Results 1 to 18 of 18
  1. #1
    Join Date
    Jun 2006
    Location
    Calgary, Alberta
    Posts
    688

    Network Switch recommendation

    Hello fellow WHT'ers!

    I'm in the market for a network switch to handle two network providers in BGP.

    My requirements should be easy to meet;

    - Run BGP
    - Support full tables
    - Must be GigE
    - First network provider connection is being delivered via copper on a GigE port (already have)
    - Second network provider connection is being delivered via single-mode fibre on a GigE port (will be signing shortly)
    - No plans for 10GigE or higher ports at this time (when it's time ill just replace the hardware down the road)
    - IPv6 support would be nice, but not required.

    Ill be getting a ASN from ARIN and using a /24 from one of the providers since I do not meet the requirements to get my own IPv4 block from ARIN at this time and having it announced with the other provider.

    Used equipment suggestions is welcome!

    Thank you.

  2. #2
    Join Date
    Mar 2013
    Location
    Orlando, FL
    Posts
    317
    I would go with an EX4200.

  3. #3
    Join Date
    Jun 2006
    Location
    Calgary, Alberta
    Posts
    688
    Quote Originally Posted by CloudComputingLV View Post
    I would go with an EX4200.
    How hard is the learning curve from Cisco to Juniper?

  4. #4
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,294
    Quote Originally Posted by CloudComputingLV View Post
    I would go with an EX4200.
    Can't do full tables

    Quote Originally Posted by benj114 View Post
    How hard is the learning curve from Cisco to Juniper?
    Its pretty different from cisco.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  5. #5
    Join Date
    Oct 2002
    Location
    Vancouver, B.C.
    Posts
    2,656
    There aren't really any 'switches' per se that will do full tables. You'll need to do look into a router, or a switch that can act as a router like the Cisco 6500/7600 series. They're power hungry beasts that will take up more space and power than you probably want though. Given your requirements, you're really looking for a router. If you're on a budget, for just Gb level Vyatta or some form of Linux or BSD running Quagga, OpenBGPd, or BIRD might work for you. You can setup a pair if reliability is a concern.

    Is there a specific reason you'll be multi-homing?
    ASTUTE HOSTING: Advanced, customized, and scalable solutions with AS54527 Premium Canadian Optimized Network (Level3, PEER1, Shaw, Tinet)
    MicroServers.io: Enterprise Dedicated Hardware with IPMI at VPS-like Prices using AS63213 Affordable Bandwidth (Cogent, HE, Tinet)
    Dedicated Hosting, Colo, Bandwidth, and Fiber out of Vancouver, Seattle, LA, Toronto, NYC, and Miami

  6. #6
    @benj114 you can always go for Mikrotik's router named Cloud Core Router and for switch CRS125-24G-1S-RM for any of their switches. The have a nice graphical management interface… but we use Juniper MX routers and EX switches… which answers your question...
    Host Color Cloud Servers & Dedicated Hosting & European Infrastructure Hosting
    U.S. Data center 90 miles from Chicago
    Network ★ AS46873 Level 3, Cogent, Hurricane Electric, Retn.net, Midwest Peering
    24/7 Support 1-574-367-2393; Skype: HostColor

  7. #7
    Juniper MX5
    Brocade CER
    Cisco ASR1001
    Various software/firewall options

    Catalyst 6500 would be really overkill for 2 ports. Even if you already have one you likely don't have the right supervisors to do full tables.

  8. #8
    Join Date
    Aug 2004
    Location
    Dallas, TX
    Posts
    3,507
    Skip this awkward non profitable stage and just buy a bgp blend static or ospf routed to your switch. At 1 gig you're not going to have the buying power for cost effective bit/sec. Just have your dc or whoever can provide the blend announce your ips. Venture into your own bgp when you're ready for 10gig total commit over two carriers. Otherwise you're spending a ton on bandwidth per bit/sec using a cheapo router and diving in the deep end. Also plan for those 1gig ports to be saturated with even the smallest ddos. :-(
    Dallas Colocation by Incero, 8 years and counting!
    e: sales(at)incero(dot)com 855.217.COLO (2656)
    Colocation & Enterprise Servers, SATA/SAS/SSD, secure IPMI/KVM remote control, 100% U.S.A. Based Staff
    SSAE 16, SAS70, Redundant Power & Network, Fully Diverse Fiber

  9. #9
    Quote Originally Posted by gordonrp View Post
    Skip this awkward non profitable stage and just but a bgp blend static or ospf routed to your switch. At 1 gig you're not going to have the buying power for cost effective bit/sec. Just have your dc or whoever can provide the blend announce your ips. Venture into your own bgp when you're ready for 10gig total commit over two carriers. Otherwise you're spending a ton on bandwidth per bit/sec using a cheapo router and diving in the deep end. Also plan for those 1gig ports to be saturated with even the smallest ddos. :-(
    We've done lots of deals with 1G commits on 10G ports (usually 2-4 providers per site) at what I think are pretty reasonable $ values.

    If all you need is full gig, there are usually some good deals out there.

    If you just buy a blend you are at the mercy of whoever runs that blend for fixing any congestion issues. If you multihome yourself you have control over that.

    In a DDOS situation, if you are sitting on a 1G port, you are going to be reliant on your upstream blackholing for you either way if that is a tier-1 or a blend. Maybe if its a blend from your DC you might have a better relationship with them, but they also might not be as experienced in this as the tier-1's NOC.

  10. #10
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,294
    Vyatta or Bigiron RX (512k routes but its entry level).
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  11. #11
    Quote Originally Posted by Steven View Post
    Vyatta or Bigiron RX (512k routes but its entry level).
    Given that we are seeing 475k routes from most providers, I bet we will exceed 512k by the end of 2014. I would avoid buying anything that can only support 512k routes today.

  12. #12
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,294
    Quote Originally Posted by Xeon852 View Post
    Given that we are seeing 475k routes from most providers, I bet we will exceed 512k by the end of 2014. I would avoid buying anything that can only support 512k routes today.
    If he is starting out he can filter /24's.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  13. #13
    Quote Originally Posted by Steven View Post
    If he is starting out he can filter /24's.
    Then why not just take a Trident II switch that can do 128k routes in hardware, and get customer only routes from your two providers, and ECMP the defaults to the rest of the internet?

  14. #14
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,294
    Quote Originally Posted by Xeon852 View Post
    Then why not just take a Trident II switch that can do 128k routes in hardware, and get customer only routes from your two providers, and ECMP the defaults to the rest of the internet?
    Well in favor of the OP, foundry has similar syntax to cisco as he was asking about it. I am not sure what the Trident II looks like for a cli as I have not used it.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  15. #15
    Quote Originally Posted by Steven View Post
    Well in favor of the OP, foundry has similar syntax to cisco as he was asking about it. I am not sure what the Trident II looks like for a cli as I have not used it.
    Trident II is just the Broadcom silicon, Brocade's switch would be ICX7750 (its 96x10G silicon, so way overkill for this). It was a bit of an exaggeration, the point being that if you are buying new hardware why bother filtering routes. If you already own it thats one thing, but I can't see buying 512k route hardware today.

    Should be able to get a CER with no 10G for cheap and wouldn't have to filter routes (does like 2M routes in FIB). And you can always add the 2x10G later if you need it. Only real downside is no redundant route modules (if you want redundancy, just buy 2 and run ibgp between them).

