I'm looking to acquire a few new core switches for our network which would be a major upgrade from the cheap unmanaged things we currently have. Basically, just users, servers, and other simple network devices will be plugged into them but I'd like to start doing some testing with iSCSI for various non-production reasons. I have no allegiance to a particular vendor although I do have a Cisco background. I'd like them to be at least 10/100/1000 (no need for power over ethernet) and include many of the features that are most important to me in a managed switch, including:
* vlans * mstp or some well established form of per vlan spanning tree * acl's * port mirroring or what cisco calls span sessions * snmp * ssh enabled remote management * support w/ updates and bugfixes
I need at least 48 ports per device and obviously would like them to be "fast". Most importantly, I'd like to know what you guys prefer as operations dudes and what pitfalls to avoid. Also, are there other features you folks would demand to have in your switches that I haven't mentioned? I can provide more information if you'd like. Thanks.
Oh, cost is sort of an issue (small/medium sized business) but right now insight from you guys is what's important and I can work out the cost issue later. Thanks again.
Hi
I use a lot Nortel switches, 4548gt is working like a bomb a bit on the expensive side but still really good.
Per
On 3/23/09 2:25 PM, "Scott McClanahan" smcclanahan@forterrainc.com wrote:
I'm looking to acquire a few new core switches for our network which would be a major upgrade from the cheap unmanaged things we currently have. Basically, just users, servers, and other simple network devices will be plugged into them but I'd like to start doing some testing with iSCSI for various non-production reasons. I have no allegiance to a particular vendor although I do have a Cisco background. I'd like them to be at least 10/100/1000 (no need for power over ethernet) and include many of the features that are most important to me in a managed switch, including:
- vlans
- mstp or some well established form of per vlan spanning tree
- acl's
- port mirroring or what cisco calls span sessions
- snmp
- ssh enabled remote management
- support w/ updates and bugfixes
I need at least 48 ports per device and obviously would like them to be "fast". Most importantly, I'd like to know what you guys prefer as operations dudes and what pitfalls to avoid. Also, are there other features you folks would demand to have in your switches that I haven't mentioned? I can provide more information if you'd like. Thanks.
Oh, cost is sort of an issue (small/medium sized business) but right now insight from you guys is what's important and I can work out the cost issue later. Thanks again. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Scott McClanahan wrote:
I'm looking to acquire a few new core switches for our network which would be a major upgrade from the cheap unmanaged things we currently have. Basically, just users, servers, and other simple network devices will be plugged into them but I'd like to start doing some testing with iSCSI for various non-production reasons. I have no allegiance to a particular vendor although I do have a Cisco background. I'd like them to be at least 10/100/1000 (no need for power over ethernet) and include many of the features that are most important to me in a managed switch, including:
- vlans
- mstp or some well established form of per vlan spanning tree
- acl's
- port mirroring or what cisco calls span sessions
- snmp
- ssh enabled remote management
- support w/ updates and bugfixes
I need at least 48 ports per device and obviously would like them to be "fast". Most importantly, I'd like to know what you guys prefer as operations dudes and what pitfalls to avoid. Also, are there other features you folks would demand to have in your switches that I haven't mentioned? I can provide more information if you'd like. Thanks.
Oh, cost is sort of an issue (small/medium sized business) but right now insight from you guys is what's important and I can work out the cost issue later. Thanks again.
I haven't used the current crop, but I'd expect the Dell Powerconnect series to be usable. The configuration is a bit different than Cisco so you need to trade off some learning time for the cost difference. Also on the port mirroring - on the Dell switches I have used, the port used as the target of the mirror copy could not simultaneously be used for normal traffic of its own.
We use Extrem Networks x450 switches, see
http://www.extremenetworks.com/products/summit-x450a.aspx
Scott McClanahan pravi:
I'm looking to acquire a few new core switches for our network which would be a major upgrade from the cheap unmanaged things we currently have. Basically, just users, servers, and other simple network devices will be plugged into them but I'd like to start doing some testing with iSCSI for various non-production reasons. I have no allegiance to a particular vendor although I do have a Cisco background. I'd like them to be at least 10/100/1000 (no need for power over ethernet) and include many of the features that are most important to me in a managed switch, including:
- vlans
- mstp or some well established form of per vlan spanning tree
- acl's
- port mirroring or what cisco calls span sessions
- snmp
- ssh enabled remote management
- support w/ updates and bugfixes
I need at least 48 ports per device and obviously would like them to be "fast". Most importantly, I'd like to know what you guys prefer as operations dudes and what pitfalls to avoid. Also, are there other features you folks would demand to have in your switches that I haven't mentioned? I can provide more information if you'd like. Thanks.
Oh, cost is sort of an issue (small/medium sized business) but right now insight from you guys is what's important and I can work out the cost issue later. Thanks again. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Marko Mernik wrote:
We use Extrem Networks x450 switches, see
X450A is my favorite gigE switch as well, with ESRP you can get layer 3 redundancy with layer 2 loop prevention in a single protocol and don't need to have other switches in the network have any special software(assuming typical core-edge design). Anything from unmanaged netgear, to Cisco to F5 to 3COM to whatever can get full redundancy and loop protection without any configuration on the edge. Adding a new VLAN to be protected by ESRP can be done with a single command as well.
http://apps.extremenetworks.com/libraries/whitepapers/technology/VRRPvsESRP_...
Though you can't access the OS directly all of their switches released in the past several years(anything running XOS) runs on top of Linux.
http://www.extremenetworks.com/products/extreme-xos.aspx
X450A-48T lists for roughly $8k with a 256Gbps backplane, hardware IPv6, next-gen OS, hardware sflow(www.sflow.org), support for all major layer 2 and layer 3 protocols. The latest revs of code include ClearFLOW support in software (previously only available on the higher end switches) which is a real nice feature as well.
Quite a steal, they priced it at the same price as their previous generation basic layer 3 switches Summit 400-48T.
