RE: Router for Metro Ethernet

[Dylan Ebner <dylan.ebner () crlmed com>]

Taffic shaping and eigrp eat a lot.  inspection is huge as well. I have  no ida what the new zone based firewalling 
will do to a 2800, but after seeing it on an 1800, I know it will not be pretty.  static acls should be easy if they 
are not really large. I wouldn't go out and grab the new CRYMU bogon list, that would kill you.
The problem is the router CAN do these things, but if you want any management on the back end you get in trouble. 
things like NBAR and netflow are incredibly important, but the router cannot handle all these services and the routing 
protocols and the traffic. If you are not doing nbar or netflow today, that doesn't mean you won't in the near future. 
I have been finding that getting a router that is too small puts you in a precarious position at times. You can either 
know where your traffic is going and have a router that drops packets, or you can run blind knowing that all those 
unmonitored packets are getting through.




Dylan Ebner, Network Engineer
Consulting Radiologists, Ltd.
1221 Nicollet Mall, Minneapolis, MN 55403
ph. 612.573.2236     fax. 612.573.2250
dylan.ebner () crlmed com<mailto:dylan.ebner () crlmed com>
www.consultingradiologists.com<http://www.consultingradiologists.com>

From: Jeffrey Negro [mailto:jnegro () billtrust com]
Sent: Monday, April 12, 2010 1:26 PM
To: Dylan Ebner
Cc: nanog () nanog org
Subject: Re: Router for Metro Ethernet

In our case I believe we would be dealing with just static routes and a lines of ACL.  Do you think the routing 
protocols are your largest resource usage in your scenario, or is it also just simple routing as well?


Jeffrey Negro, Network Engineer
Billtrust - Improving Your Billing, Improving Your Business
www.billtrust.com<http://www.billtrust.com>
609.235.1010 x137


On Mon, Apr 12, 2010 at 1:55 PM, Dylan Ebner <dylan.ebner () crlmed com<mailto:dylan.ebner () crlmed com>> wrote:
We use metro E for our WAN and our internet access delivery. The 2600 series routers do not have enough horsepower to 
do a 40 Mb connection and eigrp. The 2811 can do 40 mb and eigrp but they start to have difficulty when you add in 
inspection or large ACLs. We just last week turned a 40mb metroe circuit into a 60mb and the router, a 2811, is now 
have constant problems. We are replacing it with a 2921. However, this router also has 2 100mb connections from local 
lans that it is also terminiating. For our 100mb metro e connections we use 3845s. The 100 mb service terminates into 
NM-GEs, which have a faster throughput than the hwics. This setup works well.
On our internet edges we use 2811s with their memory maxed. We have partial BGP routers from 2 isps. One connection is 
a 30mb and the other is a 25mb. no inspection is done on these but we do have stateless acls running on the inbound. 
these are running just fine today, but they sit at about 20% cpu  all the time.
When doing a metro e connection, make sure the router/switch can do traffic shaping. If it can't, you are relying on 
the provider to shape your outgoing traffic, which of course will happen down the line, adding additional delay during 
high usage times.

You should also look at the new cisco small metro switches. They can traffic shape, do bgp and have more than one 
interface. one of the annoying thing about metro e(at least with qwest) is  they have a tendancy to install new pe 
switches at your locations when you upgrade your service. this means a new connection from them and unless you have 
extra fiber or copper ports on your router. So to transition to the new circuit, you need to unplug your existing 
service first. And that means downtime, which no one likes.



Dylan


-----Original Message-----
From: Jeffrey Negro [mailto:jnegro () billtrust com<mailto:jnegro () billtrust com>]
Sent: Monday, April 12, 2010 12:29 PM
To: nanog () nanog org<mailto:nanog () nanog org>
Subject: Router for Metro Ethernet
Before I get taken for a ride by salespeople, I figured it would be best to
ask the experts of Nanog....

My company is currently in talks to bring an ethernet circuit into our
headquarters, initially committing around 40Mbps.  The ISP will be providing
ethernet handoff, but I do not want their managed router offering (Adtran
4430) since it is pricey, non-redundant and I'd rather manage it myself.  My
question is about hardware.  Can I assume that I can use something like a
Cisco 2000 series router with two built in fast/gig ethernet ports, without
a WIC?  and since both sides are ethernet would the routing throughput be
near fast ethernet speed?  This is my first dealing with metro ethernet
offerings, and I don't want to assume that the Cisco throughput rates listed
for T1/ADSL etc. are the same for a metro ethernet as the WAN.

Any and all suggestions on the hardware would be greatly appreciated.  Thank
you in advance!