I'm not sure I get the first paragraph. The box specifically becomes targeted or the network in general?
----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP ----- Original Message ----- From: "Paul Stewart" <[email protected]> To: [email protected] Sent: Saturday, November 5, 2016 6:29:02 PM Subject: Re: [AFMUG] Switch packet loss during high bandwidth I would never put an IDS at the network edge - DDOS mitigation I don’t like to see them inline … both of them become targets at what they are supposed to be protecting :) The only reason I can see for putting a switch at the edge is cost savings … and if costs are tight then I can understand putting two routers behind it to increase some amount of redundancy As for other comments around x-connects … completely agree - they add up in a significant hurry … and if anyone the list deals with Equinix, you also have the hassles of bills that are never correct - new x-connects billed at full retail rate and then fight with them every month to get the x-connects back to contracted rate…. On Nov 5, 2016, at 6:15 PM, Mike Hammett < [email protected] > wrote: Another reason is that it's then easier to drop other devices in-line. Other devices may be a DDoS mitigation appliance (or service), an IPS, etc. ----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP ----- Original Message ----- From: "Paul Stewart" < [email protected] > To: [email protected] Sent: Saturday, November 5, 2016 5:04:41 PM Subject: Re: [AFMUG] Switch packet loss during high bandwidth Thanks Mike…. appreciate the explanation … sometimes it’s good to ask questions and get different viewpoints :) Paul <blockquote> On Nov 5, 2016, at 5:51 PM, Mike Hammett < [email protected] > wrote: Cost, yes. At $350/month for a cross connect, you choose your cross connect orders wisely. A router is more likely to need maintenance than a switch. Moving frames is pretty easy any may not need much for firmware updates. Routers on the other hand do lots of things and with that many things comes the increased likelihood of need for a firmware update. Dual routers means you don't have to drop your customers to perform said maintenance. You're also more likely to be doing ACLs and QOS on routers, which likely reduces performance from line rate, especially during DDoS type events. having some extra fire power is handy. ----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP ----- Original Message ----- From: "Paul Stewart" < [email protected] > To: [email protected] Sent: Saturday, November 5, 2016 10:21:15 AM Subject: Re: [AFMUG] Switch packet loss during high bandwidth So you expect the router to die? why not two x-connects to the provider back to two switches? Cost? <blockquote> On Nov 5, 2016, at 10:56 AM, Mike Hammett < [email protected] > wrote: I have a switch so I can get a /29 from the provider and have multiple PE routers on a single cross connect. ----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP ----- Original Message ----- From: "Paul Stewart" < [email protected] > To: [email protected] Sent: Saturday, November 5, 2016 9:10:42 AM Subject: Re: [AFMUG] Switch packet loss during high bandwidth Yeah good point… first question that comes to mind is why upstream provider connection is connected to a switch … why not go from router to provider and then router to the switch keeping all “downstream” traffic in the switch <blockquote> On Nov 5, 2016, at 9:14 AM, Josh Reynolds < [email protected] > wrote: With the limited information you've given, I'd put money on microbursts. For all your traffic higher than 1Gbps, that data has to get buffered on egress ports of devices. Eventually, traffic will get dropped to make room for new traffic. This is far worse in places where you may also have 100Mbps ports. "doesn't seem to be affecting the wan side of my router which connects to peers through the same switch" this was the kicker to me, combined with the "~2Gbps" line. On Nov 5, 2016 3:12 AM, "TJ Trout" < [email protected] > wrote: <blockquote> I have a 10G switch that is switching everything of mine at my NOC, including peers, router wan, router lan, uplink to tower, etc During peak traffic periods ~2gbps I'm seeing 1% packet loss and throughput will drop to 0 for just a second and resume normal for a few minutes before dropping back to zero for just a second. doesn't seem to be affecting the wan side of my router which connects to peers through the same switch. Doesn't happen during the day with low periods of traffic. I've enabled / disabled STP, Flow control. I believe I've isolated it to not be a single port, possibly have a bad switch but that seems hard to believe... Ideas? </blockquote> </blockquote> </blockquote> </blockquote>
