Juniper

[ELit3]

Which hardware is considered the most reliable. I'm setting up a network and I'm trying to decide how long this setup would last me in terms of years. I'm trying to stay as low end as possible not spending over $10,000 on the network how long do you guys think this setup would last? Can anyone recommend a cheaper reliable setup whereas I can cut the $10,000 down to around $4,000 utilizing 2 10G uplinks bgp and probably 50private vlans.

Edge Routing - MX240
Edge Firewall - SRX3600
Core Switch - Nexus 3048 4x10GE
Top of rack - Cisco 3560G

Core I would go with the EX9214 but its way to expensive.

 

[whitey]

10K network and you pretty much have your pick of the litter. A LOT of us run on 10/40GbE setups that we got for 10% of orig cost most likely...say $500 for a 10GbE setup, $500-1500 for 40GbE I'd venture to guess. If you're going new and have those deep pockets I'd probably shoot for a 25/50/100GbE switch :-D

Most reliable is debatable right, some folks are Cisco, Juniper, Arista, MLX, Brocade, etc. Really preference and familiarity w/ routing/switching OS. You can see where I lie in my sig, junos is great and highly reliable, I think i would get on just fine w/ a Arista switch as well if those things weren't jets.

 

[Blinky 42]

Do you need to handle a full BGP routing table or just announcing a few prefixes to your uplinks?
Are you trying to do any complex routing policy between the uplinks (are they different providers or just a redundant connection manged by BGP).

Are you trying to achieve any other networking tasks with the hardware (firewall, DNS, DDoS mitigation, VXLAN, SDN, OpenFlow) or just basic BGP + L3 switching. How many ports total are you looking for and what speed?

Answers to those will help weed out things that won't work for you, or require extra licenses which can be harder to get if not buying new.

Also a fan of Juniper myself but for more basic routing on the cheap I have done that with a cluster of Linux boxes and quagga and it has been up for over 5 years now w/o issues. I'll echo @whitey and say if you are familiar with a vendor already, I would start there as it will help avoid hassles setting things up. Reliability for the major vendors should be similar. If you spring for modular/chassis based solutions you can hot-swap and upgrade things over time or if there are issues, but that comes at a premium vs basic 1U/2U hardware.

 

[ELit3]

Do you need to handle a full BGP routing table or just announcing a few prefixes to your uplinks?
Are you trying to do any complex routing policy between the uplinks (are they different providers or just a redundant connection manged by BGP).

Are you trying to achieve any other networking tasks with the hardware (firewall, DNS, DDoS mitigation, VXLAN, SDN, OpenFlow) or just basic BGP + L3 switching. How many ports total are you looking for and what speed?

Answers to those will help weed out things that won't work for you, or require extra licenses which can be harder to get if not buying new.

Also a fan of Juniper myself but for more basic routing on the cheap I have done that with a cluster of Linux boxes and quagga and it has been up for over 5 years now w/o issues. I'll echo @whitey and say if you are familiar with a vendor already, I would start there as it will help avoid hassles setting things up. Reliability for the major vendors should be similar. If you spring for modular/chassis based solutions you can hot-swap and upgrade things over time or if there are issues, but that comes at a premium vs basic 1U/2U hardware.

I went with the Cisco N3K-C3048TP-1GE Nexus 3048TP-1GE 48 GIG + 4 10G Switch 4x SFP-10G-SR 2x DC. Its 2 separate providers both provider 10gig uplink. I plan on running BGP, firewall, DNS and some ddos mitigation. I want to make the network as redundant as possible so I ordered 2 of the same switches. Ill only be announcing a few prefixes maybe 4 for now but ill have more down the road. When you mention modular/chassis what do you mean by that? Also what do you think of the Cisco N3K will it work for my project? I just looked at the 4x10gig so 80gig capacity seems fairly nice to have and redundancy. My overall goal is to set something up of the magnitude in the screenshot I attached for now something simple with the N3K for $300 bucks so $600 total sounds like a good start for ISP.

 

[mstrzyze]

well .. can you tell what do you want to do ?

lets check prices
MX240 - ebay: 20k$ with 16x Ge, probably 14k without int
SRX3600: ebay: 2.5k$
nexus 3048 : probably few hundreds - ( btw CORE switch on 1GE RJ45 ? my home network is running on better switch.. )
cat 3560G - EOS probably End of everything...forget that

from your pic:
9214 ..i dont know juniper prices probably 20+ k$
qfx3500 - probably 2.5k$
EMC VNX - you know its usually Fibre Channel , so connect qfx3500 over FC 8 Gbps
F5..

everything is dual. ( $ x 2 )
so, how you wanna buy that HW below 10k ? or even cut down to 4k ????

