On 25 March 2016 at 19:42, Adam Vitkovsky <adam.vitkov...@gamma.co.uk> wrote:
Hey Adam, > My understanding is that MX does not support(yet) "selective VRF download" > (don't know the juniper name for the feature) > Anyways Cisco stopped using it as it was causing more problems than it solved. I believe Luis refers to FIB localisation introduced in 12.3: http://www.juniper.net/documentation/en_US/junos15.1/topics/concept/fib-localization-overview.html> > Also since you folks talk about converged networks that is mixing services > and internet on one network -have you tested how the kit performs in corner > cases (DDoS), would love to hear your experiences. I've tried to punish MX in lab quite a bit and have found issues in ddos-protection behaviour, some very dramatic. But today, AFAIK, correctly configured MX is very robust against control-plane attacks, much more so than ASR9k. But out-of-the-box ASR9k is much better defended. And I've not yet read any lo0 filter anywhere which isn't fundamentally broken, including cymry secure templates. -- ++ytti _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp