Layer3 Switch recommendation

[kylef]

I'm setting up a lab that will require setting up basic VLAN-based routing topologies, mostly 1 or 2 hops. The idea is to set up a few hosts on separate VLANs, configure some basic routes, and verify some "new protocol" connectivity across the routes.

(In other words, we have extremely simple requirements, so the switch will not be doing anything fancy like quality of service, trunking, etc.)

I am amazed at the price differences between a basic "value" L3 switch like the Dlink DES-3326SRM, a mid-range switch like the Allied Telesyn Rapier 'i' series, and a high-end switch like the Extreme Networks Summit 'i' series. The price range here is literally from ~$500 to around ~$3000 for approximately the same functionality (at least as far as the functionality we'd use).

If we went with one of the lower-cost switches, we could obviously set up a much more significant lab (we already have lots of hosts to use... we're limited by the number of ports available, essentially). But I certainly don't want to buy a switch that is going to have management issues, and will reboot when we send it packets it doesn't like.

Any suggestions/recommendations here? Specifically, are there models that we should avoid considering at the lower end of the spectrum?

Edit: added summary

 

[randal]

I am uncertain if your scenario requires layer 3 switching. I mean, L3 switching is some pretty heavy duty stuff, and standard vlans & trunks don't need it, as that all works at L2, with the only exception being inter-vlan routing (unsure if you're doing this). If you are doing IVR, save yourself a bucket of money and pick up a router and do it on there. Why? Because doing it on a router is a little slower but waaay cheaper than getting some L3 switches.

Dunno if any of that applies to your situation, though. Regarding pricing, yea, L3 switches generally cost a TON of money. Is there a difference in quality between those listed above? I am sure there is, but I've never used any of them, although I consistently hear only good things about Extreme switches.

$.02
randal

 

[kylef]

Originally posted by: randal
I mean, L3 switching is some pretty heavy duty stuff, and standard vlans & trunks don't need it, as that all works at L2, with the only exception being inter-vlan routing (unsure if you're doing this).

Inter-VLAN routing is exactly why we need this switch. I apologize for not being more clear before. We will be creating many VLANs on the switch, and configuring routes between the VLANs to construct basic routing topologies for our testing.

If you are doing IVR, save yourself a bucket of money and pick up a router and do it on there. Why? Because doing it on a router is a little slower but waaay cheaper than getting some L3 switches.

Basic routers don't meet our needs because they simply don't have enough routing interfaces. A basic Cisco 2620, for instance, only has 2 FastEthernet interfaces. Contrast that with a 24-port Layer3 switch, which has 24 fully routable ethernet interfaces. So I'm pretty sure the Layer3 switch is the way to go here. We need lots of interfaces and lots of subnets for all our hosts.

 

[randal]

Basic routers don't meet our needs because they simply don't have enough routing interfaces. A basic Cisco 2620, for instance, only has 2 FastEthernet interfaces. Contrast that with a 24-port Layer3 switch, which has 24 fully routable ethernet interfaces. So I'm pretty sure the Layer3 switch is the way to go here. We need lots of interfaces and lots of subnets for all our hosts.

Do you need tons of throughput, though? You can get a single gig-e or even a fast-e card on a router, uplink your core switch to it and trunk everything across one interface with tons and tons of -free- subinterfaces ... inter vlan router on a stick? Sure, you won't get 15mpps through it, but for testing, I don't think you could beat the cost.

I do agree that doing it with a L3 will definitely yield the best performance, but I come from the school of trying to get the job done reliably for the lowest price. BTW, how many hosts and vlans and how much traffic are you talking about?

 

[spidey07]

Originally posted by: kylef

Originally posted by: randal
I mean, L3 switching is some pretty heavy duty stuff, and standard vlans & trunks don't need it, as that all works at L2, with the only exception being inter-vlan routing (unsure if you're doing this).

Inter-VLAN routing is exactly why we need this switch. I apologize for not being more clear before. We will be creating many VLANs on the switch, and configuring routes between the VLANs to construct basic routing topologies for our testing.

If you are doing IVR, save yourself a bucket of money and pick up a router and do it on there. Why? Because doing it on a router is a little slower but waaay cheaper than getting some L3 switches.

Basic routers don't meet our needs because they simply don't have enough routing interfaces. A basic Cisco 2620, for instance, only has 2 FastEthernet interfaces. Contrast that with a 24-port Layer3 switch, which has 24 fully routable ethernet interfaces. So I'm pretty sure the Layer3 switch is the way to go here. We need lots of interfaces and lots of subnets for all our hosts.

ummm, a 2620 router supports trunking on its FE interfaces so you could have a "router on a stick" to route between VLANS.

That being said a cisco 3550 could do it. If you need the features, you're gonna spend the dough no matter if it is cisco, foundry, extreme, etc.

-edit- that being said I could probably make a 2620 route between 24 vlans and even higher. Not that I would want to do it, but in a lab for basic connectivity it would work just fine.

 

[kylef]

Originally posted by: spidey07
ummm, a 2620 router supports trunking on its FE interfaces so you could have a "router on a stick" to route between VLANS.

