6500 vs N7k vs N5k+ISR G2

rtjensen4 · ‎02-22-2011

Hi All,

Looking for advice on a design. I'm upgrading my agin 4507R backbone to somthing more scalable.

I have been investigating 3 different designs, just looking for some feed back:

Requirments I have to work with:

· Total of 155 connected ports

o 55 of those are going to ESX hosts (15).

o 30-ish are devices that are simply for appliance management; SAN Switches, KVMs etc etc. These ports don’t even need Gig connectivity.

· I’ve been asked to bring in 10g to the environment

o Really, only our 15 ESX hosts right now would benefit from this.

o SAN is running FC, this was just replaced and new FC switches purchased.

· I have been tasked with implementing DMVPN this year.

· Need L3 capabilities. OSPF and BGP

· Need to maintain current 100/1g density for the time-being until we can migrate to 10g. currently at 96 10/100/1000 ports per 4500.

It’s a collapsed core design. WAN connects directly to 4500s and then access-layer switches from my various floors at HQ location connect directly to core along with servers. We don’t have any server aggregation switches currently. We’re about 90% virtual, so most things are consolidated onto 15 ESX hosts. WAN is MPLS with BGP Peering to provider via the 4500s.

Option 1:
- Cat 6500Es with VSS and SUP-720
- Good speed, and scalable. SUP-720 has been around a while. I need the new solution to last 7+ years.
- Any news on when SUP-1.4T will be out?
- A vendor recommended I look at Nexus line as Cisco has them priced pretty competitively.
- Maybe do DMVPN on these.
- Most Expensive
Option 2:
- Pair of N7k
- Overkill IMO. WAAY more switch than I need.
- Pair of 3900s for DMVPN
- Not as Expensive as option 1, but still up there.
Option 3:
- Pair of N5k 5548; Pair of N2k 2248TP; and Pair of 3945E
- More backplan capactiy than 6500s.
- Gives the throughput I need for raw switching as well as scalability / upgradability if i want to add / tweak small things going forward.
- Cons: 3945Es Might be a bottleneck. I was thinking of doing 2x GigE connections in etherchannel to each N5k for redundancy and additional bandwidth.
- 3945E Seems to be pretty high capacity. These guys would be used for DMVPN and WAN routing as well (BGP Peering with Provider). Only have 18 sites that are pretty stable so overhead would be minimal.
- Each 3945E would have 2x Gig e to each N5k, 1 GigE to MPLS cloud, 1 GigE connected to other 3945E.
- Lowest cost

I'm liking option 3 right now because it's more of a "Tierd" approach soft of, but i was wondering what others think. I'm not required to go with lowest cost, I've been able to go with what is RIGHT for us not necessarilly the cheapest. Any input would be appreciated.

Edison Ortiz · ‎02-22-2011

I agree with you. Option 3 provides you with a tier approach and I also like it very much.

I hate connecting the WAN directly onto the Core.

Have you consider Option 3 with 3750s instead of N5Ks?

rtjensen4 · ‎02-22-2011

I have thought about the 3750s, but I want the 10g density offered by the Nexus line. I'd also like to do DCB (Maybe) with my DR location.

Edison Ortiz · ‎02-22-2011

Option 3 it is

Leo Laohoo · ‎02-22-2011

Any news on when SUP-1.4T will be out?

VSS-Sup2T will be out before the 3rd quarter of 2011, I am guessing. WS-X6708-10GE won't be supported due to the DFC/PFC. WS-X6704-10GE and WS-X6716-10GE will require a DFC/PFC upgrade.

Cons: 3945Es Might be a bottleneck.

What bandwidth do you have in mind? If you want a WAN bandwidth of >1Gb then the 3900 doesn't have enough "umph" to generate a grunt. Consider the ASR 1K with ESP5 (at least). That'll give you, around >4Gb bandwidth (half duplex, non-encrypted).

Edison Ortiz · ‎02-22-2011

Leo,

Good Point!

Leo Laohoo · ‎02-22-2011

Thanks for the ratings Edison. Where have you been hiding lately?

Edison Ortiz · ‎02-22-2011

Well deserved Leo - you should be rated more often.

Hiding? I stop by often but these forums are well covered so I don't answer much

Leo Laohoo · ‎02-22-2011

rtjensen4 · ‎02-22-2011

Thanks to both of you. I was hoping some seasoned veterans such as yourself would weigh-in.

Leo Laohoo · ‎02-22-2011

I was hoping some seasoned veterans such as yourself would weigh-in

Seasoned veterans my foot! I'm a newbie. I just read some of the posts of the other "seasoned veterans".

rtjensen4 · ‎02-22-2011

True that. WAN is only 55mb right now, and we don't have any plans to go over 100mb. The only concerns I'd have are as far as LAN routing

on those guys, but really, the only HIGH bandwidth stuff that have is on it's own VLAN anyway and doesn't need to be routed.

Leo Laohoo · ‎02-22-2011

The only concerns I'd have are as far as LAN routing on those guys, but really, the only HIGH bandwidth stuff that have is on it's own VLAN anyway and doesn't need to be routed.

Then the 3900 may be an overkill but I don't see any issues with the 3900 anyway.

Edison Ortiz · ‎02-23-2011

55Mbps? 100Mbps Ethernet Handoff?

You need traffic-shaping.

If you elect the 6500, you need to purchase the SIP/SPA module for traffic-shaping.

If you elect the Nexus 7k, you can do traffic-shaping with the LAN ports. However, the 7K is targeted for Core/DC purposes, not at the WAN Layer.

If you elect the 3900, traffic-shaping is available.

I'm not sure how you are doing it now with the 4500 switch.

It sounds like option #3 is the best according to your budget and requirement.

Marvin Rhoads · ‎02-23-2011

Note also that the 7K won't take the low end 10/100 iLo and KVM type ports.

One downside with any of the Nexus solutions is the need to familiarize yourself with NX-OS features and syntax. Overall, I'd say the Nexus line hasn't taken off the way Cisco had hoped it would. (Thus the aggressive pricing many folks are seeing.) Also, we have seen an inordinate number of power problems with our 2248 FEX's.

I think they need to revamp that line a bit to make it a better fit for many enterprises.