<div dir="ltr">Chris,<div><br></div><div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Dec 11, 2013 at 10:43 PM, Chris Ricks <span dir="ltr"><<a href="mailto:chris.ricks@securepay.com.au" target="_blank">chris.ricks@securepay.com.au</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div>... </div></div></blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div text="#000000" bgcolor="#FFFFFF">
<div>
We accept a few domestic-only transit tables and the memory usage
for these tables is surprising given my past encounters with other
routers - I've seen Cisco 7206 boxes handle 2 full transit tables
and a few IX tables in the same memory as the Juniper gear handles
2 domestic-only + default route tables.<br></div></div></blockquote><div><br></div><div>The way they do BGP is different... and I suspect you are referring to the SRX platform. </div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF"><div>Juniper gear (in our experience) tends to do one thing very well.
By that I mean that if a JunOS instance is tasked with one of
switching, security or routing the outcomes are good. Stacking two
of these functions can be problematic and seemingly requires
regular reboots of devices (JSRP is really a non-negotiable for
firewall and/or routers - VC is the same for switching). That
said, the JSRP failover for BGP isn't perfect, and you should
expect to see convergence time on failover.<br></div></div></blockquote><div><br></div><div>OK... you are talking SRX's.... and yes... they do routing, switching and firewalling... but while we love Junipers and Junos... we'd never put an SRX on the edge running BGP for anything critical. Firewalls, UTM, etc... yes, but for BGP we wouldn't use anything else (in Juniper) other than the MX platform, specifically the MX80 Family (MX5's are great for multi-gig traffic throughput).</div>
<div><br></div><div>At the moment for a customer I am rolling out MX5's at the edge with SRX550's behind them for the firewall/UTM/VPN functionality.</div><div><br></div><div>MX's are an interesting platform, being Metro Ethernet Routers/Switches... with excellent functionality that ASR's don't have (can't speak for Brocade). They are also SDN ready.</div>
<div><br></div><div>JSRP on the SRX's isn't fantastic, I will give you that. We've had a bit of trouble with 240's, 650's, etc... but as the SRX's branch out on their version of Junos (for now), there is much more of a focus on making some of these features even more stable. There is a plan within Juniper to bring the SRX Junos back into the mainline somewhere in 14 (I think).</div>
<div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div text="#000000" bgcolor="#FFFFFF"><div>One concerning outcome we have seen is the current fracturing of
the JunOS feature base. The "single OS" promise Juniper promotes
is currently problematic - we have multiple JunOS devices
fulfilling switching, routing and firewall duties and the
disparity of recommended JunOS versions between them has grown
over the last 12 - 24 months. <br></div></div></blockquote><div><br></div><div>Yes.. this happens... but it is still a lot better than IOS12, 15, XR, XE, NXOS, etc. For the most part, while there are different platforms, Junos is still just Junos - with minor variances on how some things are done and what is supported on different platforms.</div>
<div><br></div><div>Juniper fully acknowledges some past issues with some aspects of Junos, and has been heavily focused on fixing that in 2012-2013, and from our experiences, things are a lot more stable.</div><div> </div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div text="#000000" bgcolor="#FFFFFF"><div>With those points in mind, the fact that you have a fairly
complete BSD environment on each JunOS box is a big deal -
scripting, inspection and problem solving skills come across well
for System Admins, the versioning of configuration is a welcome
and cheap safety net and we're yet to see interoperability
problems with a significant number of other vendors and
environments.<br></div></div></blockquote><div><br></div><div>BSD for now... like others, Linux will be the future for Juniper.... expect Junos to move towards Linux around 2015-2016 or a bit later.</div><div><br></div>
<div>But yes, the API into the Junos scripting, has made our lives so much easier... especially for large scale, rapid and on-demand deployments.</div><div><br></div><div>In summary.. Chris... right tool, right job. SRX's are security devices, MX's are routers and EX's are switches... let them do the jobs that they are designed for.</div>
<div class="gmail_extra"><div><div dir="ltr"><div><br>...Skeeve</div><div><br></div><div><div><b style="font-size:13px;font-family:Calibri">Skeeve Stevens - </b><span style="font-size:13px;font-family:Calibri">eintellego Networks Pty Ltd</span></div>
<div><div><span style="font-family:Calibri;font-size:13px"><a href="mailto:skeeve@eintellegonetworks.com" target="_blank">skeeve@eintellegonetworks.com</a> ; <a href="http://www.eintellegonetworks.com/" target="_blank">www.eintellegonetworks.com</a></span><p style="font-family:Calibri;font-size:13px;margin:0px">
Phone: 1300 239 038; Cell +61 (0)414 753 383 ; <a>skype://skeeve</a></p><p style="font-family:Calibri;font-size:13px;margin:0px"><a href="http://facebook.com/eintellegonetworks" target="_blank">facebook.com/eintellegonetworks</a> ; <a href="http://twitter.com/networkceoau" target="_blank"></a><a href="http://linkedin.com/in/skeeve" target="_blank">linkedin.com/in/skeeve</a> </p>
<p style="font-family:Calibri;font-size:13px;margin:0px"><a href="http://twitter.com/theispguy" target="_blank">twitter.com/theispguy</a><span style="color:rgb(0,0,0)"> ; blog: </span><a href="http://www.theispguy.com/" target="_blank">www.theispguy.com</a><br>
</p><p style="font-family:Calibri;font-size:13px;margin:0px"><img src="http://eintellegonetworks.com/logos/ein09.png"><br></p><p style="margin:0px"><span style="color:rgb(127,0,127);font-family:Calibri,sans-serif;font-size:13px">The Experts Who The Experts Call</span></p>
</div><div style="font-family:Calibri,sans-serif;font-size:14px;color:rgb(127,0,127)"><span style="color:rgb(0,32,96);font-size:13px">Juniper - Cisco </span><span style="color:rgb(0,32,96);font-size:13px">- Cloud</span></div>
</div></div></div></div></div><div> </div></div></div></div></div>