Date: Thu, 6 Apr 2000 18:58:00 -0400 (EDT) From: spork <spork@super-g.com> To: Javier Frias <javier@nyi.net> Cc: Joe Greco <jgreco@ns.sol.net>, dev@inetu.net, isp@freebsd.org Subject: Re: flat network Message-ID: <Pine.BSF.4.00.10004061852480.23906-100000@super-g.inch.com> In-Reply-To: <38ECED38.421C71A7@nyi.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Howdy,
We just bought an "Extreme Networks" 48 port Summit switch/router. So far
it's been wonderful, and the one bug we found was fixed in two weeks with
a custom build of the code to hold us over until the next full version is
released.
As Joe stated, if you look at the router this thing is attached to, you
see two arp entries for that interface, the router and the switch. That's
it.
These things are darn cheap too, 48 ports for about $4.8K and it is
basically a router. You also get two bonus Gig-E ports for kicks.
We used to run a building-wide access service on a layer-2 only switch
that had some filtering by ethertype, and while it worked, it was yucky
when people started trying to steal each other's addresses and whatnot.
Now it looks more like a giant 48 port router. Would be nice for a
colo setup as well. Can't take addresses outside your subnet-based vlan,
no leakage across ports, etc. And the CLI is quite usable. Way cheaper
than Cisco, about half of what 48 cabletron ports cost...
A happy customer,
Charles
---
Charles Sprickman
spork@super-g.com
---
"...there's no idea that's so good you can't
ruin it with a few well-placed idiots."
On Thu, 6 Apr 2000, Javier Frias wrote:
> Joe Greco wrote:
> >
> > > I've had quite a bid different experience with vlans.
> > > At least on catalyst switches.
> >
> > Don't talk to me about Catalyst switches. Not today. Cisco sucks.
> >
>
> i used to think like that.... we used to use cabletron switches
> and one of their 8000 routers, just a test. OH MY GOD
> those things never worked. we even had two cabletron engineers
> here for 9 days. and even they couldn't get it to work right.
>
> we went back to cisco like crack whores after their pimp.
>
> so yes, cisco i snot perfect, am i hope a good contender comes
> out , but so far, their products have worked as advertise,
> and their support is next to none.
>
> true they are a bit overpriced, but with good reseller channels, you'll
> be amazed.
> i have gotten equipment for less than 1/3 as advertised.
>
>
>
> > > with vlans, arp is reduced. ARP works by broadcasting a packet to all
> > > hosts attached
> > > to an Ethernet segment. Since a vlans virtually reduces the number of
> > > hosts
> > > on each "Ethernet Segment" or "vlan", the number of host an arp request
> > > reaches
> > > is smaller.
> >
> > You're not talking to an idiot. With routing protocols, ARP is reduced
> > further, to the point where the only ARP traffic on the network is for the
> > physical interfaces present on the network.
> >
>
> i'm sorry if i made it look that way, i know your not ;)
> just for the record, I in no way think you are an idiot.
>
> true, there are other ways, i never said vlans where the only answer.
> but just a simple solution.
>
>
> > If you have one router and one machine on a network, with ARP you still have
> > the potential to have as many ARP entries as you do virtual servers. If you
> > would like a practical demonstration of why this is bad, go generate about
> > 65,000 virtual servers on such a machine, and then ask for stuff from all of
> > them. Note the behaviour of the ARP cache on your routers and switches.
> > The behaviour is O(N), and you are screwed when N exceeds the capacity of
> > the ARP table on the device. God forbid you've more than one server on the
> > net!
> >
> > If you have one router and one machine on a network, with OSPF you have
> > exactly two ARP entries - and no need for the router to ARP for each virtual
> > server. If you would like a practical demonstration of why this is good,
> > do the same test as above. The behaviour is O(1).
> >
>
> very true.
> as a side note, i think he meant 200 actual servers, not 200 vservers.
>
>
> > > To move servers between facilities you need a flat network? you can move
> > > vlans accross
> > > switches. Plus, there are quite a large nmber of ways you can do this,
> > > without
> > > the need of a huge flat network.
> >
> > I wasn't proposing the creation of a huge flat network. My largest
> > production network has a netmask of 0xfffffff0. I move servers between
> > facilities with no problems, thanks to OSPF. Do a traceroute to both
> > dns1.sol.net and dns2.sol.net, numbered right next to each other, for a
> > trivial example.
> >
>
> sorry, my misunderstanding.
>
> > > vlans also offer quite a big more security than a flat network.
> > > crosstalk is almost eliminated.
> > >
> > > In the isp market, how some companies provide colocation
> > > without giving a customer a separate vlan is beyond my comprehesion.
> >
> > Use a separate routed network. Broaden your horizons.
>
> i understand you reasoning.
>
> > --
> > ... Joe
> >
> > -------------------------------------------------------------------------------
> > Joe Greco - Systems Administrator jgreco@ns.sol.net
> > Solaria Public Access UNIX - Milwaukee, WI 414/342-4847
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-isp" in the body of the message
>
> --
> MMM \|/ www __^__
> (o o) @ @ (O-O) /(o o)\
> -ooO-(_)-Ooo---oOO-(_)-OOo---oOO--(_)--OOo---oOO==(_)==OOo
>
> Javier A. Frias <javier@nyi.net>
> Sr. System Administrator
>
> The New York Internet Company <http://www.nyi.net>;
> 20 Exchange Place 21st Floor
> New York, N.Y. 10005
>
>
> "Error #152 - Windows not found: (C)heer (P)arty (D)ance"
> ---------------------------------------------------------
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.00.10004061852480.23906-100000>