Date: Thu, 06 Apr 2000 16:02:00 -0400 From: Javier Frias <javier@nyi.net> To: Joe Greco <jgreco@ns.sol.net> Cc: dev@inetu.net, isp@freebsd.org Subject: Re: flat network Message-ID: <38ECED38.421C71A7@nyi.net> References: <200004090128.UAA92724@aurora.sol.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Joe Greco wrote:
>
> > I've had quite a bid different experience with vlans.
> > At least on catalyst switches.
>
> Don't talk to me about Catalyst switches. Not today. Cisco sucks.
>
i used to think like that.... we used to use cabletron switches
and one of their 8000 routers, just a test. OH MY GOD
those things never worked. we even had two cabletron engineers
here for 9 days. and even they couldn't get it to work right.
we went back to cisco like crack whores after their pimp.
so yes, cisco i snot perfect, am i hope a good contender comes
out , but so far, their products have worked as advertise,
and their support is next to none.
true they are a bit overpriced, but with good reseller channels, you'll
be amazed.
i have gotten equipment for less than 1/3 as advertised.
> > with vlans, arp is reduced. ARP works by broadcasting a packet to all
> > hosts attached
> > to an Ethernet segment. Since a vlans virtually reduces the number of
> > hosts
> > on each "Ethernet Segment" or "vlan", the number of host an arp request
> > reaches
> > is smaller.
>
> You're not talking to an idiot. With routing protocols, ARP is reduced
> further, to the point where the only ARP traffic on the network is for the
> physical interfaces present on the network.
>
i'm sorry if i made it look that way, i know your not ;)
just for the record, I in no way think you are an idiot.
true, there are other ways, i never said vlans where the only answer.
but just a simple solution.
> If you have one router and one machine on a network, with ARP you still have
> the potential to have as many ARP entries as you do virtual servers. If you
> would like a practical demonstration of why this is bad, go generate about
> 65,000 virtual servers on such a machine, and then ask for stuff from all of
> them. Note the behaviour of the ARP cache on your routers and switches.
> The behaviour is O(N), and you are screwed when N exceeds the capacity of
> the ARP table on the device. God forbid you've more than one server on the
> net!
>
> If you have one router and one machine on a network, with OSPF you have
> exactly two ARP entries - and no need for the router to ARP for each virtual
> server. If you would like a practical demonstration of why this is good,
> do the same test as above. The behaviour is O(1).
>
very true.
as a side note, i think he meant 200 actual servers, not 200 vservers.
> > To move servers between facilities you need a flat network? you can move
> > vlans accross
> > switches. Plus, there are quite a large nmber of ways you can do this,
> > without
> > the need of a huge flat network.
>
> I wasn't proposing the creation of a huge flat network. My largest
> production network has a netmask of 0xfffffff0. I move servers between
> facilities with no problems, thanks to OSPF. Do a traceroute to both
> dns1.sol.net and dns2.sol.net, numbered right next to each other, for a
> trivial example.
>
sorry, my misunderstanding.
> > vlans also offer quite a big more security than a flat network.
> > crosstalk is almost eliminated.
> >
> > In the isp market, how some companies provide colocation
> > without giving a customer a separate vlan is beyond my comprehesion.
>
> Use a separate routed network. Broaden your horizons.
i understand you reasoning.
> --
> ... Joe
>
> -------------------------------------------------------------------------------
> Joe Greco - Systems Administrator jgreco@ns.sol.net
> Solaria Public Access UNIX - Milwaukee, WI 414/342-4847
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
--
MMM \|/ www __^__
(o o) @ @ (O-O) /(o o)\
-ooO-(_)-Ooo---oOO-(_)-OOo---oOO--(_)--OOo---oOO==(_)==OOo
Javier A. Frias <javier@nyi.net>
Sr. System Administrator
The New York Internet Company <http://www.nyi.net>;
20 Exchange Place 21st Floor
New York, N.Y. 10005
"Error #152 - Windows not found: (C)heer (P)arty (D)ance"
---------------------------------------------------------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38ECED38.421C71A7>