Re: [AFMUG] Router for VLANs

2016-01-26 Thread Jon Langeler
I'm curious, how much bandwidth would you be comfortable with using an ASR920 for? Jon Langeler Michwave Technologies, Inc. > On Jan 26, 2016, at 7:18 PM, Cassidy B. Larson wrote: > > I'm liking the Cisco ASR920s. > > Sent from my iPhone > >> On Jan 26, 2016, at 17:06,

[AFMUG] Router for VLANs

2016-01-26 Thread Brett A Mansfield
I'm looking for the best router available to handle Internet over VLANs that doesn't peg the CPU. Currently I use a UBNT EdgeRouter Pro, but I cannot get more than 100Mb from a bridged VLAN and that pegs the CPU to 100%. I get the same issue on CCRs. Thank you, Brett A Mansfield

Re: [AFMUG] Router for VLANs

2016-01-26 Thread Josh Reynolds
Okay, bridging a VLAN is where you are going wrong. Bridging is ALWAYS going to send traffic to a low performance management CPU as opposed to some type of FastPath hardware offloaded implementation. You need to attach a network diagram, and explain what you are trying to do. On Tue, Jan 26,

Re: [AFMUG] Router for VLANs

2016-01-26 Thread Brett A Mansfield
What is a good router with FastPath. If I recall, the CCR had that, but I wasn't impressed with anything Mikrotik. I just want to segment my network into VLANs to limit the broadcast domain. I would also like to segregate services such as video and Internet. Thank you, Brett A Mansfield >

Re: [AFMUG] Router for VLANs

2016-01-26 Thread Cassidy B. Larson
I'm liking the Cisco ASR920s. Sent from my iPhone > On Jan 26, 2016, at 17:06, Brett A Mansfield > wrote: > > What is a good router with FastPath. If I recall, the CCR had that, but I > wasn't impressed with anything Mikrotik. > > I just want to segment my

Re: [AFMUG] Router for VLANs

2016-01-26 Thread Sterling Jacobson
Of Josh Reynolds Sent: Tuesday, January 26, 2016 4:58 PM To: af@afmug.com Subject: Re: [AFMUG] Router for VLANs Okay, bridging a VLAN is where you are going wrong. Bridging is ALWAYS going to send traffic to a low performance management CPU as opposed to some type of FastPath hardware offloaded

Re: [AFMUG] Router for VLANs

2016-01-26 Thread Brett A Mansfield
I currently have a router with two ports that are not bridged to each other, but are statically routed. On each port I have the untagged Public LAN with Public IPs, and a tagged VLAN with internal IPs for management. But yes, after the router it is just a large bridged/switched network. Some of

Re: [AFMUG] Router for VLANs

2016-01-26 Thread Josh Reynolds
Yes, you can create /30 for each client, which which is fairly wasteful, or you could allocate a subnet per vlan, which you can under/over estimate during provisioning there. PPPoE is another option, and one I'm personally not a fan of. You could 1:1 NAT them, but that scales very poorly. You

Re: [AFMUG] Router for VLANs

2016-01-26 Thread Brett A Mansfield
My thought was to create router VLANs and I can put the CPE in any VLAN that has available IPs. But I have to bridge the VLAN to the WAN of the router which keeps hitting the CPU so hard that it brought everything to a crawl. Thank you, Brett A Mansfield > On Jan 26, 2016, at 6:21 PM, Josh

Re: [AFMUG] Router for VLANs

2016-01-26 Thread Josh Reynolds
Yeah, that's not going to work. Bridges drastically impact performance. On Jan 26, 2016 7:24 PM, "Brett A Mansfield" wrote: > My thought was to create router VLANs and I can put the CPE in any VLAN > that has available IPs. But I have to bridge the VLAN to the WAN

Re: [AFMUG] Router for VLANs

2016-01-26 Thread Brett A Mansfield
You said I could allocate a subnet per VLAN. How would I do that and not max out the CPU? Is that the FastPath you speak of? Thank you, Brett A Mansfield > On Jan 26, 2016, at 6:21 PM, Josh Reynolds wrote: > > Yes, you can create /30 for each client, which which is

Re: [AFMUG] Router for VLANs

2016-01-26 Thread Brett A Mansfield
I do give every customer a public. I had a router port to each AP before, so that is kinda the same thing. But I'm still not sure how this would eliminate the issue of maxing out the CPU on the router? It's still a bunch of VLANs bridged to the WAN port. Thank you, Brett A Mansfield > On Jan

Re: [AFMUG] Router for VLANs

2016-01-26 Thread Josh Reynolds
No, its not, its routing. There is no bridge involved. Say arin has given you 192.168.2.1/24. Maybe you only have one provider, so you are telling arin your upstream provider's ASN is going to propagate your subnet. Maybe your current WAN port is on 192.168.1.2, and your upstream static route is

Re: [AFMUG] Router for VLANs

2016-01-26 Thread Sterling Jacobson
: [AFMUG] Router for VLANs I do give every customer a public. I had a router port to each AP before, so that is kinda the same thing. But I'm still not sure how this would eliminate the issue of maxing out the CPU on the router? It's still a bunch of VLANs bridged to the WAN port. Thank you, Brett

Re: [AFMUG] Router for VLANs

2016-01-26 Thread Josh Reynolds
Af [mailto:af-boun...@afmug.com] *On Behalf Of *Brett A Mansfield > *Sent:* Tuesday, January 26, 2016 7:28 PM > *To:* af@afmug.com > *Subject:* Re: [AFMUG] Router for VLANs > > > > I do give every customer a public. I had a router port to each AP before, > so that is kinda the s