That's about the weirdest hardware thing I've seen in a while.
[ view entry ] ( 342 views ) | permalink
The Juniper routers are configuring themselves and throwing themselves into the racks. This is easy!
We got balled up in a licensing dispute for our Cisco ASA firewall. Before I felt comfortable putting 3000 people behind a single box, I figured we ought to get a second unit and failover working. But someone was sold mismatched licenses, and we had to throw a $5000 upgrade in the dumpster to get the units to work together. Every other brand promises "No Surprises" but Cisco seems to not mind packing a show-stopper in every device. Their tech isn't bad, it's that the products are so complicated that their sales channels cannot understand them and sell you the right stuff the first time. I don't like surprises.
[ view entry ] ( 360 views ) | permalink
In spite of the sales reps outdoing themselves as to who could offer the deepest discounts (like hotel rooms in Vegas, only a fool pays list price) the Juniper EX series of switches offered a clear advantage over the Cisco Catalyst series. In the end both vendors offered us a big pile of little boxes for about the same pile of cash. About the same number of ports, about the same number of boxes.
To get the prices down in the same ballpark as Juniper, Cisco had to specify 12 different Catalyst models, all the way from lowly 3560's, which I consider old-timey, to 3750E's, with various port configurations and features. Juniper: Only five different models: The 24 port all-SFP EX4200, 24 and 48 Cu port EX4200s, and 24 and 48 Cu port EX3200s. (If we'd had a little more cash I would have like to have bought all 48-Cu-port models.)
All Juniper ports are gigabit. Most Cisco ports in our spec had to be 100 megabit to match Juniper's pricing.
There is a rumor floating around that some Cisco devices are coded to reject non-Cisco (i.e. non-ridiculously-overpriced) SFP modules. If it's true, that's just evil.
Some Juniper switches were spec'ed without any fiber ports, which made them cheaper. Adding four SFP fiber ports is a $500 slot option, and if you don't need it you don't have to buy it. You can swap the $500 4xGBit card for a $1500 card with two 10-gig ports when it's time to upgrade.
All Juniper devices run the same OS. No fussing about which version of IOS to get, and especially whether the features you need are in the apparently random selection of features is in the IOS you get.
The Juniper EX series has field-swappable fans and power supplies. Lose a PS or fan in a Cisco 3600/3700 series, except for a few high-end models, you have a dead box.
The Junipers all have POE on the first 8 ports. The built-in JunOS web interface is generally better than the built-in IOS web interface and is good enough for many setups.
OTOH: The Junipers are loud. Do not expect to install the EX series under someone's desk or anywhere else out in the open.
OTOH: It's not terrible, but nothing compares to the vast collection of generally well-written documents on Cisco's web site, and their active user community.
OTOH: You have to learn JunOS. Not hard, it has it's pluses and minuses, and if you know the fundamentals of the parameters you are trying to set, it's not hard to learn.
[ view entry ] ( 377 views ) | permalink
;)
Here is what I like to see: A Sun X4540 "Thumper" with 45 of its 47 disk drive (one removed for testing) lights blinking furiously at an estimated peak IO bandwith of 400 MBytes/sec read / 300 MBytes/sec write. Configured as a 46-physical-disk "raidz" (essentially RAID5) array, this system does everything a Netapp or similar "magic box" would do except NDMP, at half the price, and with full Solaris OS functionality thrown in for extra. (Can you run BIND or Apache on your storage applicance?) Everything is hot swappable, about 19T as-configured, spread out across 6 SATA controllers, fits in 4U, field-upgradeable to double that, and we got the whole kit and caboodle for half list price under a Sun educational grant program. This could be the THE BEST BOX EVER.[ view entry ] ( 344 views ) | permalink
You can get lazy with Cisco switches after a while. Take the default switchport mode for Catalyst 3500-series devices, "switchport mode dynamic desirable". OK, I can configure some VLANs on some switches, connect them together, and they will form up trunks and usually do the right thing.But what if there's a router or firewall you are going to hook up to this mess, and it doesn't speak DTP or ISL?
I have a subnet with one 3500 ("SW1") and a PIX ASA5500 firewall ("PIX"), and I wanted to hang another 3500 ("SW2") off it. Only three connections - what could possibly go wrong? The interface on SW1 is set up like this:
interface GigabitEthernet0/2And the PIX interface:
switchport mode dynamic desirable
interface Vlan1
ip address 10.0.112.1 255.255.0.0
interface GigabitEthernet1/2I can ping each interface from the other. Next, I configure an interface on SW2 exactly the same as SW1 (obviously with a different IP address):
nameif 10net
security-level 60
ip address 10.1.0.2 255.255.255.0
interface GigabitEthernet0/2When I connect SW2, I immediately lose connectivity between SW1 and the PIX. What just happened?
switchport mode dynamic desirable
interface Vlan1
ip address 10.0.0.2 255.255.0.0
DTP tries to do the right thing, and sets up a trunk between SW1 and SW2. But the PIX doesn't speak ISL (and I don't think it does DTP by default but I'm not sure.) The PIX is left twisting in the wind.
Remember "switchport mode dynamic desirable" is the default. It may save you minutes of configuration time, but you may spend hours figuring out why it blew up.
[ view entry ] ( 393 views ) | permalink
Search
