Re: VLANs

North American Network Operators Group

Re: VLANs

From: Sean Donelan
Date: Wed Nov 14 19:07:07 2007

On Wed, 14 Nov 2007, Rodney Joffe wrote:

I have too many services to just want to use a T1 or two as sacrificial pipes. and I don't want to be messing around manually.

I need to be able to have the transit providers effectively provide isolation for each subnet, so my idea is to advertise each service up a separate rate-limited VLAN. So if one service is DDoS'd, and its 100mb vlan is hosed, the other 9 services still cope easily with each of their 100mb vlans.

Seems simple and logical to me, but I wasn't sure what I was missing.

The trick isn't the classification part, but needing multiple hardware queues. If you have multiple hardware queues, it doesn't matter too much whether you use "virtual" things like MPLS, VLAN, DSCP, 802.1p, PVCs, etc. Most will work.

If you don't have multiple hardware queues, then it also doesn't matter
too much whether you use "virtual" things like MPLS, VLANs, DSCP, 802.1P,
PVCs, etc.  Most will not work.

Providers use sacrifical physical interfaces, e.g. a T1, because some routers aren't very good at managing multiple queues on a single physical interface, and may not have multiple hardware queues on a single physical interface.

Follow-Ups:
- Re: VLANs Deepak Jain

References:
- VLANs Rodney Joffe
- Re: VLANs Christopher Morrow
- Re: VLANs Rodney Joffe

Prev by Date: Re: VLANs
Next by Date: Re: [NANOG-Admins] Options et. al. on [email protected] list
Date Index
Thread Index
Author Index
Historical