Re: [c-nsp] GRE router recommendations
On Fri Apr 20, 2007 at 11:14:16PM +0200, Asbjorn Hojmark - Lists wrote: At the sites where I need to tunnel from are currently 3550 switches (and a few 3750's). What sort of GRE performance should I see from those? GRE is not supported on the small Catalyst switches. It does work (in some versions?) but only at low performance and with high CPU utilization... And, again, it's not supported. Yeah - I've since found that on the Cisco website. But, what about GRE performance on true routers? Simon -- Simon Lockhart | * Sun Server Colocation * ADSL * Domain Registration * Director|* Domain Web Hosting * Internet Consultancy * Bogons Ltd | * http://www.bogons.net/ * Email: [EMAIL PROTECTED] * ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] GRE router recommendations
On Sat, Apr 21, 2007 at 02:32:22PM +0200, Gert Doering wrote: 7600/Sup720 will do whatever you need, provided you use a different local address for each tunnel source (if you have multiple tunnels on the same local IP address, the hardware can't do the tunneling, and the CPU is much slower). But it won't verify the source address on GRE packets it receives, which makes it feasible to forge GRE packets without forging the source address, which in some configurations makes some attacks easier. That relevant in some situations and not in others ... -- Brett ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
