Cheap Juniper Gear for Lab

Jeff Richmond jeff.richmond at gmail.com
Wed Apr 11 22:06:17 UTC 2012 

FWIW, when I took my JNCIE, I used all J-series running flow code (disabled) for my study pod and never had any issues. I have 9 physical routers plus a bunch of VRs on them. I agree there can be issues depending on what you are trying to do, but I am not sure why this is such a big deal if this is just a lab setup. I wouldn't test something on a J-series and expect to deploy it on M/MX/T in production or something, but that wasn't what the OP was asking to do. For a home lab I can't think of any reason not to use some J-series boxes. 

-Jeff

On Apr 11, 2012, at 1:29 PM, Leigh Porter wrote:

> 
> On 11 Apr 2012, at 18:36, "Carl Rosevear" <crosevear at skytap.com> wrote:
> 
>> Yeah, I have to apply the term "awful" and "annoying" to the packet
>> mode implementation on SRX/J-series. Anyway, I spent *hours* with JTAC
>> on the phone trying to get the thing to just pass packets.  Best part
>> was, I didn't know how to do it and nor did they!  I escalated, worked
>> with many engineers.  My key statement was "I just want my router to
>> route.  Make it do what it is supposed to do.  No session tracking!
>> This is not a firewall."  So, now it doesn't require valid sessions to
>> pass packets but it does still appear to *track* sessions in some
>> tables and I am, of course, very curious when some attack vector will
>> fill up some table.
>> 
> 
> I have had some rather odd issues with the SRX boxes but JTAC were pretty good at turning around fixes for me for my specific issues.
> 
> Since then I have had quite a lot of SRX boxes across the range running various MPLS services including MPLS over GRE with fragmentation/reassembly which has been working very well. Since 11.1R3 I've had no issues at all with them.
> 
> So yeah the new flow mode stuff had its issues, but as a *small* MPLS box it is very functional. Of course in MPLS mode, you turn the flow stuff off..
> 
> 
> --
> Leigh Porter
> 
> 
> 
> ______________________________________________________________________
> This email has been scanned by the Symantec Email Security.cloud service.
> For more information please visit http://www.symanteccloud.com
> ______________________________________________________________________
>

More information about the NANOG mailing list