Be gratefull if anyone can give me a pointer here... I need a router with 14 fibre ports. The thing is I don't want to spend 25,000 Plus on a router like a Cisco 4000 series or a top of the line Nortel. We don't need terrabits of routing capability and hundreds of wan ports etc.. What I'm looking for is a router than can do full layer 4 routing on 14 fibres, each running at no more than 100 Mbps. Any ideas ? Cheers Tikiri
On Tuesday, Sep 9, 2003, at 09:00 Canada/Eastern, Tikiri Wicks wrote:
Be gratefull if anyone can give me a pointer here... I need a router with 14 fibre ports. The thing is I don't want to spend 25,000 Plus on a router like a Cisco 4000 series or a top of the line Nortel. We don't need terrabits of routing capability and hundreds of wan ports etc.. What I'm looking for is a router than can do full layer 4 routing on 14 fibres, each running at no more than 100 Mbps.
Any ideas ?
Find a router that you like with a gigabit ethernet interface, and plug it into a suitable switch. Configure that gig port as an 802.1q trunk. Configure 14 VLANs on the switch, and assign one 100M port to each. Configure 14 VLAN interfaces on the router. If you can't find a switch that you like with suitable numbers of SX ports (assuming it's SX you want), buy some external transceivers. There are modular units around that will do the media conversion you need, so it doesn't have to be too messy. 100M switch ports are invariably cheaper than 100M router ports. If you really want to route 100M between interfaces without dropping frames, you'll want to be able to handle line rate on the gig port. That means you're talking about expensive routers, quite possibly sold by vendors whose initial letter is not "c". If you only want to be able to burst near 100M on those ports, and the requirement for aggregate backplane throughput is lower, you can make do with a cheaper router. If your budget is less than $25,000, look for second-hand routers or consider building something with a fat PCI bus and a gig card which can run *BSD (or something else cheap and reliable that can grok 802.1q tags) and plug that into the switch. I don't think cisco 4000s run to $25,000, incidentally. They were considered old and crufty about six years ago. Joe
On Tuesday, September 9, 2003, at 11:10 AM, Joe Abley wrote:
If your budget is less than $25,000, look for second-hand routers or consider building something with a fat PCI bus and a gig card which can run *BSD (or something else cheap and reliable that can grok 802.1q tags) and plug that into the switch.
G5 Mac ???
On Tuesday, Sep 9, 2003, at 12:46 Canada/Eastern, Andy Gardner wrote:
On Tuesday, September 9, 2003, at 11:10 AM, Joe Abley wrote:
If your budget is less than $25,000, look for second-hand routers or consider building something with a fat PCI bus and a gig card which can run *BSD (or something else cheap and reliable that can grok 802.1q tags) and plug that into the switch.
G5 Mac ???
I was thinking more like "$400 P4 with a gig card and bugger all RAM or disk to speak of", but whatever works :-)
Hi Tikiri If you can manage with only Layer 3 capable routing (Layer 4 is Transport = TCP/UDP right?), look at a suitable Layer 3 switch. Allied Telesyn here in NZ make the Rapier 16fi which is 16 100BASE-FX fibre ports and a WAN interface. You can VLAN the interfaces and add some routes between them, if you find you need a higher PPS you can whack a router/PC on the expansion ports. Regards James -- James Spooner WAND Group - The University of Waikato NZ WAND Hardware Lab - G.1.32 Email: jbs3(a)cs.waikato.ac.nz Ph: +64 7 8384466x6651 Fax: +64 7 858 5095 Mob: +64 21 447638 WWW: http://voodoo.cs.waikato.ac.nz/~jbs3 On Wed, 10 Sep 2003, Tikiri Wicks wrote:
Be gratefull if anyone can give me a pointer here...
I need a router with 14 fibre ports. The thing is I don't want to spend 25,000 Plus on a router like a Cisco 4000 series or a top of the line Nortel. We don't need terrabits of routing capability and hundreds of wan ports etc.. What I'm looking for is a router than can do full layer 4 routing on 14 fibres, each running at no more than 100 Mbps.
Any ideas ?
Cheers
Tikiri
Hi Tikiri
If you can manage with only Layer 3 capable routing (Layer 4 is Transport = TCP/UDP right?), look at a suitable Layer 3 switch.
Allied Telesyn here in NZ make the Rapier 16fi which is 16 100BASE-FX fibre ports and a WAN interface. You can VLAN the interfaces and add some routes between them, if you find you need a higher PPS you can whack a router/PC on the expansion ports.
Regards
James
--
James Spooner WAND Group - The University of Waikato NZ WAND Hardware Lab - G.1.32 Email: jbs3(a)cs.waikato.ac.nz Ph: +64 7 8384466x6651 Fax: +64 7 858 5095 Mob: +64 21 447638 WWW: http://voodoo.cs.waikato.ac.nz/~jbs3
On Wed, 10 Sep 2003, Tikiri Wicks wrote:
Be gratefull if anyone can give me a pointer here...
I need a router with 14 fibre ports. The thing is I don't want to spend 25,000 Plus on a router like a Cisco 4000 series or a top of the line Nortel. We don't need terrabits of routing capability and hundreds of wan
Hi James
THe system is currently running using an Intel fibre switch. The problem
is that it is practically impossible to implement a decent firewall across
the network segments with just VLAN's. Using ARP spoofing it is possible to
even totally shut off entire segments of the network just from one PC. Mac
Address based VLAN's is a headache to try and maintain and even that can be
fooled by simple mac spoofing tools.
This is the reason I need a Layer 4 capable device that can route from
one port to the other while and at the same time enforce some layer 4
firewalling.
If only a PC could have the stability and performance of one of these
switches a Linux router with multi port fibre cards would have worked
beautifully.
Cheers
Tikiri
----- Original Message -----
From: "James Barry Spooner"
Any ideas ?
Cheers
Tikiri
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 10 Sep 2003, Tikiri Wicks wrote: [Using fibre switch, need decent firewalling]
If only a PC could have the stability and performance of one of these switches a Linux router with multi port fibre cards would have worked beautifully.
Put it this way, if you're building a _firewall_ and not just a simple
packet filter, you have no choice but to look at PCs. A few years ago you
might have also looked at Sparc boxen, but it's all pretty much the same.
The plan Joe outlined with 1q makes sense to me, and you'll get decent
firewalling with your choice of Linux or *BSD.
Routers do not make decent firewalls. PCs can, and if you're worried about
reliablity there are ways to deal with that which are true of any other
server (buy decent kit, redundant everything).
- --
David Zanetti | (__)
#include
participants (5)
-
Andy Gardner -
David Zanetti -
James Barry Spooner -
Joe Abley -
Tikiri Wicks