|
Home > Archive > Voice over IP Cisco > January 2006 > VOIP Gateway Router upgrade to handle growth
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
VOIP Gateway Router upgrade to handle growth
|
|
| josh harrington 2006-01-23, 5:45 pm |
| Hello, hope this isn't too far offtopic here but being a troller for a long
time here I've realized there is a great knowledge base so I wanted to at
least see if i could get some tips. I help run a small colocation company
in California and I am in the middle of recommending a new 'core router'
platform for our network. We offer mainly colo and dedicated servers, and
several of our clients use our space for VOIP services so quality even under
high peak usage is a must. We are not huge, but as we have had near 200%
growth in the past 12 months and need to expand our network asap to keep up.
Simply put, I'd love to hear feedback and/or suggestions from any of you
guys who have gone through this already.
Our network map is real simple:
[Carrier 7609] --> 100 mbit --> Our cisco 7206 --> 100 mbit --> racks
[the racks on our end are a series of switches, mainly 2948gl3's]
We push about 60 mbit to/from our (1) carrier at peak right now, and the
router keeps up fine [its a cisco 7206 npe 150 btw, very low end on the 7206
line], and at peak we have under 50,000 packets per second, and our 7206
has little/no features enabled [just static routes and passing all traffic
between 2 Ethernet 100 mbit interfaces].
To date we have had 2 problems, both were DOS attacks launched FROM one of
our customer's servers flooding a full 100 mbit wire with more packets per
second than the router could handle (the 2948gl3's spiked to about 50% cpu
load during the attack but the 7200 literally just died for 3 minutes as the
interface(s) all rebooted]. So our main goal to grow is something that can
handle a lot more in this arena against a DOS, and handle our future growth.
In then next 12 months we plan to add a 2nd carrier, at t3, 100mbit, or
possibly oc3 speed, and possibly upgrade our main carrier to a GigE
connection. Probably maxing combined in the 300 mbit range, more likely
closer to half that in 12 months.
==== Problems/Requirements ====
- Budget is in the $5k to $20k range ($20k if its going to outlast me even
past my 12 month projections)
- must not 'collapse' under simple packet flow DOS attack
- must handle BGP4 from 2 carriers with full route tables
- We plan to buy used, prices below are based on USED, 30 day warranty ebay
postings
===== Choices/Options that we have looked at: ====
Option #1: cisco VXR 7206 [$4k to $12k]
Option #2: cisco 12008 [$7k to $14k]
Option #3: cisco 6509 [$10k to $15k]
Here are the 3 main options, broken down a bit more in depth. [I have not
ruled out juniper all together, but not enough experience with them and
lots of experience with cisco, makes cisco our better option i think,
especially since its easier to find used cisco gear than it is to find used
juniper gear at a decent price].
[option #1 - cisco 7206 VXR]
--------------------------------
Estimated: $4,000 [$6,000 with 400 mhz, $12,000 with the 1 ghz cpu upgrade]
1 cisco 7206 VXR NPE 300 mhz w/max ram
2 AC Power
2 Fast Ethernet Adapters (1 included on the NPE)
+ lots of experience on this unit
+ lots of spare cards (most compatible)
+ can keep old 7200 as a hot standby, minimizing long term downtime
- END OF LIFE/sale/support on most of the 7200 product line over 5 years
ago! The VXR model is darn close to end of life i suspect
- minimal horse power here for the money, prone to death by packet attack
[option #2 - cisco GSR (12008)]
--------------------------------
Estimated: $7,000 to $14,000 [varies if I start with GigE or just 100mbit]
1 Cisco12008 GSR 40Gbps
1 Clock Scheduler Card (GSR8)
3 Switch Fabric Card (GSR8)
2 AC Power
1 4 port OC-3c/STM-1 Single Mode
1 GE card or a 4 port x 100 mbit
+ much higher total bandwidth/packet processing power compared to 7200, for
similar money
- product is long since obsolete and outclassed by the 760x cisco router,as
well as just about any juniper router in the m20+ tier.
- I'd bet if i buy this, cisco will classify it end of life within 3 months
- over priced 'blade cards' to add any other functions/circuits (high costs)
[option #3 - cisco 6509 switch'router' w/MSFC2]
------------------------------------------------------------
Estimated: $10,000 - $15,000 (and up depending on config)
1 WS-C6509 cisco Catalyst 6500 9-Slot Chassis
1 WS-C6K-9SLOT-FAN Catalyst 6000 Fan Tray for 9-Slot Systems
1 WS-C6X09-RACK Catalyst 6x09 Rack Mount Kit
2 WS-CAC-1300W 1300W AC Power Supply
1 CAB-7513AC AC Power Cord
1 WS-X6K-S1A-MSFC2 Catalyst 6500 Supervisor Engine-2, 2GE, plus MSFC-2 / PFC
(WS-X6K-S1A-2GE + MSFC-2 & PFC)
1 MEM-C6K-FLC24M 24MB Flash Card
1 WS-X6408A-GBIC Catalyst 6500 8-Port Gigabit Ethernet Module (Req. GBICs)
1 WS-X6348-RJ-45 Catalyst 6500 48-Port 10/100 RJ-45 Module
+ could consolidate router/switch into 1 [i.e. replace my 48 port switches
in each rack]
+ still a major product with sales/support, no end of life 'soon', this is
still a primary flag ship product
- 'not a router' as some would say [though this one is as good as it gets
for a switch with router ability built in, so i read at least]
- bgp4 support appears limited in previous versions, but the MSFC2 processor
supposedly can handle (2) bgp4 sessions properly [makes me nervous]
- no support for anything but 100mbit, or gigE links, wont work with t3, or
oc3 lines [since i don't know what ill buy from my next carrier this is a
draw back since i may very well get a circuit this switch/router can't use]
- 'all eggs in 1 basket' theory, if it breaks you loose all your ether
switches! [at least with separate routers/switches i can swap in an old 7206
router spare and get back online fast in a worst case scenario.
-- OK so if you read this far, you probably wonder why the heck am i asking
you guys and not calling cisco and juniper, and others? Well I have, andI
have, they all gave me their input- but I'd love to hear from some real
people in the field rather than sales engineers and bloated brochures
claiming much more capacity than true world usage will produce etc.
- Josh Harington jharington68@hotmail.com
________________________________________
_________________________
Don’t just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/...6ave/direct/01/
| |
| Voll, Scott 2006-01-23, 5:45 pm |
| Josh--
I think you're better off sending this to the NSP list rather then the
VoIP list IMHO.
Personally I like the 6509's but the Sup1a looks to be EoS
http://www.cisco.com/en/US/customer...ps708/prod_eol_
notice0900aecd8017a5d1.html
I don't know why you can't have a T3(DS3) on a Cat6509. we use a
flexwan and have both a ATM DS3 and Channelized DS3. But for two BGP
feeds you would really look at a sup720/msfc3. If you run dual Sups you
have redundancy in the box. But your cost just increased about 200%.
Haven't used the other routers in question so can't give you a good
opinion.
Scott
PS> with the Cat6509 you can get a CMM blade to be your VGW.
-----Original Message-----
From: cisco-voip-bounces@puck.nether.net
[mailto:cisco-voip-bounces@puck.nether.net] On Behalf Of josh harrington
Sent: Monday, January 23, 2006 2:57 PM
To: cisco-voip@puck.nether.net
Subject: [cisco-voip] VOIP Gateway Router upgrade to handle growth
Hello, hope this isn't too far offtopic here but being a troller for a
long
time here I've realized there is a great knowledge base so I wanted to
at
least see if i could get some tips. I help run a small colocation
company
in California and I am in the middle of recommending a new 'core router'
platform for our network. We offer mainly colo and dedicated servers,
and
several of our clients use our space for VOIP services so quality even
under
high peak usage is a must. We are not huge, but as we have had near
200%
growth in the past 12 months and need to expand our network asap to keep
up.
Simply put, I'd love to hear feedback and/or suggestions from any of you
guys who have gone through this already.
Our network map is real simple:
[Carrier 7609] --> 100 mbit --> Our cisco 7206 --> 100 mbit --> racks
[the racks on our end are a series of switches, mainly 2948gl3's]
We push about 60 mbit to/from our (1) carrier at peak right now, and the
router keeps up fine [its a cisco 7206 npe 150 btw, very low end on the
7206
line], and at peak we have under 50,000 packets per second, and our 7206
has little/no features enabled [just static routes and passing all
traffic
between 2 Ethernet 100 mbit interfaces].