To Cisco it's roughly equivalent to the 3750 which has roughly a 40Gbps backplane and lists for about $15k.
nate
- vlans
- mstp or some well established form of per vlan spanning tree
- acl's
- port mirroring or what cisco calls span sessions
- snmp
- ssh enabled remote management
- support w/ updates and bugfixes
I need at least 48 ports per device and obviously would like them to be "fast". Most importantly, I'd like to know what you guys prefer as operations dudes and what pitfalls to avoid. Also, are there other features you folks would demand to have in your switches that I haven't mentioned? I can provide more information if you'd like. Thanks.
Oh, cost is sort of an issue (small/medium sized business) but right now insight from you guys is what's important and I can work out the cost issue later. Thanks again.
D-Link DGS-3100
I ordered a number of these for the school where I work to place a number of Cisco 2960 10/100 switches.
I am quite happy with them. Some of these switches are connected by multi-mode fibre.
cheers,
Christopher
On Mon, Mar 23, 2009 at 9:05 PM, Christopher Chan christopher.chan@bradbury.edu.hk wrote:
- vlans
- mstp or some well established form of per vlan spanning tree
- acl's
- port mirroring or what cisco calls span sessions
- snmp
- ssh enabled remote management
- support w/ updates and bugfixes
I need at least 48 ports per device and obviously would like them to be "fast". Most importantly, I'd like to know what you guys prefer as operations dudes and what pitfalls to avoid. Also, are there other features you folks would demand to have in your switches that I haven't mentioned? I can provide more information if you'd like. Thanks.
Oh, cost is sort of an issue (small/medium sized business) but right now insight from you guys is what's important and I can work out the cost issue later. Thanks again.
D-Link DGS-3100
I ordered a number of these for the school where I work to place a number of Cisco 2960 10/100 switches.
I am quite happy with them. Some of these switches are connected by multi-mode fibre.
cheers,
Christopher _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Every time i read these posts they are filled with contradictions in that one person loves HP and hates CiscoLinksys while another hates HP. Let's get a more scientific approach. Switch performance still depends on the NICS in the client machines. We all know a network is a complex system. Some of us claim to be computer scientists so shouldn't we act like that instead of advertising for our vendors.
i would like to see real performance data via something like netperf with client machines booted from a standardized LiveCD, then peformance under their Linux Distribution and performance under Windows.
Performance data would need to have details such as the NIC on the client machine and other hw characteristics. How many machines ran the benchmark simultaneously. Cat5e vs Cat6 or Fiber connected.
http://www.netperf.org ( OpenSource started by HP, ) ftp://ftp.netperf.org/netperf/ (Looks like 2.4.4 is the latest version. Not sure what 4.0.0 is)
http://sourceforge.net/projects/jnetperf (java version of netperf)
There may be another project from some Italian Professor, but didn't find it in my bookmarks.
Yes, there is the unix way of time dd ... but that wouldn't work for windows clients and does not give enough details in terms of metrics.
Rob Townley schrieb:
Every time i read these posts they are filled with contradictions in that one person loves HP and hates CiscoLinksys while another hates HP. Let's get a more scientific approach. Switch performance still depends on the NICS in the client machines.
Uhm. No. Not any longer, AFAIK. At least, once you leave the SOHO region (AFAIK, the OP wanted >= 48 ports. I don't want to work in such a home-office, really...). Backplane-performance is an issue. Especially with iSCSI.
Also, as demonstrated, different switch-vendors offer different feature-sets at different price-levels. There's also the compatibility-question: if you already have a number of devices, the new ones must fit in well into the existing landscape (VLANs etc.pp.)
Performance data would need to have details such as the NIC on the client machine and other hw characteristics. How many machines ran the benchmark simultaneously. Cat5e vs Cat6 or Fiber connected.
That's already more variables in the equation than is healthy for a typical benchmark...
http://www.netperf.org ( OpenSource started by HP, ) ftp://ftp.netperf.org/netperf/ (Looks like 2.4.4 is the latest version. Not sure what 4.0.0 is)
http://sourceforge.net/projects/jnetperf (java version of netperf)
There may be another project from some Italian Professor, but didn't find it in my bookmarks.
Yes, there is the unix way of time dd ... but that wouldn't work for windows clients and does not give enough details in terms of metrics.
Switch performance is extremely difficult to measure IMO. You need enough clients to make sure you're not accidentally measuring client-performance.
In the end, the only thing that counts is real-world data. Netperf et.al. don't really provide a real-world scenario, where you have a mixture of packet-sizes and protocols. Same for artifical load/packet generators (ixia et.al).
Because (almost) nobody has the time to do extensive tests, past real-world experience/performance data and word-of-mouth becomes an integral part in choosing such products. That, or you have enough money to buy everything from Cisco ;-)
Rainer
Rainer Duffner wrote:
Switch performance is extremely difficult to measure IMO. You need enough clients to make sure you're not accidentally measuring client-performance.
There's also a lot more to switches than pure performance, line rate switches have been around for at least a decade(switches that have enough bandwidth to have every port running at 100% utilization).
If your running only a layer 2 network(who does that anymore?) then perhaps performance is the best measure, but for the well known top performing manufacturers of gear raw performance hasn't been something to be concerned about for some time in the 10/100 and GigE space.
Now 10GigE is still kind of new as far as high density line rate, most chassis switches are not even line rate if you fully populate them with 10Gig ports.
