We used to use Linux and L2TPNS … which worked well initially We now only use FireBricks and on the whole they're very good (if not slightly expensive for the 6000 model)
It depends on how many tails you want to connect … a fully loaded FB2700 costs £750 and will do the job well for up to 200 or so sessions (255 technically) and you can cluster them (a lot of them before you get to the cost of a single FB6000) The 6000 will technically do up to 65535 sessions, but realistically you're probably looking at about 4,000-5,000 before the GigE interface fills up (that's the weak point on them currently, well that and the lack of OSPF *nudge nudge Adrian*) (they currently have 2 x GigE NICS whilst the smaller 2700 has 4 x GigE NICs) btw I should also say that we're FireBrick resellers so have a vested interest :) Rumour has it that an CPU in an FB2500 will do about 100Mbit, the FB2700 should do 350Mbit and the FB6000 should fill both GigE NICS More detail at www.fido.net/firebrick and of course www.firebrick.co.uk Sadly I won't be at UKNOF as I've been double booked with meetings in London tomorrow … Jon On 16 Jan 2013, at 15:29, Gavin Henry <ghe...@suretec.co.uk> wrote: >> For example, the 2911's IDB (interface descriptor block) limit of 1400 >> will affect scale but I can't imagine getting upto anything over a few >> hundred sessions on that size of box. You're more likely to top the CPU >> out with traffic or service-policy shapers before hitting session >> limits. A 7201 is more suited to the task but are end-of-sale so you >> really need to be looking at the ASR1000 (if buying Cisco). >> >> http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6549/ps6587/prod_white_paper0900aecd8066d3f5.html >> makes good reading but figures are for the older generation of ISR's. > > We're currently looking at the ASR1001/2 for this at the moment but > are also speaking to Juniper as on the MX5-80 range they are rolling > out LNS and L2TP but it's quite early compared to the ASK1001/2. > Depends if you want Cisco on the edge for that, but I do like the look > of the Firebricks too. > > --