--
BGP
you will announce few prefixes but how many you will got ?
only 0/0 from 2 providers? not too much sense..


is that kinda 'student project' ?

and one more, you cant start 'ISP' with 600$ ( in my opinion ). totally makes no sense.

better start to tell what do you want to achive .
this is how it should be done. not to ask if " Also what do you think of the Cisco N3K will it work for my project?"
answer will be: "yes/no/it depends"

 

[ELit3]

well .. can you tell what do you want to do ?

lets check prices
MX240 - ebay: 20k$ with 16x Ge, probably 14k without int
SRX3600: ebay: 2.5k$
nexus 3048 : probably few hundreds - ( btw CORE switch on 1GE RJ45 ? my home network is running on better switch.. )
cat 3560G - EOS probably End of everything...forget that

from your pic:
9214 ..i dont know juniper prices probably 20+ k$
qfx3500 - probably 2.5k$
EMC VNX - you know its usually Fibre Channel , so connect qfx3500 over FC 8 Gbps
F5..

everything is dual. ( $ x 2 )
so, how you wanna buy that HW below 10k ? or even cut down to 4k ????

--
BGP
you will announce few prefixes but how many you will got ?
only 0/0 from 2 providers? not too much sense..


is that kinda 'student project' ?

and one more, you cant start 'ISP' with 600$ ( in my opinion ). totally makes no sense.

better start to tell what do you want to achive .
this is how it should be done. not to ask if " Also what do you think of the Cisco N3K will it work for my project?"
answer will be: "yes/no/it depends"

Yes it's a student project somewhat. The image was just to show the network setup not to buy everything in the image. I have a few thousands to work with.

 

[mstrzyze]

peering: 2x PC with min 4x10 G ( 2x2x10 GE : 1 uplink, 1 downlink to sw1, 1 to sw2, 1 to cross connect )
Quagga or mikrotik..

add those two nexus'es you got /plan ( 1st 10Ge to 1st PC, 2nd to 2nd peering PC )

FW: depend on what you want,maybe you can find something used with 10G from Juniper/Palo Alto..or another 2PC's with pfsense standalone x2 or cluster .. also will "depend"..

connect those to rest of 10GE ports of nexus ( FW on stick )

 

[ELit3]

peering: 2x PC with min 4x10 G ( 2x2x10 GE : 1 uplink, 1 downlink to sw1, 1 to sw2, 1 to cross connect )
Quagga or mikrotik..

add those two nexus'es you got /plan ( 1st 10Ge to 1st PC, 2nd to 2nd peering PC )

FW: depend on what you want,maybe you can find something with 10G from Juniper/Palo Alto..or another 2PC's with pfsense as cluster
connect those to rest of 10GE ports of nexus ( FW on stick )

When you say Mikrotik your speaking for a router? Before or after the nexus? I'm trying to vision/jot down what you just told me.

 

[mstrzyze]

mikrotik.com - they are making HW and SW - you can load their SW on PC...
this is peering - you connect that to upstream SP
quagga is software for linux...its routing software to speak BGP..

after that ( top to bottom ) you connect Nexus - this is your 'core/access'

then ( you you still got $ ) you can add FW...

 

[ELit3]

mikrotik.com - they are making HW and SW - you can load their SW on PC...
this is peering - you connect that to upstream SP
quagga is software for linux...its routing software to speak BGP..

after that ( top to bottom ) you connect Nexus - this is your 'core/access'

then ( you you still got $ ) you can add FW...

Whatever saves me upfront money I'm fine with that I just need a reliable solution.

I was going to go with a 40G mikrotik router but some folks were telling me bad things about it. I was gonna do 40k mikrotik router Dual to dual nexus switches.

 

[mstrzyze]

this is how situation looks if you want to go cheap..

anyway, i dont know which is '40G mikrotik' but only you can use that with 8x10GE / SFP+
CCR1072-1G-8S+

or you can build PC as i mentioned and setup linux/quagga

Its your choice.

if you will buy mikrotik ( besides it works or no ) you got in price support ( which i suppose you will need )
PS. i dont use mikrotik/quagga but other solutions for BGP peering

 

[ELit3]

this is how situation looks if you want to go cheap..

anyway, i dont know which is '40G mikrotik' but only you can use that with 8x10GE / SFP+
CCR1072-1G-8S+

or you can build PC as i mentioned and setup linux/quagga

Its your choice.

if you will buy mikrotik ( besides it works or no ) you got in price support ( which i suppose you will need )
PS. i dont use mikrotik/quagga but other solutions for BGP peering

I surely appreciate the help bud.