IMO -
(no particular order) HP - Good for the lifetime warranty, lower support(contract) costs. Advantages for an HP shop since they likely tie in nicely to HP management tools. Extreme - Mature next-gen linux-based OS that's easy to use, lots of advanced functionality included out of the box. With a couple exceptions, line rate for 10+ years. Force10 - Leader in port density and switch performance, though it's been a couple years since I've seen a new product, most of their products are 4+ years old but still compete extremely well even today. NetBSD next-gen OS, still kind of new. Line rate since their inception almost a decade ago. Looks like they just released a new 10gig chassis yesterday. Was the undisputed 10gig leader for a while, others have since caught up, though this new product may put them way ahead again haven't looked in depth. Foundry(now Brocade) - Another leader in port density and switch performance, best known perhaps for it's interface clone of IOS. So if your used to Cisco you can adapt to these pretty easily and get much better performance. Not sure where they are at on their next gen OS. Line rate for a long time, perhaps 10+ years too. Unlike Extreme and Force10 Foundry offers products targeted specifically to do high performance routing(NetIron), as well as load balancing(ServerIron). Most of their edge switches are 1.5U instead of 1U, though they include hot swap internal power supplies. Most vendors rely on external power supplies for redundancy. Foundry used to have some non Ethernet offerings(e.g. T1, DS3 etc), but have since like many others eliminated all non Ethernet products. Cisco - overpriced, under performing almost across the board, I'm looking at replacing some older Cisco 7300 routers(which they still sell), with something from Foundry, their LOW end router is more than seven hundred times faster than the Cisco 7300, and the price is comparable. Cisco has a broad range of operating systems. Management is incredibly complex. Can be a "one stop shop" for most things network related, but while they share a common brand don't let them fool you into making you think they are well integrated and easy to use.
Juniper - Somewhat new to the basic switch space though their 48-port 1Gig 1U switches are feature packed with gobs of flash, RAM, hot swap fan trays and power supplies (rare for a 1U switch), and a very fast stacking port(over 100Gbps if I recall). Juniper is of course best known for it's routers, and more recently firewalls after it bought NetScreen(?) a few years ago. I think their new switches use the same BSD(FreeBSD perhaps?) based OS that their high end routers do, if so it's very mature on the software side.
3COM - Not familiar to much with their recent products though personally weary of the company itself, it's working hard to get back into the enterprise space after abandoning it a decade or more ago.
Linksys/NetGear/D-link/etc - if this is your price point then that's your price point, I'd suggest at least getting a good set of layer 3 switches for the network core.
I personally have kept very close eyes on Extreme, Force10 and Foundry's product lines for 5 years or so, and more recently looking at Juniper as well. The sort of technology behind these products is very interesting to me, I'm the sort of person who will spend hours reading data and spec sheets on them.
I only have personal experience with Extreme, Cisco, and Linksys (1 switch).
nate
On Tue, Mar 24, 2009 at 10:59 AM, nate centos@linuxpowered.net wrote:
Rainer Duffner wrote:
Switch performance is extremely difficult to measure IMO. You need enough clients to make sure you're not accidentally measuring client-performance.
There's also a lot more to switches than pure performance, line rate switches have been around for at least a decade(switches that have enough bandwidth to have every port running at 100% utilization).
If your running only a layer 2 network(who does that anymore?) then perhaps performance is the best measure, but for the well known top performing manufacturers of gear raw performance hasn't been something to be concerned about for some time in the 10/100 and GigE space.
i would not be surprised if most SOHO networks may not even have layer 2 manageablity. How do you know it isn't something to be concerned about unless you have data from various manufacturers and various NICs?
Now 10GigE is still kind of new as far as high density line rate, most chassis switches are not even line rate if you fully populate them with 10Gig ports.
IMO -
(no particular order) HP - Good for the lifetime warranty, lower support(contract) costs. Advantages for an HP shop since they likely tie in nicely to HP management tools. Extreme - Mature next-gen linux-based OS that's easy to use, lots of advanced functionality included out of the box. With a couple exceptions, line rate for 10+ years. Force10 - Leader in port density and switch performance, though it's been a couple years since I've seen a new product, most of their products are 4+ years old but still compete extremely well even today. NetBSD next-gen OS, still kind of new. Line rate since their inception almost a decade ago. Looks like they just released a new 10gig chassis yesterday. Was the undisputed 10gig leader for a while, others have since caught up, though this new product may put them way ahead again haven't looked in depth. Foundry(now Brocade) - Another leader in port density and switch performance, best known perhaps for it's interface clone of IOS. So if your used to Cisco you can adapt to these pretty easily and get much better performance. Not sure where they are at on their next gen OS. Line rate for a long time, perhaps 10+ years too. Unlike Extreme and Force10 Foundry offers products targeted specifically to do high performance routing(NetIron), as well as load balancing(ServerIron). Most of their edge switches are 1.5U instead of 1U, though they include hot swap internal power supplies. Most vendors rely on external power supplies for redundancy. Foundry used to have some non Ethernet offerings(e.g. T1, DS3 etc), but have since like many others eliminated all non Ethernet products. Cisco - overpriced, under performing almost across the board, I'm looking at replacing some older Cisco 7300 routers(which they still sell), with something from Foundry, their LOW end router is more than seven hundred times faster than the Cisco 7300, and the price is comparable. Cisco has a broad range of operating systems. Management is incredibly complex. Can be a "one stop shop" for most things network related, but while they share a common brand don't let them fool you into making you think they are well integrated and easy to use.
Juniper - Somewhat new to the basic switch space though their 48-port 1Gig 1U switches are feature packed with gobs of flash, RAM, hot swap fan trays and power supplies (rare for a 1U switch), and a very fast stacking port(over 100Gbps if I recall). Juniper is of course best known for it's routers, and more recently firewalls after it bought NetScreen(?) a few years ago. I think their new switches use the same BSD(FreeBSD perhaps?) based OS that their high end routers do, if so it's very mature on the software side.
3COM - Not familiar to much with their recent products though personally weary of the company itself, it's working hard to get back into the enterprise space after abandoning it a decade or more ago.
Linksys/NetGear/D-link/etc - if this is your price point then that's your price point, I'd suggest at least getting a good set of layer 3 switches for the network core.
If you don't have metrics justifying thousands more for the same number of ports, then it is hard to justify to the boss.
I personally have kept very close eyes on Extreme, Force10 and Foundry's product lines for 5 years or so, and more recently looking at Juniper as well. The sort of technology behind these products is very interesting to me, I'm the sort of person who will spend hours reading data and spec sheets on them.
