Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Network Design Recommendation - L3 Switch

SOLVED
Go to solution
ZD_1
Occasional Visitor

Network Design Recommendation - L3 Switch

Hello,

We're looking to redesign and expand our presence by adding a couple of extra racks at our colo facility.

Its a small setup, 40-50 servers across 20-30 VLAN's but we would like to facilitate easy growth over time.

-I'd like to aggregate 4 or 5 L2 switches that trunk the various VLAN's into a "core router" which is the L3 switch that I'm trying to decide on - currently thinking about a Procurve 2910al.

-The 2910al "core router" will have a default route to our upstream provider, and will also serve as the default gateway for each VLAN. I'm not running bgp or anything.

-It will also run RIPv2 on a small DMZ VLAN connected to a bunch of firewall appliances so that we can individually link in a dedicated firewall to protect a VLAN and use that as the VLAN's gateway instead of the "core router" (the firewall would use the core router as its DG instead). RIP would be running so that I wouldn't have to enter a static route when moving the VLAN's Default Gateway IP from the "core router" to the firewall.

-I would need very fast inter-VLAN routing because some of the VLANs would have backup servers that would get dumped on nightly from the other servers. This inter-VLAN routing performance is what concerns me - needs to be quick.

-The default route to our upstream provider will only be pushing 100-300mbps, but internally between the VLANS I'd need gigabit performance.

My major concern is the performance of the 2910al. While what I describe above fits the offical specs on the procurve website, I realize that real world performance is usually much less. I know the 2910al isn't specifically designed for this role, however, we'd like to know if it would work because we have a fairly small network of 40-50 servers.

If anybody here has some advice, or can recommend a solid L3 alternative in the procurve line that would be great. The 2910al-24 seems to have higher pps rating than the 3500 and 6xxx ones....

Thank you
5 REPLIES
MullT
Frequent Advisor
Solution

Re: Network Design Recommendation - L3 Switch

Don´t let one fool you. I also purchased a 2910al instead of a 3500yl. The hardware is newer than the 3500yl. But please don´t look at the peformance of those switches. Support of protocols is more important.
The 2910al is a very cut down version of the 3500yl.

Back to your question. Which switch to chose from? As HP wants to buy 3COM, there must be a reason for this, so I myself compared the 3500yl to a 3COM 4800G. Now I know why they´ll buy that enterprise.

Look at the 4800G, it is cheaper than a 3500yl, but only a few bucks more expensiv than a 4800G.

Why using RIPv2, when you get OSPFv2 and OSPF3 for a little more.

Look at the datasheet and compare yourself:

http://www.3com.com/other/pdfs/products/en_US/3com_401083.pdf

ZD_1
Occasional Visitor

Re: Network Design Recommendation - L3 Switch

Hi MullT - Thank you very much for your reply. I have a few questions about your reply:

1) In terms of protocol features, I dont need very much.I am more concerned about the hardware/performance. How is the 2910al performance? Can it do gigabit speeds at *LAYER 3* for inter-VLAN routing? That is my main concern. I know L2 is no problem, but how does it perform at L3?

2) I am using RIP2 because its simple to setup. Here is the scenario: I have a DMZ network that has a number of firewalls. Each firewall protects a specific customer. All the firewalls will be using the 2910al as their default gateway. Behind each of those firewalls can be a number of public IP subnets, so the firewalls will simply announce via RIP the subnets that are configured on them so that the 2910al will know to route to them. It is just to save me from having to enter static routes to the specific firewall on the 2910al. Other VLAN's/Customers do not have a dedicated firewall so then their default gateway is on the 2910al itself. 2910al has 1 default route to the internet via our upstream provider in the datacenter.

3) I'm not sure about 3COM. This is for internet facing and everybody seems to recommend cisco/juniper/procurve/etc. I will investigate the 3COM device that you suggested, thank you!

4)The specson the 3500yl seem lower than the 2910al. Many have told me the 2910al may not be up to doing gigabit L3 routing between VLAN's, I am worried this. Will the 3500yl have enough power?

Thank you very much for your help, hope to hear from you soon

Cheers
MullT
Frequent Advisor

Re: Network Design Recommendation - L3 Switch

Hi,

"1) In terms of protocol features, I dont need very much.

