<html><head>
<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type">
</head><body bgcolor="#FFFFFF" text="#000000">It honestly sounds like
you're probably expecting too much from a single unit-- having all that
on a single device is just asking for a software bug to bite you in the
ass and take everything offline.<br>
<br>
I personally wouldn't be putting LNS on your upstream edge, I'd be
pushing it down to your actual customer edge. For the 200 or so LNS
customers you're looking for you'll probably be fine with a 7201.<br>
As mentioned before you probably don't want to use anything software
driven for this role, because you'll likely pummel it. Have you looked
at the MX5,10 etc bundles? They'll probably fit the bill for your border
scenario.<br>
<br>
I probably also wouldn't be doing all your NAT related connection
tracking at your upstream edge either, this again sounds like something
you should push down to the customer edge.<br>
<br>
If budget's a concern, you might find that you can get away with using
several smaller boxes to achieve the tasks,, 7201 for LNS, one of the
Smaller SRX for your NAT and something low-end but hardware for your
border.<br>
<br>
That's my 2c, anyway.<br>
<br>
-Shane<br>
<br>
Rhys Hanrahan wrote:
<blockquote
cite="mid:5A971D318BDD5C4A9634F0464D9F5D05225FDF96@Exchange01.exchange.nexusone.com.au"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]-->
<style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Cambria;
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Tahoma","sans-serif";
color:black;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:838273163;
mso-list-template-ids:-632155470;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:72.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:108.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:144.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:180.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:216.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:252.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:288.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:324.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black">Hi
Everyone,
<o:p></o:p></span></p>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black">We
are currently in the middle of upgrading some our network hardware, and
was hoping that I could get some input on deciding on a pair of border
routers.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black">Initially
we were looking at the Juniper MX series for this role, but found it's a
bit outside our price range (for now). In trying to keep it all Juniper
(as
we'll most likely use EX-series for our core and access layers), we
have been looking at the Juniper SRX 550 routers for our border. They
seem like they will do the job for our needs, but are missing LNS
functionality, which is something we'd have to purchase
7201s for in the future, and so therefore I’m also looking at just
buying 7201s instead.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black">Logically
to me, since the SRX is (apparently) newer hardware, it should perform
better than the 7201s. My anecdotal evidence, however, suggests
otherwise, and
I'm looking to confirm that in terms of real-world
performance. Comparing the spec sheets between the SRX 550 and the 7201,
on paper it looks like the 7201 beats out the SRX in terms of
performance (mainly PPS). It also sounds like the SRXs store multiple
copies of BGP routes in memory and so where a pair of full sets of
internet routes for the SRX is not possible, it's still possible on
7201s.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black">From
all that I've read and heard from various people, it seems that
generally, the Juniper SRX series is not held in a high regard in terms
of reliability or
performance, compared to something like the MX series (which is to be
expected really). Whereas I hear a lot of good things of the 7200
series, despite the fact it's EOL, it's still being used and is a
reliable range. Due to these factors, despite it being
an older router, I am leaning towards the 7201s as it seems like an
all-around better choice in terms of reliability and performance.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black">My
main hesitation in going with the 7201s is that, we'll be using them
for quite a lot, and I'm unsure of how quickly the performance will drop
if I start using
more features. So I was hoping that someone could give some real-world
input so say which would likely be the better choice. Overall right now,
I’m still siding with a pair of 7201s.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black">Here
is a summary of what we'll be using the border routers for:<o:p></o:p></span></p>
</div>
<div>
<ul type="disc">
<li class="MsoNormal"
style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">BGP
(Initially only a default route, but potentially 2xfull internet routes
in future. Plus IX routes.)</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif""><o:p></o:p></span></li><li
class="MsoNormal"
style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">OSPF
(Up to 50 or so routes)</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif""><o:p></o:p></span></li><li
class="MsoNormal"
style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">Static
NAT (up to 100K active translations)
</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif""><o:p></o:p></span></li><li
class="MsoNormal"
style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">Up
to 400 Mbps IP Transit</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif""><o:p></o:p></span></li><li
class="MsoNormal"
style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">Up
to around 25K ACLs (we currently firewall customer servers on the
border. We're looking at moving the firewalling off to a dedicated box
like an SRX or ASA, but probably not at our current
size, if possible).</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif""><o:p></o:p></span></li><li
class="MsoNormal"
style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">NAT64
</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif""><o:p></o:p></span></li><li
class="MsoNormal"
style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">IPSec
(around 10 Mbps of AES256/SHA traffic).</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif""><o:p></o:p></span></li><li
class="MsoNormal"
style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">NetFlow</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif""><o:p></o:p></span></li><li
class="MsoNormal"
style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">HSRP
/ VRRP</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif""><o:p></o:p></span></li><li
class="MsoNormal"
style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">IPv6
Support<o:p></o:p></span></li><li class="MsoNormal"
style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">LNS
(Up to 200 sessions).<o:p></o:p></span></li><li class="MsoNormal"
style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">MPLS
PE</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif""><o:p></o:p></span></li><li
class="MsoNormal"
style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">
<span
style="font-size:11.0pt;font-family:"Calibri","sans-serif"">QinQ
Tunnel / QinQ Termination</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif""><o:p></o:p></span></li></ul>
<div>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black">Appreciate
any insights that can be given on which path to take.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black">Thanks!<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"
lang="EN-US">Rhys Hanrahan</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"
lang="EN-US">Chief Information Officer</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"
lang="EN-US">Nexus One Pty Ltd</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"
lang="EN-US"> </span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"
lang="EN-US">E: <a moz-do-not-send="true"
href="mailto:support@nexusone.com.au">support@nexusone.com.au</a></span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"
lang="EN-US">P: +61 2 9191 0606</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"
lang="EN-US">W: <a moz-do-not-send="true"
href="http://www.nexusone.com.au/">http://www.nexusone.com.au/</a></span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"
lang="EN-US">M: PO Box 127, Royal Exchange NSW 1225</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"
lang="EN-US">A: Level 10, 307 Pitt Street, Sydney NSW 2000</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"
lang="EN-US"> </span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:black"><img
name="image.png" id="Picture_x0020_1"
src="cid:part1.01090209.06000800@short.id.au"
alt="cid:AC695111-1B5F-45C1-B097-6093A0880284" border="0" height="47"
width="302"></span><span
style="font-size:11.0pt;font-family:"Cambria","serif";color:black"><o:p></o:p></span></p>
</div>
</div>
</div>
</div>
<pre wrap="">_______________________________________________
AusNOG mailing list
<a class="moz-txt-link-abbreviated" href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>
<a class="moz-txt-link-freetext" href="http://lists.ausnog.net/mailman/listinfo/ausnog">http://lists.ausnog.net/mailman/listinfo/ausnog</a>
</pre>
</blockquote>
</body></html>