I only have personal experience with Extreme, Cisco, and Linksys (1 switch).
nate
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Rob Townley wrote:
i would not be surprised if most SOHO networks may not even have layer 2 manageablity. How do you know it isn't something to be concerned about unless you have data from various manufacturers and various NICs?
I don't deal with SOHO networks(outside of my own which only has a few devices on it, I used to run a big fancy 48-port layer 3 managed switch at home but have since eliminated most of my home network so don't need the noise/power draw of the big switch for just a few things. So you certainly have a valid point for that type of network.
For the higher grade networks my experience tells me at least for performance for the most part there isn't a concern, at least I haven't run into any noticeable performance issues that I can recall. I do design networks carefully though as to try to avoid potential bottlenecks e.g. utilizing 802.3ad, using good quality cables(some folks who crimp themselves can do a real poor job, while others do it fine), and having a system that can scale as needed to something more powerful(preferably with downtime for the upgrades measured in seconds or minutes not hours or days).
My last company was really small there was only about 24 48-port switches total that I spec'd/bought/deployed between two sites. The company previous to that was bigger, we had about 65 48-port gigE switches and a pair of 180-port(480 max) core switches at one site. The place I'm at now has aging infrastructure and probably has about 40 48-port gigE switches, and a pair of big ~96 port core switches(384 max?).
nate
On Tue, Mar 24, 2009 at 10:24 AM, Rainer Duffner rainer@ultra-secure.de wrote:
Rob Townley schrieb:
Every time i read these posts they are filled with contradictions in that one person loves HP and hates CiscoLinksys while another hates HP. Let's get a more scientific approach. Switch performance still depends on the NICS in the client machines.
Uhm. No. Not any longer, AFAIK. At least, once you leave the SOHO region (AFAIK, the OP wanted >= 48 ports. I don't want to work in such a home-office, really...).
There are 48 port SOHO priced switches nowadays. i am often not very impressed by network performance and need standardized benchmarks to figure out if there may be an issue at the NIC driver, switch or on up to a virus shield. It was either a ~2004 Dell Power magazine or ~2004 Network World article that mentioned that 3Com NICs didn't perform well with Cisco switches and vice versa. They also wrote about other vendors and i don't remember any of them performing extremely well across vendor. Now that NICs are a commodity, the problem could be worse.
Backplane-performance is an issue. Especially with iSCSI.
Also, as demonstrated, different switch-vendors offer different feature-sets at different price-levels. There's also the compatibility-question: if you already have a number of devices, the new ones must fit in well into the existing landscape (VLANs etc.pp.)
Performance data would need to have details such as the NIC on the client machine and other hw characteristics. How many machines ran the benchmark simultaneously. Cat5e vs Cat6 or Fiber connected.
That's already more variables in the equation than is healthy for a typical benchmark...
http://www.netperf.org ( OpenSource started by HP, ) ftp://ftp.netperf.org/netperf/ (Looks like 2.4.4 is the latest version. Not sure what 4.0.0 is)
http://sourceforge.net/projects/jnetperf (java version of netperf)
There may be another project from some Italian Professor, but didn't find it in my bookmarks.
Yes, there is the unix way of time dd ... but that wouldn't work for windows clients and does not give enough details in terms of metrics.
Switch performance is extremely difficult to measure IMO. You need enough clients to make sure you're not accidentally measuring client-performance.
Agreed, this is a difficult complex system, but some baseline measurements would still be worthwhile to rule out some problems. Client NIC performance would be valuable info.
In the end, the only thing that counts is real-world data. Netperf et.al. don't really provide a real-world scenario, where you have a mixture of packet-sizes and protocols. Same for artifical load/packet generators (ixia et.al).
netperf could use some work, but some generic baseline perf data would still be very valuable to rule basic problems. Somebody could post an ethereal packet capture of varying packet sizes and protocols that could be replayed on client machines.
Because (almost) nobody has the time to do extensive tests, past real-world experience/performance data and word-of-mouth becomes an integral part in choosing such products. That, or you have enough money to buy everything from Cisco ;-)
In theory, pxe booting a test image on all machines in the lan (maybe via drbl / CloneZilla) with netperf and running overnight could automate this process. The reality is that it can take much much more time to track down where a performance bottleneck is on a heterogeneous LAN.
What "performance data" are you referring to?
Rainer
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Rob Townley schrieb:
On Tue, Mar 24, 2009 at 10:24 AM, Rainer Duffner rainer@ultra-secure.de wrote:
Rob Townley schrieb:
Every time i read these posts they are filled with contradictions in that one person loves HP and hates CiscoLinksys while another hates HP. Let's get a more scientific approach. Switch performance still depends on the NICS in the client machines.
Uhm. No. Not any longer, AFAIK. At least, once you leave the SOHO region (AFAIK, the OP wanted >= 48 ports. I don't want to work in such a home-office, really...).
There are 48 port SOHO priced switches nowadays.
I see your point. I only imagined the "home office" that would need 48 ports ;-)
i am often not very impressed by network performance and need standardized benchmarks to figure out if there may be an issue at the NIC driver, switch or on up to a virus shield. It was either a ~2004 Dell Power magazine or ~2004 Network World article that mentioned that 3Com NICs didn't perform well with Cisco switches and vice versa.
Hm. I think I saw something like that (I was at a site that used Catalyst 6500-switches to connect desktops - in 2001). Autosensing was useless...
They also wrote about other vendors and i don't remember any of them performing extremely well across vendor. Now that NICs are a commodity, the problem could be worse.
Here, autosensing sometimes doesn't work. Then, you've got to set it fixed on both the client and the switch-port.
What "performance data" are you referring to?
What you gathered in the past from other switches on your LAN - and what you read on the internet ;-)) I'm not a networking-guy (switches are done by someone else here).