I should have made my requirements more clear up front, I apologize. I need to be able to do the following dynamically:

-configure up to 24 VLANs

-set up routes between each of these VLANs as determined by an automated topology generator (for instance on one pass it might configure 24 VLANs (subnets) with 12 independent 1-hop routes, and on the next pass it might configure 4 1-hop routes, 4 2-hop routes, and a single 3-hop route)

-configure arbitrary levels of routing (for instance if each interface were its own VLAN, I would want to support a 23-hop topology like 1<->2<->3<->4<->...<->24)

-set up port mirroring on any of the routable interfaces (to analyze or log the traffic in one of the interior hops, for instance)

-allow each of these VLAN to VLAN routes to work completely independently (the switch fabric of a Layer3 switch supports this, whereas using a 2-interface router would seriously cap the total throughput of any VLANs that were "trunked" together)

Based on those requirements, I still think a Layer3 switch makes the most sense for us. This allows a very simple lab setup: connect the hosts directly to the switch, with a few select hosts doubly connected (for sniffing purposes).

The setup you describe (trunking through a router with only 2 interfaces) would require more setup, from what I can tell. And making the topologies work dynamically would be nearly impossible for some topologies (or perhaps I don't understand what you're suggesting). The fully-meshed interconnection of VLANs in a Layer3 switch seems like the ultimate and most flexible approach possible, doesn't it?

So, does anyone have first-hand experience with Layer3 switches? Any specific recommendations/avoidances?

I'm really tempted to go ahead and buy the Dlink (for ~$600) and play with it to see if it works as advertised (I believe everything we want to do above is supposed to work). I'm really skeptical that the Cisco 3500-series or Extreme Networks Summit-series are really worth the extra $3000 price premium. But I suppose that's why I'm asking you guys!

 

[kylef]

Bump...

Any advice from people with direct Layer3 switch experience would be appreciated!

 

[spidey07]

well a layer3 switch is just that - one that can route between ports/interfaces.

really, these things are cheap at a few grand a piece. Just pick one. Cisco is pretty feature rich IMHO and well worth it. 3550 or 3750 series.

 

[Garion]

I don't think you can easily do multiple hops on the same switch or router. i.e., I don't think if you can setup 1 <-> 2<-> 3 <-> 4. If the switch sees a destination on subnet 4 coming from subnet 1, it's going to send it directly. I'd bet that locally-connected interfaces will even override static routes that you might use to try to force traffic through a different path.

Before you buy anything, call up each vendor's pre-sales and ask them if the switch will do what you want to do. Hopefully each should have someone you can ask.

- G

 

[kylef]

Originally posted by: Garion
I don't think you can easily do multiple hops on the same switch or router. i.e., I don't think if you can setup 1 <-> 2<-> 3 <-> 4. If the switch sees a destination on subnet 4 coming from subnet 1, it's going to send it directly. I'd bet that locally-connected interfaces will even override static routes that you might use to try to force traffic through a different path.

Before you buy anything, call up each vendor's pre-sales and ask them if the switch will do what you want to do. Hopefully each should have someone you can ask.

- G

Very, very good point. If I can't configure independent routing tables for these VLANs, I won't be able to do what I want to do.

Thanks for the heads up.

 

[melthemoose]

Originally posted by: kylef
Basic routers don't meet our needs because they simply don't have enough routing interfaces. A basic Cisco 2620, for instance, only has 2 FastEthernet interfaces. Contrast that with a 24-port Layer3 switch, which has 24 fully routable ethernet interfaces. So I'm pretty sure the Layer3 switch is the way to go here. We need lots of interfaces and lots of subnets for all our hosts.

If you are pushing a lot of L3 traffic, do yourself a favor and don't use a router. While the pricing can be attractive, you will very quickly find that the performance delta between a router on a stick (aka poorman's layer 3 LAN solution) and a dedicated L3 switch is significant. Most decent L3 switches offer wirespeed (or close to it) switching.

As for the differences between L3 switches, differentiators are:
-QoS Ingress and Egress queues
-Port level (or other types) of security
-Level of management
-Overall thruput under load (like i said, good L3 switches don't have troubles with dropped packets or bottlenecks when ramped up towards 100% especially when you turn on more and more services)

Dell makes some lower end L3's but the reports I have seen on them is underload they start to quiver and shake and add in any of the more advanced features your packet loss spikes up very quickly.

As was pointed out before, the top of the line L3's come from Cisco, but at a price.

 

[kylef]

Originally posted by: melthemoose
Dell makes some lower end L3's but the reports I have seen on them is underload they start to quiver and shake and add in any of the more advanced features your packet loss spikes up very quickly.

As was pointed out before, the top of the line L3's come from Cisco, but at a price.

What about the Extreme Networks Summit 200-24? http://www.extremenetworks.com/libraries/prodpdfs/products/summit200_24_48.asp

I can find it for ~$1200, which is within my team's budget. I've heard people say good things about Extreme switches, but I don't really know anything about this particular model.

 

[melthemoose]

Not exactly easy to understand but if I am interpreting this correctly, the Summit 200-24 is, out the box, an L3 "lite" switch. It has all the doo dads of a good solid L2 switch with some of the more entry level L3 features. Its "claim to fame" appears to be the ability to upgrade the software and add the more advanced L3 features (L3 forwarding and advanced QoS and the like). Of course, this upgrade from the standard image (extreme ware) to the enhanced image (advanced edge) costs $$$...

I say interpret as I am not an expert on Extreme and their marketing blah blah blah.

 

[ICXRa]

I'm not sure if they still do it this way but our network has a Black Diamond 6808 with six Summit 48's attached via fiber. The summits with Extreme Ware have basic L3 and you must purchase a license for the advanced L3.

My experience with them has been:

1) Very Fast and easy to config
2) Unreliable, six Summit switch failures since we purchased them in 2000. The Black Diamond has been better but still had a redundant DC power supply fail which is odd, along with a management card.

We are going back to Cisco next go around.