Re: [j-nsp] virtual router, M or J?
This is fantastic! Thanks for the valuable input. On Wed, Mar 9, 2011 at 11:38 PM, Julien Goodwin wrote: > On 10/03/11 18:42, Richard Zheng wrote: > > SRX seems to be a really good candidate. It looks like all models have > > almost identical features, the only difference is performance. I will > > buy a SRX100, maybe even 2 to test high availability. > > The SRX100 is a nice test platform, but it does have a bunch of annoying > limitations vs the rest of the line. (Jumbo frames, MPLS bits, a bunch > of performance), although at least you can be sure it will work on > anything. > > > Customers may have overlapping address space and the virtual router may > > interact with their CPE routers too. > > That only needs a routing instance, not a full virtual router which > makes things easier to manage. > > > The only issue is that it doesn't support DC power and can't be deployed > > in some cases. > > Depends on the model. SRX240 & 650 have DC variants (see the HW guide), > SRX1400 will get DC according to the data sheet. > > > J-series seems much more expensive and doesn't have nearly as many > > features. DC power is available though. Just wonder what's application? > > The J's are getting on a bit, they do support some interfaces that SRX > don't (xDSL, T/E3, ISDN BRI), and except for needing ~1GB more RAM with > the -ES (AKA SRX) code still make nice routing boxes for those places > where >1Gb throughput isn't needed. > > > M-series seems really over priced for this application. > > The smaller M's at this point are also old and due for replacement, the > MX80 covers a lot, but wouldn't suit your needs due to (current) lack of > services. > > If and when Juniper launch SONET MIC's I think that will be the end of > the smaller M's. > > -- > Julien Goodwin > Studio442 > "Blue Sky Solutioneering" > > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] virtual router, M or J?
I have deployed a SRX240 with DC power. -Original Message- From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Richard Zheng Sent: Thursday, March 10, 2011 1:43 AM To: Julien Goodwin Cc: juniper-nsp@puck.nether.net Subject: Re: [j-nsp] virtual router, M or J? On Wed, Mar 9, 2011 at 7:58 PM, Julien Goodwin wrote: > On 10/03/11 16:50, Julien Goodwin wrote: > > It sounds like what you really want is just an SRX (Probably 2x240, 650 > > or 1400). > > Scratch the 240's, from the data sheet: > > Maximum security zones: > - SRX240 - 32 > - SRX650 - 128 > - SRX3k - 256 (1k should be the same, but not listed on it's data sheet) > > > And unless you have overlapping address space there's no need for > > virtual routers at all (and even then they'd only need to be routing > > instances) > > > > The J's at this point are essentially just (branch) SRX's with a > > different chip. > SRX seems to be a really good candidate. It looks like all models have almost identical features, the only difference is performance. I will buy a SRX100, maybe even 2 to test high availability. Customers may have overlapping address space and the virtual router may interact with their CPE routers too. The only issue is that it doesn't support DC power and can't be deployed in some cases. J-series seems much more expensive and doesn't have nearly as many features. DC power is available though. Just wonder what's application? M-series seems really over priced for this application. Thanks, ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] virtual router, M or J?
Hi Richard, On Thu, Mar 10, 2011 at 6:42 PM, Richard Zheng wrote: > > SRX seems to be a really good candidate. It looks like all models have > almost identical features, the only difference is performance. I will buy a > SRX100, maybe even 2 to test high availability. I can only speak for J and SRX as I have no first hand experience with M ... I recently did some performance testing of SRX240, J6350 and SRX650 -- in terms of pps, they come out in that order; SRX240 is out-performed by J6350 which is out-performed by SRX650. That might seem obvious as it's the same sequence dollars-wise but just because J is an older platform doesn't mean everything SRX is 'better'. If the SRX240 meets your pps needs, it's a great box; dirt cheap for what it can do. It's a big leap price-wise from SRX240 to SRX650. Cheers, Dale ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] virtual router, M or J?
On 10/03/11 18:42, Richard Zheng wrote: > SRX seems to be a really good candidate. It looks like all models have > almost identical features, the only difference is performance. I will > buy a SRX100, maybe even 2 to test high availability. The SRX100 is a nice test platform, but it does have a bunch of annoying limitations vs the rest of the line. (Jumbo frames, MPLS bits, a bunch of performance), although at least you can be sure it will work on anything. > Customers may have overlapping address space and the virtual router may > interact with their CPE routers too. That only needs a routing instance, not a full virtual router which makes things easier to manage. > The only issue is that it doesn't support DC power and can't be deployed > in some cases. Depends on the model. SRX240 & 650 have DC variants (see the HW guide), SRX1400 will get DC according to the data sheet. > J-series seems much more expensive and doesn't have nearly as many > features. DC power is available though. Just wonder what's application? The J's are getting on a bit, they do support some interfaces that SRX don't (xDSL, T/E3, ISDN BRI), and except for needing ~1GB more RAM with the -ES (AKA SRX) code still make nice routing boxes for those places where >1Gb throughput isn't needed. > M-series seems really over priced for this application. The smaller M's at this point are also old and due for replacement, the MX80 covers a lot, but wouldn't suit your needs due to (current) lack of services. If and when Juniper launch SONET MIC's I think that will be the end of the smaller M's. -- Julien Goodwin Studio442 "Blue Sky Solutioneering" signature.asc Description: OpenPGP digital signature ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] virtual router, M or J?