Let´s look at the software feature matrix, it is not only routing protocols, that are different:

http://h40060.www4.hp.com/procurve/pdfs/customercare/software/SWFeaturesMatrix_LANSwitches_110209.pdf


"I am more concerned about the hardware/performance. How is the 2910al performance? Can it do gigabit speeds at *LAYER 3* for inter-VLAN routing?"

Well, I put my 2910al at the edge(because of that features I need there: 802.1x with multiple clients. 8 per port will be enough, but 2 wouldn´t, DHCP snooping, Per-Port loop protection". That´s the place where it belongs to.

Back to performance, will you have many ACLs on that switches? What features will be enabled?



"That is my main concern. I know L2 is no problem, but how does it perform at L3?"
"2) I am using RIP2 because its simple to setup. Here is the scenario: I have a DMZ network that has a number of firewalls. Each firewall protects a specific customer. All the firewalls will be using the 2910al as their default gateway. Behind each of those firewalls can be a number of public IP subnets, so the firewalls will simply announce via RIP the subnets that are configured on them so that the 2910al will know to route to them. It is just to save me from having to enter static routes to the specific firewall on the 2910al. Other VLAN's/Customers do not have a dedicated firewall so then their default gateway is on the 2910al itself. 2910al has 1 default route to the internet via our upstream provider in the datacenter."

The 2910al is not a routing machine in my opinion. It is not the IP unicast routing protocols we are talking about.

Do you need:

- RIPv2 for IPv4 routing?
- IPv6 static routing?
- RIPng for IPv6 routing?
- What about PIM-DM, PIM-SM, MLDv1, MLDv2, PIM-SSM, IGMP snooping? Do you need it for IPv4 only? What about IPv6?
- VRRP,VRRPE?
- 6to4-tunnel or ISATAP?

If you say "Yes" only to the first one and the rest no, then take that 2910al if you like to.


"3) I'm not sure about 3COM. This is for internet facing and everybody seems to recommend cisco/juniper/procurve/etc. I will investigate the 3COM device that you suggested, thank you!"

Well, HP will buy 3COM. As I said, there is a reason for this.


"4)The specson the 3500yl seem lower than the 2910al. Many have told me the 2910al may not be up to doing gigabit L3 routing between VLAN's, I am worried this. Will the 3500yl have enough power?"

The hardware (CPU Mhz, RAM, ROM) is lower on the 3500yl as it is older, but comparing software features, the 3500yl is above 2910al
ZD_1
Occasional Visitor

Re: Network Design Recommendation - L3 Switch

Hello MullT,

Thanks again for your reply. Here are my responses:

1) The software/protocol features I need are very simple:
-ACL to protect access to the switch and some basic port filtering between VLANs (since this is a "core router" it will be connected direct to the Internet)

-Static Routes for IP4

-RIPv2 so that I dont have to make many static routes (the firewalls do not support OSPF or anything fancy so this is the simplest way for the core router to learn of their IP's without me having to do static routes to each firewall per customer). Some customers do not have a firewall so their default gateway will be on the 2910al instead of one of the dedicated firewalls.

-I do not need IPv6 support (yet).

-By the time we get big enough, I plan to convert the 2910al as L2 only for server access at the top of rack and use a better, higher power L3 router/switch to take its place (maybe by then 3COM/Procurve will have merged and have some really good L3 devices :). But for right now, I am very concerned about performance - do you think it will do gigabit inter-vlan routing?

-VRRP would be great, but the problem is that most customers only want a /29 so for me to setup VRRP I would have to take 3IP's (one for each router, plus virtual IP), so by the time we're done they have very few IP's left over. If I allocate a /28 then it becomes very wasteful.

-I'm not sure if/why I'd need the other items you asked - am I missing something?

Thank you very much for all your replies and information.

Chat with you soon!
MullT
Frequent Advisor

Re: Network Design Recommendation - L3 Switch

>-I do not need IPv6 support (yet).

Remember, according to HP, 2910al will never have IPv6 routing capabilities, only IPv6 host management. For static IPv6 routing you´ll need HP 3500yl and above. For RIPng and OSPFv3 you will need a premium license.