Rainer
On Tue, Mar 24, 2009 at 11:16 AM, Rainer Duffner rainer@ultra-secure.de wrote:
Rob Townley schrieb:
On Tue, Mar 24, 2009 at 10:24 AM, Rainer Duffner rainer@ultra-secure.de wrote:
Rob Townley schrieb:
Every time i read these posts they are filled with contradictions in that one person loves HP and hates CiscoLinksys while another hates HP. Let's get a more scientific approach. Switch performance still depends on the NICS in the client machines.
Uhm. No. Not any longer, AFAIK. At least, once you leave the SOHO region (AFAIK, the OP wanted >= 48 ports. I don't want to work in such a home-office, really...).
There are 48 port SOHO priced switches nowadays.
I see your point. I only imagined the "home office" that would need 48 ports ;-)
i am often not very impressed by network performance and need standardized benchmarks to figure out if there may be an issue at the NIC driver, switch or on up to a virus shield. It was either a ~2004 Dell Power magazine or ~2004 Network World article that mentioned that 3Com NICs didn't perform well with Cisco switches and vice versa.
Hm. I think I saw something like that (I was at a site that used Catalyst 6500-switches to connect desktops - in 2001). Autosensing was useless...
They also wrote about other vendors and i don't remember any of them performing extremely well across vendor. Now that NICs are a commodity, the problem could be worse.
Here, autosensing sometimes doesn't work. Then, you've got to set it fixed on both the client and the switch-port.
What "performance data" are you referring to?
What you gathered in the past from other switches on your LAN - and what you read on the internet ;-)) I'm not a networking-guy (switches are done by someone else here).
Rainer
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
You did read it because they autosensing was a big factor in the article(s). However, iirc, for some combinations of switches and nics still didn't perform well with autosensing off.
Rainer Duffner wrote:
i am often not very impressed by network performance and need standardized benchmarks to figure out if there may be an issue at the NIC driver, switch or on up to a virus shield. It was either a ~2004 Dell Power magazine or ~2004 Network World article that mentioned that 3Com NICs didn't perform well with Cisco switches and vice versa.
Hm. I think I saw something like that (I was at a site that used Catalyst 6500-switches to connect desktops - in 2001). Autosensing was useless...
They've had that fixed for most of this century...
They also wrote about other vendors and i don't remember any of them performing extremely well across vendor. Now that NICs are a commodity, the problem could be worse.
Here, autosensing sometimes doesn't work. Then, you've got to set it fixed on both the client and the switch-port.
Usually the problem is that due to earlier Cisco autosensing issues you have set the switch configuration to not negotiate and replaced the connected device with one that does. With current equipmement and software auto negotiation almost always works, but if one end has been locked, the other has to assume half-duplex which is always wrong.
If you still have very old equipment you might still have to lock a port or two. Strangely, none of the usual network monitoring tools will detect a duplex mismatch - although if they are both Cisco's they will see it with CDP and log it. And to make this slightly relevant to Centos, net-snmp doesn't seem to expose the duplex setting of an interface if a tool did want to check.
On Mar 24, 2009, at 10:36 AM, Rob Townley rob.townley@gmail.com wrote:
On Mon, Mar 23, 2009 at 9:05 PM, Christopher Chan christopher.chan@bradbury.edu.hk wrote:
- vlans
- mstp or some well established form of per vlan spanning tree
- acl's
- port mirroring or what cisco calls span sessions
- snmp
- ssh enabled remote management
- support w/ updates and bugfixes
I need at least 48 ports per device and obviously would like them to be "fast". Most importantly, I'd like to know what you guys prefer as operations dudes and what pitfalls to avoid. Also, are there other features you folks would demand to have in your switches that I haven't mentioned? I can provide more information if you'd like. Thanks.
Oh, cost is sort of an issue (small/medium sized business) but right now insight from you guys is what's important and I can work out the cost issue later. Thanks again.
D-Link DGS-3100
I ordered a number of these for the school where I work to place a number of Cisco 2960 10/100 switches.
I am quite happy with them. Some of these switches are connected by multi-mode fibre.
Every time i read these posts they are filled with contradictions in that one person loves HP and hates CiscoLinksys while another hates HP. Let's get a more scientific approach. Switch performance still depends on the NICS in the client machines. We all know a network is a complex system. Some of us claim to be computer scientists so shouldn't we act like that instead of advertising for our vendors.
i would like to see real performance data via something like netperf with client machines booted from a standardized LiveCD, then peformance under their Linux Distribution and performance under Windows.
Performance data would need to have details such as the NIC on the client machine and other hw characteristics. How many machines ran the benchmark simultaneously. Cat5e vs Cat6 or Fiber connected.
http://www.netperf.org ( OpenSource started by HP, ) ftp://ftp.netperf.org/netperf/ (Looks like 2.4.4 is the latest version. Not sure what 4.0.0 is)
http://sourceforge.net/projects/jnetperf (java version of netperf)
There may be another project from some Italian Professor, but didn't find it in my bookmarks.
Yes, there is the unix way of time dd ... but that wouldn't work for windows clients and does not give enough details in terms of metrics.
Look there really are 3 tiers for network equipment. The first two tiers all give wire speed performance and have managed layer 2 and 3 options. The last tier is for consumer home use.
Tier 1 might have high-end Cisco, Juniper or Nortel (and others) that have modular enclosures redundant power supplies and heavenly price tags. These are typically used in large enterprises that can afford them.
Tier 2 might have Dell Powerconnects and HP Procurves and Cisco 2000 series products. These are good stable well performing products and are gobbled up in heaps by small and medium businesses. These are the usual choice for small enterprises and come in managed and unmanaged, layer 2 of layer 3, power over Ethernet of not or a combination of those.
Tier 3 contain your Linksys, DLink and Zyxel brand products. They basically just get the job done, but might need reset every now and then and probably can't run more then 2 ports at a full 1GBe simultaneously. They are for home use and are prices as such. Some will be better then others and some might be very good, but they are not designed for business use and thus shouldn't be used as such.
-Ross
Tier 2 might have Dell Powerconnects and HP Procurves and Cisco 2000 series products. These are good stable well performing products and are gobbled up in heaps by small and medium businesses. These are the usual choice for small enterprises and come in managed and unmanaged, layer 2 of layer 3, power over Ethernet of not or a combination of those.
You can add D-Link to Tier 2. Managed, some come with PoE ports, yada yada. Heard of leaky HP switches? Double dealing D-Links? A long time ago, yes.
Tier 3 contain your Linksys, DLink and Zyxel brand products. They basically just get the job done, but might need reset every now and then and probably can't run more then 2 ports at a full 1GBe simultaneously. They are for home use and are prices as such. Some will be better then others and some might be very good, but they are not designed for business use and thus shouldn't be used as such.
You missed Surecom.
Look there really are 3 tiers for network equipment. The first two tiers all give wire speed performance and have managed layer 2 and 3 options. The last tier is for consumer home use.
Tier 1 might have high-end Cisco, Juniper or Nortel (and others) that have modular enclosures redundant power supplies and heavenly price tags. These are typically used in large enterprises that can afford them.
Tier 2 might have Dell Powerconnects and HP Procurves and Cisco 2000 series products. These are good stable well performing products and are gobbled up in heaps by small and medium businesses. These are the usual choice for small enterprises and come in managed and unmanaged, layer 2 of layer 3, power over Ethernet of not or a combination of those.
Tier 3 contain your Linksys, DLink and Zyxel brand products. They basically just get the job done, but might need reset every now and then and probably can't run more then 2 ports at a full 1GBe simultaneously. They are for home use and are prices as such. Some will be better then others and some might be very good, but they are not designed for business use and thus shouldn't be used as such.
-Ross
I had a reseller in here yesterday, and apparently the linksys (higher end) lines are being merged into the cisco lines. So the linksys gear will just be branded Cisco. I am not sure if this is all linksys gear, or just what they cal the higher end stuff. But I am trying to confirm from a cisco rep. Wonder how it will effect the above mentioned tiers which in general were true.
d
dnk wrote:
I had a reseller in here yesterday, and apparently the linksys (higher end) lines are being merged into the cisco lines. So the linksys gear will just be branded Cisco. I am not sure if this is all linksys gear, or just what they cal the higher end stuff. But I am trying to confirm from a cisco rep. Wonder how it will effect the above mentioned tiers which in general were true.
It won't, even with the Cisco name they'll be pitched/priced to target the low budget space. They may be able to better compete with the HP's and Dell's(forgot they had switches..) of the world though with the better brand recognition of Cisco vs Linksys. Probably get a 25% increase in price for the same product with the new branding too.
nate
One thing to remember is that you usualy get what you paid for... I found out the hard way when my boss pushed me to buy brand XYZ PowerC... switches because they were a half the price of other brands/models. It said "web-managed"... and it really meant web (only) managed (not even SSL encrypted!). No snmp, no ssh... Just a dumb unencrypted webpage with a few stats. Could not even grab the web page to parse it because you could get the stats for 1 port at a time through an html form! No dhcp for its management IP so, if you reactivate the management access (disabled it for obvious reasons), it will use a default fixed IP that will of course conflict with another equipment...
JD
Ross Walker wrote:
Look there really are 3 tiers for network equipment. The first two tiers all give wire speed performance and have managed layer 2 and 3 options. The last tier is for consumer home use.
Tier 1 might have high-end Cisco, Juniper or Nortel (and others) that have modular enclosures redundant power supplies and heavenly price tags. These are typically used in large enterprises that can afford them.
Tier 2 might have Dell Powerconnects and HP Procurves and Cisco 2000 series products. These are good stable well performing products and are gobbled up in heaps by small and medium businesses. These are the usual choice for small enterprises and come in managed and unmanaged, layer 2 of layer 3, power over Ethernet of not or a combination of those.
Tier 3 contain your Linksys, DLink and Zyxel brand products. They basically just get the job done, but might need reset every now and then and probably can't run more then 2 ports at a full 1GBe simultaneously. They are for home use and are prices as such. Some will be better then others and some might be very good, but they are not designed for business use and thus shouldn't be used as such.
I've got a 24 port Netgear GSM7224 Layer 2 managed GigE switch in my lab, I'd put it squarely in tier 2.... its wirespeed on all 24 ports, and capable of supporting jumbo frames, channel bonding, VLANs, etc etc etc. 4 of its 24 ports are crosswired to SBIC optical ports so you can use it with singlemode or multimode fiber links. its in a metal rack mountable 1U chassis.
Rob Townley rob.townley@gmail.com writes:
i would like to see real performance data via something like netperf with client machines booted from a standardized LiveCD, then peformance under their Linux Distribution and performance under Windows.
Performance data is not the most important metric, at least for me.
For me, the big problem is reliability and security. My problem with used cisco is that getting access to the firmware usually costs more than the used parts I'm buying... If I'm going to use the thing as a router at the head of my network, I want to be sure that the thing can be secured, and sometimes that requires a firmware update.
If someone sold support contracts (by support contracts, I mean firmware. I don't need help, I just need the firmware.) for old switches for less than the value of the switch, I'd buy. If someone sold switches with open source firmware, I'd buy. (I've bought myself an OpenGear console server instead of a cheaper used cyclades for similar reasons.)
Luke S Crawford wrote:
i would like to see real performance data via something like netperf with client machines booted from a standardized LiveCD, then peformance under their Linux Distribution and performance under Windows.
Performance data is not the most important metric, at least for me.
For me, the big problem is reliability and security. My problem with used cisco is that getting access to the firmware usually costs more than the used parts I'm buying... If I'm going to use the thing as a router at the head of my network, I want to be sure that the thing can be secured, and sometimes that requires a firmware update.
If someone sold support contracts (by support contracts, I mean firmware. I don't need help, I just need the firmware.) for old switches for less than the value of the switch, I'd buy. If someone sold switches with open source firmware, I'd buy. (I've bought myself an OpenGear console server instead of a cheaper used cyclades for similar reasons.)
If you get a service contract on any piece of Cisco equipment, you typically get download access to all of the firmware updates. However, in a lot of scenarios there are several choices, each with a different set of bugs that you won't know about unless you open a TAC case and tell an engineer exactly what features have to work for you.
On Mar 24, 2009, at 7:12 PM, Les Mikesell lesmikesell@gmail.com wrote:
Luke S Crawford wrote:
i would like to see real performance data via something like netperf with client machines booted from a standardized LiveCD, then peformance under their Linux Distribution and performance under Windows.
Performance data is not the most important metric, at least for me.
For me, the big problem is reliability and security. My problem with used cisco is that getting access to the firmware usually costs more than the used parts I'm buying... If I'm going to use the thing as a router at the head of my network, I want to be sure that the thing can be secured, and sometimes that requires a firmware update.
If someone sold support contracts (by support contracts, I mean firmware. I don't need help, I just need the firmware.) for old switches for less than the value of the switch, I'd buy. If someone sold switches with open source firmware, I'd buy. (I've bought myself an OpenGear console server instead of a cheaper used cyclades for similar reasons.)
If you get a service contract on any piece of Cisco equipment, you typically get download access to all of the firmware updates. However, in a lot of scenarios there are several choices, each with a different set of bugs that you won't know about unless you open a TAC case and tell an engineer exactly what features have to work for you.
Oh God, I hate the most ugly Cisco compatibility matrix. What a horror show! It's like a big crap shoot picking a firmware image!
I actually like the Dell Powerconnects. They are solid performers and offer switches of all capabilites.
A 48 port Gbe layer 3 managed (web and cli) powerconnect with PoE on all 48 ports (not 24 out of the 48 like some similar Ciscos) goes for around $2000 a comparable Cisco one goes for around $3800.
-Ross
On Tue, Mar 24, 2009 at 6:12 PM, Les Mikesell lesmikesell@gmail.com wrote:
Luke S Crawford wrote:
i would like to see real performance data via something like netperf with client machines booted from a standardized LiveCD, then peformance under their Linux Distribution and performance under Windows.
Performance data is not the most important metric, at least for me.
For me, the big problem is reliability and security. My problem with
i am with you, security is my biggest concern. When our network were to started to crawl, i have to wonder if there isn't a worm sucking up all the bandwidth. Stressing a switch may test the reliability of the infrastructure in a safe way - an automated PXE boot at night. Ideally, switch perf reports would include the firmware version.
used cisco is that getting access to the firmware usually costs more than the used parts I'm buying... If I'm going to use the thing as a router at the head of my network, I want to be sure that the thing can be secured, and sometimes that requires a firmware update.
If someone sold support contracts (by support contracts, I mean firmware. I don't need help, I just need the firmware.) for old switches for less than the value of the switch, I'd buy. If someone sold switches with open source firmware, I'd buy. (I've bought myself an OpenGear console server instead of a cheaper used cyclades for similar reasons.)
If you get a service contract on any piece of Cisco equipment, you typically get download access to all of the firmware updates. However, in a lot of scenarios there are several choices, each with a different set of bugs that you won't know about unless you open a TAC case and tell an engineer exactly what features have to work for you.
-- Les Mikesell lesmikesell@gmail.com
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Les Mikesell lesmikesell@gmail.com writes:
If you get a service contract on any piece of Cisco equipment, you typically get download access to all of the firmware updates.
Yeah, but the problem for me is that for my frontend network, 100M is just fine. A used cisco 3548 is going to set me back around $200. For my frontend, it looks like a fine switch (my only question is... will it handle IPv6? it does vlan tunneling so worst case I use a linux box to route my IPv6.) Getting access to firmware updates is 5x that, every year.
I've had an ancient cat 2924 at a backup location online for several years now. No problems, it pushes packets at 100M just fine, it's span capabilities even work. I've gotten lucky as far as security goes. But it doesn't really make sense to replace it with a better switch. the upstream switch above it is a SMC of similar age.
in a lot of scenarios there are several choices, each with a different set of bugs that you won't know about unless you open a TAC case and tell an engineer exactly what features have to work for you.
Yeah, but at the used prices for 100M kit, I can buy two or three, and test it out to my heart's content. I mean, my experience with support (working for clients who can afford such things) is that you have to understand the problem to get someone else to fix it anyhow, and usually understanding the problem is the hard part. Once you understand the problem, fixing it is trivial. So I don't usually think it makes sense to pay for support, especially when the equipment cost is such that I have a few spares laying about in the lab.
Luke S Crawford wrote:
Les Mikesell lesmikesell@gmail.com writes:
If you get a service contract on any piece of Cisco equipment, you typically get download access to all of the firmware updates.
Yeah, but the problem for me is that for my frontend network, 100M is just fine. A used cisco 3548 is going to set me back around $200. For my frontend, it looks like a fine switch (my only question is... will it handle IPv6? it does vlan tunneling so worst case I use a linux box to route my IPv6.) Getting access to firmware updates is 5x that, every year.
I suspect if you keep the switch in layer 2 mode IPv6 will work just fine, but I wouldn't expect IPv6 layer 3 support from the switch(so don't expect it to be able to act as a router for your IPv6 network, and you may need a separate IPv4 network to manage the switch over IP)
It might work but I wouldn't expect it to.
nate
2009/3/26 nate centos@linuxpowered.net
Luke S Crawford wrote:
Les Mikesell lesmikesell@gmail.com writes:
If you get a service contract on any piece of Cisco equipment, you typically get download access to all of the firmware updates.
Yeah, but the problem for me is that for my frontend network, 100M is
just
fine. A used cisco 3548 is going to set me back around $200. For my frontend, it looks like a fine switch (my only question is... will it handle IPv6? it does vlan tunneling so worst case I use a linux box to route my IPv6.) Getting access to firmware updates is 5x that, every year.