On Wed, Mar 9, 2011 at 7:58 PM, Julien Goodwin wrote: > On 10/03/11 16:50, Julien Goodwin wrote: > > It sounds like what you really want is just an SRX (Probably 2x240, 650 > > or 1400). > > Scratch the 240's, from the data sheet: > > Maximum security zones: > - SRX240 - 32 > - SRX650 - 128 > - SRX3k - 256 (1k should be the same, but not listed on it's data sheet) > > > And unless you have overlapping address space there's no need for > > virtual routers at all (and even then they'd only need to be routing > > instances) > > > > The J's at this point are essentially just (branch) SRX's with a > > different chip. > SRX seems to be a really good candidate. It looks like all models have almost identical features, the only difference is performance. I will buy a SRX100, maybe even 2 to test high availability. Customers may have overlapping address space and the virtual router may interact with their CPE routers too. The only issue is that it doesn't support DC power and can't be deployed in some cases. J-series seems much more expensive and doesn't have nearly as many features. DC power is available though. Just wonder what's application? M-series seems really over priced for this application. Thanks, ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] virtual router, M or J?
On 10/03/11 16:50, Julien Goodwin wrote: > It sounds like what you really want is just an SRX (Probably 2x240, 650 > or 1400). Scratch the 240's, from the data sheet: Maximum security zones: - SRX240 - 32 - SRX650 - 128 - SRX3k - 256 (1k should be the same, but not listed on it's data sheet) > And unless you have overlapping address space there's no need for > virtual routers at all (and even then they'd only need to be routing > instances) > > The J's at this point are essentially just (branch) SRX's with a > different chip. > > On 10/03/11 16:36, Richard Zheng wrote: >> I'd like to solicit some advice on router selection. The requirement is to >> support many virtual routers, up to 50 to 100. It only needs a few GE >> interfaces. Many customers are aggregated to it. A virtual router is created >> for each customer to segregate among them. Built-in NAT and firewall >> services are used to route traffic to the Internet so that no external >> router/firewall is required. Since the traffic is not too heavy, I believe >> both M or J would do it. But I am not sure which one is better in this >> particular setup? M is hardware based, J is software based. But J seems to >> support more features although they are both based on the same software. > > > > > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp -- Julien Goodwin Studio442 "Blue Sky Solutioneering" signature.asc Description: OpenPGP digital signature ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] virtual router, M or J?
The m7i would have no problem doing this at all. Doug -Original Message- From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Richard Zheng Sent: Wednesday, March 09, 2011 9:37 PM To: juniper-nsp@puck.nether.net Subject: [j-nsp] virtual router, M or J? Hi, I'd like to solicit some advice on router selection. The requirement is to support many virtual routers, up to 50 to 100. It only needs a few GE interfaces. Many customers are aggregated to it. A virtual router is created for each customer to segregate among them. Built-in NAT and firewall services are used to route traffic to the Internet so that no external router/firewall is required. Since the traffic is not too heavy, I believe both M or J would do it. But I am not sure which one is better in this particular setup? M is hardware based, J is software based. But J seems to support more features although they are both based on the same software. Any suggestion? Thanks, Richard ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] virtual router, M or J?
It sounds like what you really want is just an SRX (Probably 2x240, 650 or 1400). And unless you have overlapping address space there's no need for virtual routers at all (and even then they'd only need to be routing instances) The J's at this point are essentially just (branch) SRX's with a different chip. On 10/03/11 16:36, Richard Zheng wrote: > I'd like to solicit some advice on router selection. The requirement is to > support many virtual routers, up to 50 to 100. It only needs a few GE > interfaces. Many customers are aggregated to it. A virtual router is created > for each customer to segregate among them. Built-in NAT and firewall > services are used to route traffic to the Internet so that no external > router/firewall is required. Since the traffic is not too heavy, I believe > both M or J would do it. But I am not sure which one is better in this > particular setup? M is hardware based, J is software based. But J seems to > support more features although they are both based on the same software. -- Julien Goodwin Studio442 "Blue Sky Solutioneering" signature.asc Description: OpenPGP digital signature ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] virtual router, M or J?
Hi, I'd like to solicit some advice on router selection. The requirement is to support many virtual routers, up to 50 to 100. It only needs a few GE interfaces. Many customers are aggregated to it. A virtual router is created for each customer to segregate among them. Built-in NAT and firewall services are used to route traffic to the Internet so that no external router/firewall is required. Since the traffic is not too heavy, I believe both M or J would do it. But I am not sure which one is better in this particular setup? M is hardware based, J is software based. But J seems to support more features although they are both based on the same software. Any suggestion? Thanks, Richard ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp