nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos
Mike Hammett
nanog at ics-il.net
Sat Oct 1 14:22:32 UTC 2016
That sort of thing has never bothered me much. If the platform is so great, surely it'll last more than a few years. What's the MTBF on these things? Decades?
Better power performance, newer features, higher capacities sure are all great reasons to get newer hardware. EOL isn't. Don't too many of you adopt that strategy, though. I still want my source of cheap EOL hardware. :-)
-----
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
Midwest-IX
http://www.midwest-ix.com
----- Original Message -----
From: "Matt Freitag" <mlfreita at mtu.edu>
To: "Saku Ytti" <saku at ytti.fi>
Cc: "nanog list" <nanog at nanog.org>
Sent: Friday, September 30, 2016 3:50:25 PM
Subject: Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos
Pedro,
Please also keep in mind that the Juniper EX4500 is an end of life product.
Soon you won't be able to get Juniper to support you. That's why there are
so many for so cheap on eBay.
Matt Freitag
Network Engineer I
Information Technology
Michigan Technological University
(906) 487-3696 <%28906%29%20487-3696>
https://www.mtu.edu/
https://www.it.mtu.edu/
On Fri, Sep 30, 2016 at 4:06 PM, Saku Ytti <saku at ytti.fi> wrote:
> On 30 September 2016 at 22:42, Pedro <piotr.1234 at interia.pl> wrote:
>
> Hey Pedro,
>
> > I have some idea to put switch before bgp router in order to terminate
> isp
> > 10G uplinks on switch, not router. Main reason is that could be some
> kind of
> > 1st level of defence against ddos, second reason, less important, save
> cost
> > of router ports, do many port mirrors.
>
> I don't understand your rationale, unless your router is software box,
> but as it has 10G interface, probably not.
> Your router should be able to limit packets in HW, likely with better
> counter and filtering options than cheap switch.
>
> --
> ++ytti
>
More information about the NANOG
mailing list