On day 2 we started the day off with a visit to Juniper’s Sunnyvale HQ. The day was organized by Abner at Juniper and he lined up some great speakers for us. We had three good presentations but I am only going talk on two of them. The 3rd was a good discussion with Dogu Arin and I may have a post down the road as a result of that talk on MAC-VPN. But now on to today’s post.
First up was Mike Bushong who is the Product Manager Core OS, which is of course Junos. This was a great session. Mike busted out the white board and asked what we wanted to know then started going to town.
One of the first things Mike pointed out is that he does not like to do is a feature by feature comparison to Cisco’s IOS. The reason for this is today one of them may have a feature the other does not have but it will in 12-18 months most likely. When most of these boxes have a 5-7 year lifecycle so why buy for just a year or so of advantage? What he did focus on is what make Junos fundamentally better then traditional IOS.
Going into this meeting I had always felt Junos was a better thought OS then tradition IOS, leaving this meeting was I had a better understanding why. We all have heard that Junos is modular and tradition IOS is not. (I course keep saying traditional because the newer versions of IOS such as XR, XE, NX-OS and some 6500 versions are modular now.) This gives you a more stable product over all because processes are separated. For example, a crashed netflow process will not take down OSPF. This comes from them targeting the carrier space in the beginning and as the product line has grown they kept that focus on a highly reliable OS. Mike also talked about the separation of the control plane and forwarding plane. This again is a positive that all of us seemed to agree on. We also got very geeky on how the OS interacts with the CPU’s. Juniper has used custom silicone from day one but the OS is written so they could at anytime switch CPU’s. This is great to know as a customer. To me this means if they have to change hardware radically they can do that quickly and I won’t have to start over looking for new vendor halfway though a enterprise wide switch refresh.
Mike then talked about something has a been staple of Juniper marketing, the one OS for all devices concept. This of course does not mean one binary as each hardware will have specific needs resulting in separate binaries per platform. However this does lead to differences per platform. Clearly a SOHO firewall has no need for the code to configure an OC-192 module. I understand that different hardware has different software needs but if your going to preach one OS and have differences per platform that to me is not much different then the fact a Cisco 7600 runs a different IOS then the 1800. Clearly they are very different router you will configure them differently. Where one OS is an advantage is when going from a router to a firewall the config. On a Cisco 2800 vs an ASA the config is night and day different. However on a Juniper MX 960 vs SRX 240 it is not that different and it is easy to transition from one to the other. That is where the real advantage is to me. Most of is the group where not that sold on how great of a benefit one OS. Most of us feel that different devices have different purposes so they have different configs but maybe that is just the long term Cisco users in us. Overall the one OS is good idea and am glad Juniper is doing it, I just don’t see the benefit is a big as marketing tells us it is.
Data Center Switches
Switches are a fairly recent addition to the Juniper portfolio as result many people are still not very familiar with this product line. As a result Dave Hawley was there to explain the EX line of switch to us in detail. What Juniper recommending for data centers is top of rack EX4200’s (or 4500 if you need 10Gb) and in most cases uplinked to a MX router. This interesting for a couple of reasons, the first being the routed layer in the data center. The trend is going to all layer 2 in your DC thanks to VMware mainly. They do of course have designs showing the EX8200 as core but clearly MX was preferred. The second is those are the same switches that you would also deploy in the access layer to the users. These are of course powerful access layer switches which all run at wirespeed for the same cost as other vendors oversubscribed switches that makes them also work well in the data center.
One of the features Juniper introduced with the EX switches is the Virtual Chassis idea. Now Juniper will tell you this is not stacking but pretty much all of the delegates agree this is stacking, just a different way to do it. I think it is better the Cisco StackWise method but still stacking which brings new concerns when you’re deploying them. I personally have had very little issue with stacking but when it goes wrong it really goes bad. However a number of benefits exists when running the switches in this config. Easy management is one. Since 10 4200’s can be grouped into a virtual chassis that is a lot of ports all managed from a single IP. No more having to guess switch the connection on, you know it will be on that virtual chassis. The next is a larger layer 2 network spread across a wider area. These switches can be stacked using dedicated cables up to 5m or using the 10Gb uplink ports for a distance of 70km. With that config you can essentially have switch that spans two data centers. That is a great benefit for those that need that but it is a double edged sword so make sure you have a good plan if you’re going to go down that road. Within a single data center the 5m option allows for placement several racks apart. This also gets rid of the tradition tree design in the data center which makes server-to-server traffic faster and failovers faster too. I like what Juniper is doing in trying to replicate a chassis with 1RU switches but I still would like to see a few improvements. The main one being ISSU upgrades or least a staged one member at a time upgrade. Overall I think Juniper has a done a good job with the EX switches and I am excited to see what is coming next from them.
I really like what Juniper has to offer with Junos being the core of that offering. It is a great OS and despite what I think marketing may over inflate as a benefit the one OS is a really good benefit to have on your side. Juniper is also really big on making customers and potential customers are knowledgeable on their products. They have number of free eLearning courses online, they offer a fast track program for certification and have a series of high quality free Day One books to help you get started with Juniper. This makes the transition from your current routers and switches to Juniper that much easier. We have a number of old Cisco 3550’s to replace and Juniper is high the list to replace them. I suggest you reach out to Juniper and learn more about them, they are very willing to help get you the info you need.