist
- Join Date
- Aug 2003
- Posts
- 380
Originally posted by Salvia
20 x P4 3.2Ghz with dual 160GB sata drives.
10 x Dual Xeon 3.2's with 2 x 72GB SCSI
10 x Dual Xeon 3.2's with 2 x 200GB sata drives RAID 1.
2 x NAS system
we will only be starting off with one rack but the hardware will be there for immediate exapansion.
-
06-27-2005, 07:40 PM #13Web Hosting Master
- Join Date
- Apr 2002
- Posts
- 1,162
Originally posted by Salvia
20 x P4 3.2Ghz with dual 160GB sata drives.
10 x Dual Xeon 3.2's with 2 x 72GB SCSI
10 x Dual Xeon 3.2's with 2 x 200GB sata drives RAID 1.
2 x NAS system
*AlphaOmegaHosting.Com* - Hosting since 1998
Managed Dedicated Servers and VPS
Hosted Exchange 2010 Email Service
-
06-27-2005, 11:07 PM #14Newbie
- Join Date
- Jun 2005
- Posts
- 15
You can pick up two Cisco 7200 with NPE-300 processors and three fast-e ports each for less than 10k. With two gig-e ports you'll pay a little more. In todays age of multi-million pps routing, 300k pps doesn't sound like much, but if you're just starting out it's still quite substancial. And frankly, by the time you blow out those routers you had better be making enough to buy something more substancial. Else you don't have a business
With two 7200's each connected to one upstream, each running BGP with the upstream, and an internal routing protocol between the routers, you have a fully redudant routing infrastructure that also puts both routers CPU's to use. That assumes you have a redudant switching fabric. The alternative is an HSRP setup where one router is a hot spare.
I believe that defending against DDOS on a router is a poor choice, as that runs you the risk of burning up the CPU and impacting performance and availability of your network. As such you should be considering an external device in front of the routers with 1Mpps capacity minimum, and preferably more.
As far as your IRC requirement, I don't know what to tell you there. Like the other guy said, you don't have the bandwidth to defend against a major DDOS attack, and as such the discussion there is moot.
I hope this helps. Obviously there are a lot of variables that need to be considered, and only you know them all.
-
06-28-2005, 04:41 AM #15Web Hosting Master
- Join Date
- Feb 2004
- Location
- Louisville, Kentucky
- Posts
- 1,083
Originally posted by convergentns
You can pick up two Cisco 7200 with NPE-300 processors and three fast-e ports each for less than 10k. With two gig-e ports you'll pay a little more.
you have a fully redudant routing infrastructure that also puts both routers CPU's to use.Jeff at Innovative Network Concepts / 212-981-0607 x8579 / AIM: jeffsw6
Expert IP network consultation and operation at affordable rates
95th Percentile Explained Rate-Limiting on Cisco IOS switches
-
06-28-2005, 08:33 PM #16WHT Addict
- Join Date
- Feb 2004
- Posts
- 136
When recently shopping for a similar application for a client, we purchased 2 Base Juniper M7i's with 2 x 10/100 for for a small premium over what you would pay for an NPE-400 equiped 7200 series FE platform.
-
06-28-2005, 09:45 PM #17Newbie
- Join Date
- Jun 2005
- Posts
- 15
In response to jsw...
Acheiving linear scalability in PPS performance though multiple egress routers within a BGP routing environment is obviously unattainable within an Internet connected network.
Further the senario I suggested wouldn't really be redudant unless the aggregate packet flow though both routers did not exceed the capacity of a single router. Else in the case of a failure network performance would be impacted. Therefore doubling CPU capacity is not a true objective. My point was that short term spurious increases in traffic (such as during a DDOS attack) could be better addressed with both CPU's routing instead of just one.
If you could post the new Cisco model numbers that provide 300-400kpps performance for less than $5,000 each with dual gig-E interfaces that would be great. I don't happen to know of any, so perhaps you'd be good enough to share. That information of course would immediately impact the secondary market for 7200's, or at least push prices way down. So it would be a good thing for all of us, except equiptment vendors of course
-
06-29-2005, 07:14 AM #18New Member
- Join Date
- Jun 2005
- Location
- Portugal
- Posts
- 1
Hello to you all. It's my first post here. I have already learned a lot by reading this forum. Thanks to all that post.
DoubleD can you tell me the supplier of those Juniper M7. I would like to buy one. Thanks.
-
06-29-2005, 11:28 AM #19Web Hosting Master
- Join Date
- Feb 2004
- Location
- Louisville, Kentucky
- Posts
- 1,083
Originally posted by convergentns
If you could post the new Cisco model numbers that provide 300-400kpps performance for less than $5,000 each with dual gig-E interfaces that would be great.Jeff at Innovative Network Concepts / 212-981-0607 x8579 / AIM: jeffsw6
Expert IP network consultation and operation at affordable rates
95th Percentile Explained Rate-Limiting on Cisco IOS switches
-
06-29-2005, 02:42 PM #20Temporarily Suspended
- Join Date
- Jun 2005
- Posts
- 8
I suggest linksys
-
06-30-2005, 12:23 AM #21WHT Addict
- Join Date
- Feb 2004
- Posts
- 136
The Cisco ISR's have alot more power than the previous generation Cisco's in the same price range. There seems to be a real lack of performace numbers on these units though as most of the test reports have been focused on the flexibility of these boxes, instead of raw throughput. However for 2 x 10/100 on a tight budget, I would probably stick with PC based routers running FreeBSD5 or Imagestream PC based routers if you want the extra security of a warranty and support. When you outgrow this investment, you should have enough income to support the Jump to Juniper or Cisco 7600/6500.
convergentns: If you have a source for 7200's with Dual Gig-E for $5k I'd love to know where. The NPE-G1 is typically more than that alone in the used market.