Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

On 9/30/16 12:42 PM, Pedro wrote: > > Hello, > > I have some idea to put switch before bgp router in order to terminate > isp 10G uplinks on switch, not router. Main reason is that could be some > kind of 1st level of defence against ddos, second reason, less > important, save cost of router

Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

On Sat, Oct 01, 2016 at 06:17:42PM +0300, Saku Ytti wrote: > On 1 October 2016 at 18:12, James Jun wrote: > > > We also want support contracts from our vendors. EOL boxes get removed > > from support availability within few years of the announcement. > > Support,

Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

On 1 October 2016 at 18:12, James Jun wrote: > We also want support contracts from our vendors. EOL boxes get removed from > support availability within few years of the announcement. Support, particularly software maintenance is indeed the key deadline, after that

Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

Again, keep doing that :P Be sure to eBay it for a reasonable price when you are done! On Oct 1, 2016 10:12 AM, "James Jun" wrote: > On Sat, Oct 01, 2016 at 09:22:32AM -0500, Mike Hammett wrote: > > Better power performance, newer features, higher capacities sure are

Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

On Sat, Oct 01, 2016 at 09:22:32AM -0500, Mike Hammett wrote: > Better power performance, newer features, higher capacities sure are all > great reasons to get newer hardware. EOL isn't. Don't too many of you adopt > that strategy, though. I still want my source of cheap EOL hardware. :-) We

Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

://www.midwest-ix.com - Original Message - From: "Pedro" <piotr.1...@interia.pl> To: nanog@nanog.org Sent: Friday, September 30, 2016 2:42:37 PM Subject: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos Hello, I have some idea to put switch before bgp

Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

To: "Saku Ytti" <s...@ytti.fi> Cc: "nanog list" <nanog@nanog.org> Sent: Friday, September 30, 2016 3:50:25 PM Subject: Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos Pedro, Please also keep in mind that the Juniper EX4500 is an end

Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

On 1 October 2016 at 10:03, Pedro wrote: > We had situations, that we lost all our bgp sessions, not even only on ports > where flood was coming. Just cpu overloaded. I don't care about support too > much, there are cheap enough to have spare. What is the device you're

Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

We had situations, that we lost all our bgp sessions, not even only on ports where flood was coming. Just cpu overloaded. I don't care about support too much, there are cheap enough to have spare. Soft is mature with known bugs so i assume that this risk are accepted. Bigger problem for me is

Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

Pedro, Please also keep in mind that the Juniper EX4500 is an end of life product. Soon you won't be able to get Juniper to support you. That's why there are so many for so cheap on eBay. Matt Freitag Network Engineer I Information Technology Michigan Technological University (906) 487-3696

Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

On 30 September 2016 at 22:42, Pedro wrote: Hey Pedro, > I have some idea to put switch before bgp router in order to terminate isp > 10G uplinks on switch, not router. Main reason is that could be some kind of > 1st level of defence against ddos, second reason, less

nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

Hello, I have some idea to put switch before bgp router in order to terminate isp 10G uplinks on switch, not router. Main reason is that could be some kind of 1st level of defence against ddos, second reason, less important, save cost of router ports, do many port mirrors. I think about