[AusNOG] Q sonicwall and juniper

Andrew Jones aj at jonesy.com.au
Mon Jul 8 14:47:08 EST 2013


I have quite a few SRX clusters running, and find them very reliable in 
general. Most of the issues which were there earlier have been sorted 
out.
"Commit rollback", which used not to be available in earlier versions 
of junos when clustering was enabled now works as well, which is a big 
plus in my book.



On 08.07.2013 14:30, Ryan Finnesey wrote:
> Lol never worked with clustering.
>
>  Sent from my iPad
>
>  On Jul 7, 2013, at 9:52 PM, "Skeeve Stevens"
> <skeeve+ausnog at eintellegonetworks.com> wrote:
>
>> +1.
>>
>> Juniper clustering was developed, coded, and not tested by Satan 
>> himself.
>>
>> ...Skeeve
>>
>> SKEEVE STEVENS - eintellego Networks Pty Ltd
>>
>> skeeve at eintellegonetworks.com ; www.eintellegonetworks.com [3]
>>
>> Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve
>>
>> facebook.com/eintellegonetworks [4] ; [5]linkedin.com/in/skeeve [6]
>>
>> twitter.com/networkceoau [5] ; blog: www.network-ceo.net [7]
>>
>> The Experts Who The Experts Call
>> Juniper - Cisco - Cloud
>>
>> On Mon, Jul 8, 2013 at 11:47 AM, James Braunegg 
>> <james.braunegg at micron21.com> wrote:
>>
>>> I like the Juniper SRX 3400 / SRX 5600 firewalls the nice things 
>>> about these is you can run per device redundant routing engines, both 
>>> of these support hardware line rate 10gbit ports and are full ASIC 
>>> based.
>>>
>>> If you don't actually need 10gbit throughput you could look at the 
>>> SRX 650 which can support 10gbit ports but all processing is done in 
>>> software not in ASIC
>>>
>>> Juniper had some issues with clustering the SRX in the early days 
>>> but these seem to be all but gone now...
>>>
>>> That being said I still avoid clustering where possible and much 
>>> prefer two single devices not linked in anyway other than standard 
>>> routing protocols.
>>>
>>> Juniper also has a fantastic CLI … one of the best I've ever used.
>>>
>>> Do you have a budget in mind ?
>>>
>>> Kindest Regards
>>>
>>> James Braunegg
>>> P: 1300 769 972 | M: 0488 997 207 | D: (03) 9751 7616
>>>
>>> E: james.braunegg at micron21.com | ABN: 12 109 977 666
>>> W: www.micron21.com/ip-transit [1] T: @micron21
>>>
>>> <image001.jpg>
>>> This message is intended for the addressee named above. It may 
>>> contain privileged or confidential information. If you are not the 
>>> intended recipient of this message you must not use, copy, distribute 
>>> or disclose it to anyone other than the addressee. If you have 
>>> received this message in error please return the message to the 
>>> sender by replying to it and then delete the message from your 
>>> computer.
>>>
>>> -----Original Message-----
>>> From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of 
>>> Alex Samad - Yieldbroker
>>> Sent: Monday, July 08, 2013 10:01 AM
>>> To: ausnog at lists.ausnog.net
>>> Subject: [AusNOG] Q sonicwall and juniper
>>>
>>> Hi
>>>
>>> Was wondering what the groups thoughts where on sonicwall and maybe 
>>> in relation to juniper.
>>>
>>> Most of my experience has been with Cisco and linux (firewalls)
>>>
>>> In particular I am looking at
>>>
>>> Exterior FW (facing internet)
>>>
>>> Or
>>>
>>> Interior FW (not facing Internet)
>>>
>>> Like to have a cluster (HA setup)
>>>
>>> Like to have min 2 x 10G fibre ports per dev and some 1G ports
>>>
>>> Don't need any sort of deep packet inspection
>>>
>>> I prefer CLI, my initial googling seems to suggest sonic is not 
>>> very cli friendly at all
>>>
>>> Again my initial investigation leads me to NSA 5600 (or NSA 6600), 
>>> not sure what the comparably Juniper might be.
>>>
>>> Thanks
>>>
>>> Alex
>>>
>>> _______________________________________________
>>>
>>> AusNOG mailing list
>>>
>>> AusNOG at lists.ausnog.net
>>>
>>> http://lists.ausnog.net/mailman/listinfo/ausnog [2]
>>> _______________________________________________
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net
>>> http://lists.ausnog.net/mailman/listinfo/ausnog [2]
>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog [2]
>
>
> Links:
> ------
> [1] http://www.micron21.com/ip-transit
> [2] http://lists.ausnog.net/mailman/listinfo/ausnog
> [3] http://www.eintellegonetworks.com/
> [4] http://facebook.com/eintellegonetworks
> [5] http://twitter.com/networkceoau
> [6] http://linkedin.com/in/skeeve
> [7] http://www.network-ceo.net/
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog




More information about the AusNOG mailing list