Router Vs Switch for Edge

lquin1978 · ‎08-22-2011

Apart from the ability to participate in BGP, is there any reason you should use a router on an internet edge rather than the SG-300 switch?

Jon Marshall · ‎08-22-2011

There are things that routers can do that switches can't and there are things that routers do better eg.

1) QOS - routers have a greater feature set because QOS is limited by the hardware on switches

2) NAT - unless you have a 6500 switch then no other switch supports NAT

3) line termination - swiches generally only provide ethernet connectivity (although some higher end switches provide WAN cards). Routers can terminate ethernet/serial etc..

Jon

Marwan ALshawi · ‎08-22-2011

Just to add to Jon's points

in addition to QoS, NAting limitations

using a switch for Internet is not a good idea at all ( you may use it for a WAN edge but Internet do not )

reasons;

- limited security options ( with the router you can have up to application layer inspection and firewalling using Zonebased firewall ) you can also have intrusion prevention if you need/want using IPS module

- you can use VPN tunnels to be terminated on the edge router

- you might use multiple Internet links later where you need to loadbalance and load share the traffic using PBR and routing

in brief just go with a router yo might look into cisco ISR G2 if you have small to medium network

if its large you can also conside Cisco ASR1000 routers

HTH

pls rate the helpful posts

abuchsbaum · ‎08-22-2011

I should mention that there is an ASA behind this switch, the switch is just for connectivity to the ISP, no need for QoS, or VPNs (as these terminate on ASA).. no need for PBR or routing..

Anything else?

Edison Ortiz · ‎08-22-2011

What's the reason for terminating this connection to the switch instead of the FW?