From owner-freebsd-isp Thu Apr 6 13:52: 8 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.bfm.org (mail.bfm.org [216.127.218.26]) by hub.freebsd.org (Postfix) with ESMTP id DC18737C0EB for ; Thu, 6 Apr 2000 13:51:51 -0700 (PDT) (envelope-from Ryugen@palaver.org) Received: from primo.bfm.org ([216.127.218.20]) by mail.bfm.org (Post.Office MTA v3.5.3 release 223 ID# 0-52399U2500L250S0V35) with SMTP id org for ; Thu, 6 Apr 2000 15:52:17 -0500 Received: from portapad.palaver.org (unverified [24.217.7.191]) by primo.bfm.org (EMWAC SMTPRS 0.83) with SMTP id ; Thu, 06 Apr 2000 15:51:31 -0500 Message-Id: <4.3.1.2.20000406155000.00a87ae0@mail.palaver.org> X-Sender: rfisher@mail.palaver.org X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Thu, 06 Apr 2000 15:51:00 -0500 To: Javier Frias From: Ryugen@palaver.org (Ryugen C. Fisher) Subject: Re: flat network Cc: Joe Greco , dev@inetu.net, isp@freebsd.org In-Reply-To: <38ECED38.421C71A7@nyi.net> References: <200004090128.UAA92724@aurora.sol.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 03:02 PM 4/6/00, Javier Frias wrote: >Joe Greco wrote: > > > > > I've had quite a bid different experience with vlans. > > > At least on catalyst switches. > > > > Don't talk to me about Catalyst switches. Not today. Cisco sucks. > > > >i used to think like that.... we used to use cabletron switches >and one of their 8000 routers, just a test. OH MY GOD >those things never worked. we even had two cabletron engineers >here for 9 days. and even they couldn't get it to work right. > >we went back to cisco like crack whores after their pimp. > >so yes, cisco i snot perfect, am i hope a good contender comes >out , but so far, their products have worked as advertise, >and their support is next to none. > >true they are a bit overpriced, but with good reseller channels, you'll >be amazed. >i have gotten equipment for less than 1/3 as advertised. > > > > > > with vlans, arp is reduced. ARP works by broadcasting a packet to all > > > hosts attached > > > to an Ethernet segment. Since a vlans virtually reduces the number of > > > hosts > > > on each "Ethernet Segment" or "vlan", the number of host an arp request > > > reaches > > > is smaller. > > > > You're not talking to an idiot. With routing protocols, ARP is reduced > > further, to the point where the only ARP traffic on the network is for the > > physical interfaces present on the network. > > > >i'm sorry if i made it look that way, i know your not ;) >just for the record, I in no way think you are an idiot. > >true, there are other ways, i never said vlans where the only answer. >but just a simple solution. > > > > If you have one router and one machine on a network, with ARP you still > have > > the potential to have as many ARP entries as you do virtual > servers. If you > > would like a practical demonstration of why this is bad, go generate about > > 65,000 virtual servers on such a machine, and then ask for stuff from > all of > > them. Note the behaviour of the ARP cache on your routers and switches. > > The behaviour is O(N), and you are screwed when N exceeds the capacity of > > the ARP table on the device. God forbid you've more than one server on the > > net! > > > > If you have one router and one machine on a network, with OSPF you have > > exactly two ARP entries - and no need for the router to ARP for each > virtual > > server. If you would like a practical demonstration of why this is good, > > do the same test as above. The behaviour is O(1). > > > >very true. >as a side note, i think he meant 200 actual servers, not 200 vservers. > > > > > To move servers between facilities you need a flat network? you can move > > > vlans accross > > > switches. Plus, there are quite a large nmber of ways you can do this, > > > without > > > the need of a huge flat network. > > > > I wasn't proposing the creation of a huge flat network. My largest > > production network has a netmask of 0xfffffff0. I move servers between > > facilities with no problems, thanks to OSPF. Do a traceroute to both > > dns1.sol.net and dns2.sol.net, numbered right next to each other, for a > > trivial example. > > > >sorry, my misunderstanding. > > > > vlans also offer quite a big more security than a flat network. > > > crosstalk is almost eliminated. > > > > > > In the isp market, how some companies provide colocation > > > without giving a customer a separate vlan is beyond my comprehesion. > > > > Use a separate routed network. Broaden your horizons. > >i understand you reasoning. > > > -- > > ... Joe > > > > Did someone say 'Livingston' I must presume??? Ryugen, that "Old Frog" hisself Ryugen@palaver.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message