On Apr 10, 2012, at 7:58 AM, Owen DeLong wrote: > > On Apr 10, 2012, at 7:24 AM, Tim Eberhard wrote: > >> I find it humorous that you think J/SRX junos isn't real junos. >> >> So what makes it not real junos? The fact it has a flowd process? Lets >> technically talk about this for a moment. >> > > The fact that you can't put it into flow mode. s/flow/packet/ (oops, wasn't awake yet)
> >> Realistically one of the only differences between "flow based junos" >> and the legacy "packet based junos" is the flowd process. Which can be >> easily bypassed by issuing a couple of configuration commands. So what >> exactly makes this platform/code so horrible and not "real" junos? > > Actually, not. Try again. It can be partially bypassed. There are real and > serious differences in how forwarding works in flow-based JunOS and > how it behaves under many circumstances. > >> If anything to me it's a better platform to deploy and learn on. It's >> more flexible as it comes with more advanced flow based features but >> they are optional. There are certain limitations as mentioned >> previously around the switching and class of service however these >> same feature limitations were also in the "real" junos low end >> devices. > > They aren't entirely optional and that is the problem. You can't actually > completely bypass them and they do sometimes get in the way. > >> If there are other differences that I am unaware of then by all means >> feel free to educate me. I am well aware that branch devices don't >> have the capabilities of the MX/M series in regards to ATM and other >> such specific platforms, but you called this "not real junos". So lets >> keep any responses limited to that aspect. > > I believe that the flow-based routing goes quite a bit deeper than > just having a flowd. It causes a number of problems with tunnel > recursion among other things. > > Sure, if you want a firewall, flow-based JunOS is a pretty nice set of > firewall features. However, if you just want to forward packets, it can > really suck to have to work around it's flow-based "features". > > Owen > >> >> -Tim Eberhard >> >> >> >> On Tue, Apr 10, 2012 at 1:33 PM, Owen DeLong <[email protected]> wrote: >> >>> If you want real JunOS, avoid SRX or J series at all costs. >>> >>>> Juniper do have a bunch more lines, but those are the most common >>>> (there's also the E/ERX BRAS boxes and ScreenOS firewalls, but both are >>>> not long for this world). >>>> >>> >>> Don't forget their SSL VPN boxes which are an acquired doesn't behave at >>> all like a Juniper device line of products. >>> >>>> If you just want one box to get to know the OS an SRX2X0 (or possibly a >>>> 100) is by far the most flexible way, and can be had for < $500 used). >>> >>> With the caveat about Services JunOS above. >>> >>> Owen >>> >>> >
