On Apr 10, 2012, at 7:24 AM, Tim Eberhard wrote: > I find it humorous that you think J/SRX junos isn't real junos. > > So what makes it not real junos? The fact it has a flowd process? Lets > technically talk about this for a moment. >
The fact that you can't put it into flow mode. > Realistically one of the only differences between "flow based junos" > and the legacy "packet based junos" is the flowd process. Which can be > easily bypassed by issuing a couple of configuration commands. So what > exactly makes this platform/code so horrible and not "real" junos? Actually, not. Try again. It can be partially bypassed. There are real and serious differences in how forwarding works in flow-based JunOS and how it behaves under many circumstances. > If anything to me it's a better platform to deploy and learn on. It's > more flexible as it comes with more advanced flow based features but > they are optional. There are certain limitations as mentioned > previously around the switching and class of service however these > same feature limitations were also in the "real" junos low end > devices. They aren't entirely optional and that is the problem. You can't actually completely bypass them and they do sometimes get in the way. > If there are other differences that I am unaware of then by all means > feel free to educate me. I am well aware that branch devices don't > have the capabilities of the MX/M series in regards to ATM and other > such specific platforms, but you called this "not real junos". So lets > keep any responses limited to that aspect. I believe that the flow-based routing goes quite a bit deeper than just having a flowd. It causes a number of problems with tunnel recursion among other things. Sure, if you want a firewall, flow-based JunOS is a pretty nice set of firewall features. However, if you just want to forward packets, it can really suck to have to work around it's flow-based "features". Owen > > -Tim Eberhard > > > > On Tue, Apr 10, 2012 at 1:33 PM, Owen DeLong <[email protected]> wrote: > >> If you want real JunOS, avoid SRX or J series at all costs. >> >>> Juniper do have a bunch more lines, but those are the most common >>> (there's also the E/ERX BRAS boxes and ScreenOS firewalls, but both are >>> not long for this world). >>> >> >> Don't forget their SSL VPN boxes which are an acquired doesn't behave at all >> like a Juniper device line of products. >> >>> If you just want one box to get to know the OS an SRX2X0 (or possibly a >>> 100) is by far the most flexible way, and can be had for < $500 used). >> >> With the caveat about Services JunOS above. >> >> Owen >> >>