I suspect if you keep the switch in layer 2 mode IPv6 will work just fine, but I wouldn't expect IPv6 layer 3 support from the switch(so don't expect it to be able to act as a router for your IPv6 network, and you may need a separate IPv4 network to manage the switch over IP)
It might work but I wouldn't expect it to.
A 3548 is only layer 2 anyway, i.e. ethernet switching, i.e. below IP... A model sometimes confused with the 3548 is the 3550-48, the 48x100M member of the 3550 series that replaced the 3500 series and as such the 3548, which does have layer 3 functionality in the EMI releases, it's pretty good too with wire speed forwarding even when using some of the layer 3 featureset... But, it won't do any layer 3 IPv6 stuff as some of the tricks used to get the speed include having certain functions done with dedicated silicon which can't cope with IPv6 and of course can't be upgraded with firmware (some versions of firmware have claimed some IPv6 support, but, I've not seen any success with it)
d
A 3548 is only layer 2 anyway, i.e. ethernet switching, i.e. below IP... A model sometimes confused with the 3548 is the 3550-48, the 48x100M member of the 3550 series that replaced the 3500 series and as such the 3548, which does have layer 3 functionality in the EMI releases, it's pretty good too with wire speed forwarding even when using some of the layer 3 featureset... But, it won't do any layer 3 IPv6 stuff as some of the tricks used to get the speed include having certain functions done with dedicated silicon which can't cope with IPv6 and of course can't be upgraded with firmware (some versions of firmware have claimed some IPv6 support, but, I've not seen any success with it)
d
I'm the OP in case you've forgotten since this thread has been so active but just wanted to say thanks to everyone for the feedback!
On the subject of layer 3 switching, it's an absolute must for us. IPv6 is not important at all to us. I, as the admin, care most about manageability, servicability (not sure if that's a word), and security.
I'll probably rule out anything that doesn't offer at least 48 ports of 10/100/1000, ssh, port mirroring or spanning sessions, snmp, unique spanning trees per vlan, and something like vrrp. It would be nice to have 802.3ad (I think that's the right one) capability to do some link aggregation between the switches as well.
Not really asking for anything in this post but just providing more information in case you're interested. Thanks again.
Scott McClanahan wrote:
I'll probably rule out anything that doesn't offer at least 48 ports of 10/100/1000, ssh, port mirroring or spanning sessions, snmp, unique spanning trees per vlan, and something like vrrp. It would be nice to have 802.3ad (I think that's the right one) capability to do some link aggregation between the switches as well.
Not really asking for anything in this post but just providing more information in case you're interested. Thanks again.
You may want to check out sflow instead of using something like port mirroring, with sflow(on sflow-enabled devices) it samples enough data that you can get almost everything that flows through the network and can do so at line rate on every port, so even if your pushing 100Gbit on your switch you don't need to worry about performance impact, something that wouldn't be possible with port mirroring or cisco netflow.
http://www.sflow.org/sFlowOverview.pdf
nate
Luke S Crawford wrote:
in a lot of scenarios there are several choices, each with a different set of bugs that you won't know about unless you open a TAC case and tell an engineer exactly what features have to work for you.
Yeah, but at the used prices for 100M kit, I can buy two or three, and test it out to my heart's content. I mean, my experience with support (working for clients who can afford such things) is that you have to understand the problem to get someone else to fix it anyhow, and usually understanding the problem is the hard part. Once you understand the problem, fixing it is trivial.
"Fixing it" isn't trivial when the problem is knowing which of several IOS images have exactly the features you need and no bugs that will affect what you are trying to do.
So I don't usually think it makes sense to pay for support, especially when the equipment cost is such that I have a few spares laying about in the lab.
I'm inclined to agree with switches as long as yours are new enough to be past the auto-negotiation bugs. But it's more complicated with routers if you do anything unusual with multicast, vlans, tunnels, multiple routing protocols, etc. And service on anything normally gets you access to download any update image.
Scott McClanahan wrote:
I'm looking to acquire a few new core switches for our network which would be a major upgrade from the cheap unmanaged things we currently have. Basically, just users, servers, and other simple network devices will be plugged into them but I'd like to start doing some testing with iSCSI for various non-production reasons. I have no allegiance to a particular vendor although I do have a Cisco background. I'd like them to be at least 10/100/1000 (no need for power over ethernet) and include many of the features that are most important to me in a managed switch, including:
look at HP Procurves. That is what I use.
You can get 2524's quite cheap on ebay.
- vlans
- mstp or some well established form of per vlan spanning tree
- acl's
- port mirroring or what cisco calls span sessions
- snmp
- ssh enabled remote management
- support w/ updates and bugfixes
I need at least 48 ports per device and obviously would like them to be "fast". Most importantly, I'd like to know what you guys prefer as operations dudes and what pitfalls to avoid. Also, are there other features you folks would demand to have in your switches that I haven't mentioned? I can provide more information if you'd like. Thanks.
Oh, cost is sort of an issue (small/medium sized business) but right now insight from you guys is what's important and I can work out the cost issue later. Thanks again. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
look at HP Procurves. That is what I use. You can get 2524's quite cheap on ebay.
We used these for years, and they were great, and super cheap on EBay. HP support was fantastic as well. The 26xx series allows for "light" layer 3 routing; you may want to snag the 2626 or 2650 instead of the 25xx series. I believe that HP has end-of-lifed these switches, though, so firmware updates for security bugs, etc, will, from what I understand, cease in a few years.
We upgraded to some Dell PowerConnect 6248s in the past year, so that we could use VRRP for (routing-enabled) switch failover. As with all Dell things, hammer them on the price and you can get it ~30% cheaper than listed.
-Jeff
-
Chan Chung Hang Christopher -
Christopher Chan
-
D Tucny -
dnk -
J Potter -
John Doe -
John R Pierce -
Les Mikesell -
Luke S Crawford -
Marko Mernik -
nate -
Per Qvindesland -
Rainer Duffner -
Rob Townley -
Robert Moskowitz -
Ross Walker -
Scott McClanahan