What router models could you suggest for such architecture: Internal network contains approx. 350 hosts, we have a single internet connection to our ISP, it's 10mbps ethernet. In near future we will upgrade it to
20mbps. I want set up two routers with DMZ between them, first of them wil be directly connected to our ISP (there will be some acls there, not many), second one will be connected to our internal LAN (nat, qos). I think about 26xx or 28xx series, will it be enough?tia
take a look at Cisco 3825
I usually have pretty good luck with the product advisor
Why not a single 1812? It can handle 20mbps (AFAIK).
If you want two routers I suggest 2811 for the extrenal router, or a pix ;]
20Mbps is very doable. Even applying the "Cisco filter" to Cisco's claimed throughput, a 2811 should be able to handle that.
If you want 20Mbps through your NAT translation, and also want to survive an external DoS, then that may be a bit more of a challenge for the 2811. Be sure to have your upstream cap the traffic at 10Mbps or
20Mbps; if you have compromisable systems inside, cap your LAN before it hits the router too. I doubt that the 2811 will stand-up to 250k new flows per second from your LAN.If you have an all-ethernet setup, and NAT plus filtering is all you need to do, you might consider using a pair of firewalls instead of routers. The kpps per dollar is higher, and quality firewalls have many router features, including fairly full routing protocols.
Harv
-- please direct spam to: snipped-for-privacy@specialgreen.com
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.