nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

Mike Hammett nanog at
Sat Oct 1 14:22:32 UTC 2016

That sort of thing has never bothered me much. If the platform is so great, surely it'll last more than a few years. What's the MTBF on these things? Decades? 

Better power performance, newer features, higher capacities sure are all great reasons to get newer hardware. EOL isn't. Don't too many of you adopt that strategy, though. I still want my source of cheap EOL hardware. :-) 

Mike Hammett 
Intelligent Computing Solutions 


----- Original Message -----

From: "Matt Freitag" <mlfreita at> 
To: "Saku Ytti" <saku at> 
Cc: "nanog list" <nanog at> 
Sent: Friday, September 30, 2016 3:50:25 PM 
Subject: Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos 


Please also keep in mind that the Juniper EX4500 is an end of life product. 
Soon you won't be able to get Juniper to support you. That's why there are 
so many for so cheap on eBay. 

Matt Freitag 
Network Engineer I 
Information Technology 
Michigan Technological University 
(906) 487-3696 <%28906%29%20487-3696> 

On Fri, Sep 30, 2016 at 4:06 PM, Saku Ytti <saku at> wrote: 

> On 30 September 2016 at 22:42, Pedro <piotr.1234 at> wrote: 
> Hey Pedro, 
> > I have some idea to put switch before bgp router in order to terminate 
> isp 
> > 10G uplinks on switch, not router. Main reason is that could be some 
> kind of 
> > 1st level of defence against ddos, second reason, less important, save 
> cost 
> > of router ports, do many port mirrors. 
> I don't understand your rationale, unless your router is software box, 
> but as it has 10G interface, probably not. 
> Your router should be able to limit packets in HW, likely with better 
> counter and filtering options than cheap switch. 
> -- 
> ++ytti 

More information about the NANOG mailing list