To date we have had 2 problems, both were DOS attacks launched FROM one
of
our customer's servers flooding a full 100 mbit wire with more packets
per
second than the router could handle (the 2948gl3's spiked to about 50%
cpu
load during the attack but the 7200 literally just died for 3 minutes as
the
interface(s) all rebooted]. So our main goal to grow is something that
can
handle a lot more in this arena against a DOS, and handle our future
growth.
In then next 12 months we plan to add a 2nd carrier, at t3, 100mbit, or
possibly oc3 speed, and possibly upgrade our main carrier to a GigE
connection. Probably maxing combined in the 300 mbit range, more likely
closer to half that in 12 months.
==== Problems/Requirements ====
- Budget is in the $5k to $20k range ($20k if its going to outlast me
even
past my 12 month projections)
- must not 'collapse' under simple packet flow DOS attack
- must handle BGP4 from 2 carriers with full route tables
- We plan to buy used, prices below are based on USED, 30 day warranty
ebay
postings
===== Choices/Options that we have looked at: ====
Option #1: cisco VXR 7206 [$4k to $12k]
Option #2: cisco 12008 [$7k to $14k]
Option #3: cisco 6509 [$10k to $15k]
Here are the 3 main options, broken down a bit more in depth. [I have
not
ruled out juniper all together, but not enough experience with them and
lots of experience with cisco, makes cisco our better option i think,
especially since its easier to find used cisco gear than it is to find
used
juniper gear at a decent price].
[option #1 - cisco 7206 VXR]
--------------------------------
Estimated: $4,000 [$6,000 with 400 mhz, $12,000 with the 1 ghz cpu
upgrade]
1 cisco 7206 VXR NPE 300 mhz w/max ram
2 AC Power
2 Fast Ethernet Adapters (1 included on the NPE)
+ lots of experience on this unit
+ lots of spare cards (most compatible)
+ can keep old 7200 as a hot standby, minimizing long term downtime
- END OF LIFE/sale/support on most of the 7200 product line over 5 years
ago! The VXR model is darn close to end of life i suspect
- minimal horse power here for the money, prone to death by packet
attack
[option #2 - cisco GSR (12008)]
--------------------------------
Estimated: $7,000 to $14,000 [varies if I start with GigE or just
100mbit]
1 Cisco12008 GSR 40Gbps
1 Clock Scheduler Card (GSR8)
3 Switch Fabric Card (GSR8)
2 AC Power
1 4 port OC-3c/STM-1 Single Mode
1 GE card or a 4 port x 100 mbit
+ much higher total bandwidth/packet processing power compared to 7200,
for
similar money
- product is long since obsolete and outclassed by the 760x cisco
router, as
well as just about any juniper router in the m20+ tier.
- I'd bet if i buy this, cisco will classify it end of life within 3
months
- over priced 'blade cards' to add any other functions/circuits (high
costs)
[option #3 - cisco 6509 switch'router' w/MSFC2]
------------------------------------------------------------
Estimated: $10,000 - $15,000 (and up depending on config)
1 WS-C6509 cisco Catalyst 6500 9-Slot Chassis
1 WS-C6K-9SLOT-FAN Catalyst 6000 Fan Tray for 9-Slot Systems
1 WS-C6X09-RACK Catalyst 6x09 Rack Mount Kit
2 WS-CAC-1300W 1300W AC Power Supply
1 CAB-7513AC AC Power Cord
1 WS-X6K-S1A-MSFC2 Catalyst 6500 Supervisor Engine-2, 2GE, plus MSFC-2 /
PFC
(WS-X6K-S1A-2GE + MSFC-2 & PFC)
1 MEM-C6K-FLC24M 24MB Flash Card
1 WS-X6408A-GBIC Catalyst 6500 8-Port Gigabit Ethernet Module (Req.
GBICs)
1 WS-X6348-RJ-45 Catalyst 6500 48-Port 10/100 RJ-45 Module
+ could consolidate router/switch into 1 [i.e. replace my 48 port
switches
in each rack]
+ still a major product with sales/support, no end of life 'soon', this
is
still a primary flag ship product
- 'not a router' as some would say [though this one is as good as it
gets
for a switch with router ability built in, so i read at least]
- bgp4 support appears limited in previous versions, but the MSFC2
processor
supposedly can handle (2) bgp4 sessions properly [makes me nervous]
- no support for anything but 100mbit, or gigE links, wont work with t3,
or
oc3 lines [since i don't know what ill buy from my next carrier this is
a
draw back since i may very well get a circuit this switch/router can't
use]
- 'all eggs in 1 basket' theory, if it breaks you loose all your ether
switches! [at least with separate routers/switches i can swap in an old
7206
router spare and get back online fast in a worst case scenario.
-- OK so if you read this far, you probably wonder why the heck am i
asking
you guys and not calling cisco and juniper, and others? Well I have,
and I
have, they all gave me their input- but I'd love to hear from some real
people in the field rather than sales engineers and bloated brochures
claiming much more capacity than true world usage will produce etc.
- Josh Harington jharington68@hotmail.com
________________________________________
_________________________
Don't just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/...6ave/direct/01/
| |
| Ed Leatherman 2006-01-23, 8:45 pm |
| It seems like one of your primary concerns is DoS attacks. Have you
compared the QoS features available on the different platforms/IOS
versions? Just a thought, if there are differences that might help you
decide. Like some of them might support backplane or CPU policing? I'd
have to dig up my notes back at the office for the proper mumbojumbo
terms..
I only have experience with 6500's directly, we seem to have pretty
good experience with them so far here using them for switching and/or
routing. Other than the one time the side handle fell off one of them
out of the box and the TAC tried to claim it was an "act of God." -
God was not amused. We got it straightened out though
We have some VXR routers that I dont know of any problems with - but I
dont mess with them at all.
On 1/23/06, josh harrington <jharington68@hotmail.com> wrote:
> Hello, hope this isn't too far offtopic here but being a troller for a long
> time here I've realized there is a great knowledge base so I wanted to at
> least see if i could get some tips. I help run a small colocation company
> in California and I am in the middle of recommending a new 'core router'
> platform for our network. We offer mainly colo and dedicated servers, and
> several of our clients use our space for VOIP services so quality even under
> high peak usage is a must. We are not huge, but as we have had near 200%
> growth in the past 12 months and need to expand our network asap to keep up.
> Simply put, I'd love to hear feedback and/or suggestions from any of you
> guys who have gone through this already.
>
> Our network map is real simple:
>
> [Carrier 7609] --> 100 mbit --> Our cisco 7206 --> 100 mbit --> racks
>
> [the racks on our end are a series of switches, mainly 2948gl3's]
>
> We push about 60 mbit to/from our (1) carrier at peak right now, and the
> router keeps up fine [its a cisco 7206 npe 150 btw, very low end on the 7206
> line], and at peak we have under 50,000 packets per second, and our 7206
> has little/no features enabled [just static routes and passing all traffic
> between 2 Ethernet 100 mbit interfaces].
>
> To date we have had 2 problems, both were DOS attacks launched FROM one of
> our customer's servers flooding a full 100 mbit wire with more packets per
> second than the router could handle (the 2948gl3's spiked to about 50% cpu
> load during the attack but the 7200 literally just died for 3 minutes as the
> interface(s) all rebooted]. So our main goal to grow is something that can
> handle a lot more in this arena against a DOS, and handle our future growth.
>
> In then next 12 months we plan to add a 2nd carrier, at t3, 100mbit, or
> possibly oc3 speed, and possibly upgrade our main carrier to a GigE
> connection. Probably maxing combined in the 300 mbit range, more likely
> closer to half that in 12 months.
>
> ==== Problems/Requirements ====
> - Budget is in the $5k to $20k range ($20k if its going to outlast me even
> past my 12 month projections)
> - must not 'collapse' under simple packet flow DOS attack
> - must handle BGP4 from 2 carriers with full route tables
> - We plan to buy used, prices below are based on USED, 30 day warranty ebay
> postings
>
> ===== Choices/Options that we have looked at: ====
> Option #1: cisco VXR 7206 [$4k to $12k]
> Option #2: cisco 12008 [$7k to $14k]
> Option #3: cisco 6509 [$10k to $15k]
>
> Here are the 3 main options, broken down a bit more in depth. [I have not
> ruled out juniper all together, but not enough experience with them and
> lots of experience with cisco, makes cisco our better option i think,
> especially since its easier to find used cisco gear than it is to find used
> juniper gear at a decent price].
>
> [option #1 - cisco 7206 VXR]
> --------------------------------
> Estimated: $4,000 [$6,000 with 400 mhz, $12,000 with the 1 ghz cpu upgrade]
> 1 cisco 7206 VXR NPE 300 mhz w/max ram
> 2 AC Power
> 2 Fast Ethernet Adapters (1 included on the NPE)
>
> + lots of experience on this unit
> + lots of spare cards (most compatible)
> + can keep old 7200 as a hot standby, minimizing long term downtime
> - END OF LIFE/sale/support on most of the 7200 product line over 5 years
> ago! The VXR model is darn close to end of life i suspect
> - minimal horse power here for the money, prone to death by packet attack
>
> [option #2 - cisco GSR (12008)]
> --------------------------------
> Estimated: $7,000 to $14,000 [varies if I start with GigE or just 100mbit]
> 1 Cisco12008 GSR 40Gbps
> 1 Clock Scheduler Card (GSR8)
> 3 Switch Fabric Card (GSR8)
> 2 AC Power
> 1 4 port OC-3c/STM-1 Single Mode
> 1 GE card or a 4 port x 100 mbit
>
> + much higher total bandwidth/packet processing power compared to 7200, for
> similar money
> - product is long since obsolete and outclassed by the 760x cisco router, as
> well as just about any juniper router in the m20+ tier.
> - I'd bet if i buy this, cisco will classify it end of life within 3 months
>
> - over priced 'blade cards' to add any other functions/circuits (high costs)
>
> [option #3 - cisco 6509 switch'router' w/MSFC2]
> ------------------------------------------------------------
> Estimated: $10,000 - $15,000 (and up depending on config)
> 1 WS-C6509 cisco Catalyst 6500 9-Slot Chassis
> 1 WS-C6K-9SLOT-FAN Catalyst 6000 Fan Tray for 9-Slot Systems
> 1 WS-C6X09-RACK Catalyst 6x09 Rack Mount Kit
> 2 WS-CAC-1300W 1300W AC Power Supply
> 1 CAB-7513AC AC Power Cord
> 1 WS-X6K-S1A-MSFC2 Catalyst 6500 Supervisor Engine-2, 2GE, plus MSFC-2 / PFC
> (WS-X6K-S1A-2GE + MSFC-2 & PFC)
> 1 MEM-C6K-FLC24M 24MB Flash Card
> 1 WS-X6408A-GBIC Catalyst 6500 8-Port Gigabit Ethernet Module (Req. GBICs)
> 1 WS-X6348-RJ-45 Catalyst 6500 48-Port 10/100 RJ-45 Module
>
>
> + could consolidate router/switch into 1 [i.e. replace my 48 port switches
> in each rack]
> + still a major product with sales/support, no end of life 'soon', this is
> still a primary flag ship product
> - 'not a router' as some would say [though this one is as good as it gets
> for a switch with router ability built in, so i read at least]
> - bgp4 support appears limited in previous versions, but the MSFC2 processor
> supposedly can handle (2) bgp4 sessions properly [makes me nervous]
> - no support for anything but 100mbit, or gigE links, wont work with t3, or
> oc3 lines [since i don't know what ill buy from my next carrier this is a
> draw back since i may very well get a circuit this switch/router can't use]
> - 'all eggs in 1 basket' theory, if it breaks you loose all your ether
> switches! [at least with separate routers/switches i can swap in an old 7206
> router spare and get back online fast in a worst case scenario.
>
>
> -- OK so if you read this far, you probably wonder why the heck am i asking
> you guys and not calling cisco and juniper, and others? Well I have, and I
> have, they all gave me their input- but I'd love to hear from some real
> people in the field rather than sales engineers and bloated brochures
> claiming much more capacity than true world usage will produce etc.
>
> - Josh Harington jharington68@hotmail.com
>
> ________________________________________
_________________________
> Don't just search. Find. Check out the new MSN Search!
> http://search.msn.click-url.com/go/...6ave/direct/01/
>
>
>
> ________________________________________
_______
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
>
--
Ed Leatherman
IP Telephony Coordinator
West Virginia University
Telecommunications and Network Operations
| |
| Phil Genera 2006-01-24, 2:45 am |
| Voll, Scott wrote:
> Josh--
>
> I think you're better off sending this to the NSP list rather then the
> VoIP list IMHO.
Maybe he already did. I got it on NANOG too, just with a different
subject. Sigh.
--
Phil
|
|
|
|
|