  16. #16
    Join Date
    Sep 2010
    Location
    /usr/bin/fail
    Posts
    858
    For vyatta type router take a look at the UBIQUITI EdgeRouter Pro. The street price is around $350-$400.

    http://www.ubnt.com/edgemax#edge-router-pro

    Here is a place that has it in stock.
    http://www.compunetworkinc.com/Store...outers/04.html


    The latest addition to the EdgeMAX family, the EdgeRouter provides higher performance (2M packets per second) and powerful EdgeOS software. The EdgeRouter is rack mountable and has 6 Ethernet ports and 2 SFP ports.
    Performance: 8 Gbps for packets 512 bytes or larger in sizePorts: (6) Gigabit routing ports and (2) Gigabit RJ45/SFP combination portsRouting: 2 million+ packets per second for 64-byte packets

  17. #17
    Join Date
    Oct 2002
    Location
    Vancouver, B.C.
    Posts
    2,656
    Quote Originally Posted by gordonrp View Post
    Skip this awkward non profitable stage and just buy a bgp blend static or ospf routed to your switch. At 1 gig you're not going to have the buying power for cost effective bit/sec. Just have your dc or whoever can provide the blend announce your ips. Venture into your own bgp when you're ready for 10gig total commit over two carriers. Otherwise you're spending a ton on bandwidth per bit/sec using a cheapo router and diving in the deep end. Also plan for those 1gig ports to be saturated with even the smallest ddos. :-(
    +1

    Now, if you have the budget to pony up for routers and a team to support it, and are certain you'll grow into it within a reasonable amount of time, it might be worth making the capital investment now. Otherwise, use those $10K's of dollars to grow your business instead.

    Quote Originally Posted by Xeon852 View Post
    If you just buy a blend you are at the mercy of whoever runs that blend for fixing any congestion issues. If you multihome yourself you have control over that.
    Being at the mercy of whoever runs that blend is going to be better than being at the mercy of your own 24/7 NOC and network engineering team, if these don't actually exist.

    Quote Originally Posted by Xeon852 View Post
    In a DDOS situation, if you are sitting on a 1G port, you are going to be reliant on your upstream blackholing for you either way if that is a tier-1 or a blend. Maybe if its a blend from your DC you might have a better relationship with them, but they also might not be as experienced in this as the tier-1's NOC.
    You can still turn up BGP with a single provider for the ability to inject null routes. It can just be a separate box on a separate feed specifically for this purpose, as you will want something out-of-band that you can still reach when you're under attack.
    Last edited by hhw; 02-08-2014 at 02:22 PM.
    ASTUTE HOSTING: Advanced, customized, and scalable solutions with AS54527 Premium Canadian Optimized Network (Level3, PEER1, Shaw, Tinet)
    MicroServers.io: Enterprise Dedicated Hardware with IPMI at VPS-like Prices using AS63213 Affordable Bandwidth (Cogent, HE, Tinet)
    Dedicated Hosting, Colo, Bandwidth, and Fiber out of Vancouver, Seattle, LA, Toronto, NYC, and Miami

  18. #18
    Join Date
    Oct 2013
    Location
    San Jose, California
    Posts
    40
    Quote Originally Posted by Xeon852 View Post
    Should be able to get a CER with no 10G for cheap and wouldn't have to filter routes (does like 2M routes in FIB). And you can always add the 2x10G later if you need it. Only real downside is no redundant route modules (if you want redundancy, just buy 2 and run ibgp between them).
    Yes, one little detail I feel you need to keep in mind when looking at Brocade CER is you need to focus on the -RT models if you want to get the high number of routes. This is very important if you are going to start looking for used models.

Similar Threads

  1. Switch Recommendation
    By 46reasons in forum Colocation and Data Centers
    Replies: 19
    Last Post: 06-16-2013, 09:30 PM
  2. Switch Recommendation
    By StealthyHosting in forum Infrastructure & Hosting Company Discussions
    Replies: 0
    Last Post: 04-28-2013, 03:12 AM
  3. L2 Switch Recommendation
    By EastCoast in forum Colocation and Data Centers
    Replies: 12
    Last Post: 08-17-2012, 04:00 AM
  4. Network Switch Recommendation
    By brc_csf in forum Colocation and Data Centers
    Replies: 33
    Last Post: 06-14-2010, 11:00 AM
  5. Switch recommendation
    By mmm in forum Colocation and Data Centers
    Replies: 7
    Last Post: 09-14-2007, 03:26 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •