Opinions on Alternatives to Cisco Routers? 67
An anonymous reader asks: "I'm currently working on a project that is 'partnered' with Cisco. Despite that they make good routers, the company's relatively large size does not appear to be willing to meeting unique, customized, requirements. So what are your opinions of the alternatives: 3com, Juniper, etc? Anyone had bad/good experience with these companies? Are all their routers really essentially the same? How about comparative performance with totally customized routing solutions via Linux+Zebra or some other open solution?"
my question.... (Score:4, Interesting)
Re:my question.... (Score:1)
Re:my question.... (Score:2)
Meet me in New Orleans in a couple of weeks, and I can teach you all about Cisco's Modular QoS implementation.
I will say this, using MQoS, I can classify traffic based on just about anything, from layer 2 up. Once I classify it, I can priority or custom queue it, change next hop info, retag it, change IP Prec bits, add/change DiffServ bits, et al.
BTW.. to enable RSVP, try this on the INTERFACE you want RSVP enabled-
ip rsvp bandwidth
Cisco partner, cisco equipment (Score:5, Insightful)
Will your customers accept non-Cisco equipment ? (Score:5, Insightful)
That said - what kind of customization are you looking for... Cisco is the gold standard on most things IP infrastructure these days.
Re:Will your customers accept non-Cisco equipment (Score:5, Interesting)
Cisco is good, but they're by no means in a class all their own from a performance or capability point of view. Personally, I've found Extreme Networks can often offer considerably higher performance at a price that's a bit lower than Cisco's - and the care and feeding of Extreme's gear is *way* easier than Cisco's, too, which is a cost that you should NOT ignore...
I have nothing against Cisco, but Extreme "gets" performance far more than Cisco - for instance, Extreme's gigabit switches have deeper buffers than Cisco's which is irrelevant for most networking tasks, but shows up big-time when you try to do something serious like, say, storage-over-IP, or a cable head-end: it's just way too easy to overrun Cisco's buffers and wind up with your data all over the floor. Of course, if you ever have to retransmit anything because of this, the huge latency involved in that obliterates any chance of good performance. Extreme's engineers know this, and design their gear accordingly.
I'd suggest giving them a chance as an alternative vendor. (I have no relationship with Extreme, either, except as one pleasantly surprised by the company on several occasions.)
Re:Will your customers accept non-Cisco equipment (Score:2)
Doesn't change the point that there are MANY IT shops out there (some quite large) that will only accept Cisco equipment.
Many vendors get around some of the issues by implementing the Cisco CLI - making management of siad devices easier, they are managed just like all of the other cisco devices in their shop.
This is just a reality if you are an equipment vendor - might as well recognise it and move on
My experience (Score:5, Informative)
Matching the featureset of a cisco installation with zebra? easy.
Matching the performance of a cisco box with Linux and Zebra? uh-uh. Not gonna happen. For a small installations maybe, but not when performance or load is involved.
Why? Cisco does everything in hardware (ASICS). You can't meet performance like that with a PCI nic and the various bottlenecks associated with standard PC-based architecture. Juniper realized this and made a business model out of it. The took some open-source OS (which I can't remember right now - BSD?) and added support for network-task specific hardware. They can match cisco on performance and load-capability if not on product line. And they do it for ALOT less. My suggestion - take a look at juniper, then throw the juni quote back in your Cisco reps face. See if you can get him to bend a little
News ! (Score:1, Informative)
enterprise products, including industry leading firewall/security
boxes, SSL remote access, and small access routers.
These are priced right and have
advantages over cisco, not the least
being that Juniper is a responsive and
fast moving company.
p
Re:News ! (Score:2)
BINGO!! [avigsidan.com]
Re:My experience (Score:2)
in short, they don't do everything in 'hardware'.. not that it would automatically mean it bei
Re:My experience (Score:5, Informative)
But the real iron does everything in hardware (except error handling).
Re:My experience (Score:4, Informative)
While a Linux box or similar commodity hardware can do a good job in non-demanding situations, you start running into bus-bandwidth issues when you get into really high-speed networking. The only real reasons to use a Cisco router on a small, low-throughput internal network are consistency and Cisco's support, which is truly excellent.
The one Cisco product line that does use standard off-the-shelf hardware is their firewall line. There, the fact that firewalls need to be able to cope with complex rule sets means that tuning the hardware for one set of circumstances will probably result poorly. Thus, the extensible and customizable nature of the PC architecture wins out over the highly specialized router architecture. Also, it means that it's possible to pirate the software and run it on other PCs - something Cisco certainly doesn't like and will probably come down hard on, legally speaking. I would imagine that has something to do with the incident you're thinking of, where their software was "warez'd;" the latest version of IOS is not hard to obtain, since Cisco makes most of their money on hardware and support contracts.
Re:My experience (Score:4, Informative)
The incident you're referring to is the frankenpix project [packetattack.com]. It used the fact that one of the original PIX product line was a 300Mhz PII on an intel OEM chipset to create a clone using commodity parts combined with a PCI flash card (the only expensive part). Cisco took a cue from this, however, and changed it's business model accordingly. Newer pixes now come in the form of non-X86 standalone boxes or blades that interface directly with the switch-fabric of their higher end chassis (how the hell do you write chassis plural?).
The comment above about PIX licensing is also correct. The base PIXos is still downloadable from Cisco's software repository for free with a valid CCO login, but add-on features are activated via 'product keys' which are a bit harder to come by.
Re:My experience (Score:2)
Re:My experience (Score:2)
chassis. It's like deer. The plural is the same as the singular form.
Quite right. However, unlike "deer", the pronunciation does change; "chah-see" vs "chah-seez"
Re:My experience (Score:2, Informative)
on the high end, maybe. on the low end, that can't be further from the truth. on the low end, it's very cheap hardware, made up with better software
sangoma has made t1/e1 cards for some time now with drivers for *bsd and linux. they have just been recently merged into openbsd-current and will get maintained by the openbsd peeps there.
between carp, pf, pfsync, the soon-to-be-a-reality ifstated, and now the sangoma drivers, the question becomes more, why
Re:My experience (Score:4, Funny)
between carp, pf, pfsync, the soon-to-be-a-reality ifstated, and now the sangoma drivers, the question becomes more, why cisco?
Because we're talking about routing today, not routing in 1998. T1 speed traffic can probably be routed without loss by an apple newton that's simultaneously trying to OCR a hand-written journal entry by Christopher Reeve. Throw in virulent windows boxes at full-duplex GigE speeds and you're going to need ASICs for the policy and routing decisions.
I wouldn't suggest a sneakernet for routers... (Score:2)
I hope you're not referring to setting up a shoe-based [asics.com] network. that's so routing in 1986...
Re:My experience (Score:5, Interesting)
Re:My experience (Score:5, Insightful)
Re:My experience (Score:3, Informative)
You've got it. And the most common such ASIC in Cisco's middle range is called PXF [cisco.com] for Parallel Express Forwarding.
PXF is basically a programmable ASIC using a custom assembly language (think of it as a FPGA) where packets come in one side and are pushed through columns. Each PXF is one grid of 4 rows x 4 colums (16 CPU in total), and packets stay in each column for 128 cycles. Each column is responsible for one task, rarely two. What one PXF does includes
Re:My experience (Score:2)
The keyword here is "some" of us. Personnaly, I work full-time in IT and know of no one using these kind of pipe. So, yes, if you are a telco, a large ISP or run an extremely big network, Cisco is what you need. The rest of us (all 99% of it) can probably get by using software routing on PC hardware.
Re:My experience (Score:2)
Anyway, wake me when Cisco switches can finally handle auto-negotiation. It's been broken for at least ten years, and I can always tell when I'm in an all-C
Re:My experience (Score:2)
If your machine can't autonegotiate link speed and duplex with a Cisco switch, it's due to the $5 NIC manufacturer's shoddy drivers.
(And just so you know, manually setting 100full on your workstation is not the end-all, be-all fix you think it is. If the switchport is trying to negotiate, and your card is now hard set, it can still negotiate improperly on the switch side. You've told your card not to participate in the negotiation.)
Re:My experience (Score:2)
Of course manually setting the workstation does nothing if the switch isn't set... these shops have all set their switches to 100full instead of auto-negotiate. Should have thought that was obvious from the post, but this is Slashdot where the easy off-the-cuff answer is the only one that matters.
Re:My experience (Score:1)
Re:My experience (Score:1)
I think the OP is talking about lower-end gear anyway, and cisco's low-end routers definitely don't do everything (anything) in hardware.
Re:My experience (Score:3, Informative)
If your traffic was nothing but orderly, GIANT flows of data that went one for minutes at a time then maybe you could get some use out of that bus. Traditional traffic will squash the processor before the bus even gets up to a jogging pace. Giant backplanes or busses are very good for non-policy work (read: switching) but won't help when individual attention must be paid to each packet or frame.
Its the policy involved with routing that will squash a PC-bas
Re:My experience (Score:2)
Re:My experience (Score:2)
Re:My experience (Score:4, Interesting)
Not entirely. Host-based routing is undoubtedly more do-able now than it was a few years ago, since Moore's law is finally delivering hardware that's "fast enough" for most such applications.
The real problems aren't all in the software either. Linux in particular has serious performance problems in such applications. I'm not Linux-bashing here, it's just fact: If you want to do serious host-based network processing, you'll find that only Sun and IBM can really keep up with wire speeds.
There are two reasons for this: First, the superior networking performance of those OSes (which is why *really* big firewalls like the one NASA uses to move *all* of its satellite tlemetry through always run on big IAX boxes); and Second, their markedly superior internal bus architectures. Almost all non-IBM x86 boxes have serious choke points in their buses or buscontrollers. (Seriously, check out the way IBM's x-series servers provide higher I/O cpacities, and you'll realize that if you're planning to really the crank I/O, Dell and HPaq aren't even in this game.
Then, of course, there is the application software, which you correctly point out is often hard to come by (except commercially).
Finally, pay attention to the NICs - they are definitely NOT all created equal. In general, the 3Coms, Intels, and such are trash from a serious performance point of view, and you're generally *way* better off with something designed by a company that haas a clue about protocol and system i/o performance, like Syskonnect.
If you do your homework correctly, you can build a host-based router that will do the job in most cases, but it isn't easy. Especially if you're pushing the limits and don't have the serious multidisciplinary skills required to pull off putting together such a system (I'd estimate fewer than 1 sysadmin in 500 does), you're better off staying with the canned router solutions...
Re:My experience (Score:2)
Re:My experience (Score:3, Insightful)
Well, you aren't paying for the kit, you're paying for the support infrastructure they have in place. Sure it's expensive upfront, but if something goes wrong, you'll be glad you did.
"OpenBSD will soon rule the router world!" (Score:5, Interesting)
Anyway, they already have good failover support for their firewall, nice bgpd, support for T1 hardware was recently merged into -current
Something good will come out of it, i'm sure
Back in my days... (Score:4, Interesting)
Yes, it did reinforce millions of dollars worth of equipment sales. But they also probably wouldn't have lost the sales if they refused.
-psy
Re:Back in my days... (Score:1)
Why ask this? (Score:4, Insightful)
There are plenty of router companies. Cisco is most popular, but that is the only thing you can easily see. Any other advantage needs to be tested in the real world (or in a lab).
Plenty of companies are as good or better, but until you define your requirements (to the point that few of us are qualified to comment) nobody can say which is really better.
IP is standard. There isn't much that someone can do different and still be correct. Firewalls, speed, and some max capacity. IPv6 would be nice too. Figure your needs and then ask who will meet them.
I've worked with and around several companies trying to knock Cisco off. It is hard because even when you have a technical advantage Cisco dominates. Sort of like how Microsoft dominates, but not as extreme, and Cisco has never been accused of being quite that evil.
Everyone seems to be missing the Majpr points... (Score:2)
Support - Cisco's TAC (Technical Assistance Center) is best of breed. You'd be hard pressed to find a better help desk. They'll help you resolve a problem that comes up, or they'll give the clueless newbie a completely functional router configuration from scratch. Technical support is what accounts for the difference in price between a Cisco product, and a comparable product from another vendor.
Widely Available Kn
Do you REALLY need it? (Score:4, Insightful)
And beware of slick salesman who will promise you any feature you ask for in order to get a sale.
Use the right tool for the job (Score:2)
Gb/sec, you're going to need specialized
hardware. If you're down in range of E1/T1,
DS3, any reasonably recent piece of hardware
will do. In between, you need to make careful
hardware selections, or at least buy something
with a few PCI-E slots.
I doubt that you can
justify replacing Juniper kit with Zebra kit
on a bang/$ basis in that middle tier,
unless you are a hobbyist. The top tier
belongs to Cisco and a few other heavies.
Cisco on the bottom is just a gratuitous
was
If you can't go cisco... (Score:3, Insightful)
If you have to go with something other than cisco you may as well be using your own linux solution (since they are basically all using embedded linux ANYWAY). Go with something like a via mini-itx board/case (rather nice solid case on caseoutlet.com that I use alot) or a ppc board.
Either way the main thing your looking for is something that can be passively cooled. I recommend having a case with a fan even if the chip is supposedly passively cooled. That way if the fan dies on you it's not a big deal. You also want solid state storage and enough ram to run the OS out of it. The general idea is to eliminate moving parts. Once you are running completely out of memory, and have no essential moving parts... you've got dedicated hardware devices matched at least equaled in this respect. And a 1ghz c3 at the very least equals 200mhz specialty chip (which are quite rare in practice despite everyone citing them to defend said routers).
Nope, the biggest concern your going to have is bus speed. I'd keep it in mind.
Re:If you can't go cisco... (Score:3, Interesting)
Someone's Cisco rep doesn't like them. But seriously, if you're not in constant communication with Cisco, then you don't have a real big deployment. Heck, our Cisco rep comes to our department picnics and foots the bill for happy hour every now and then.
don't listen to the other guy saying cisco will take it personal. First they won't even know
Again, I find that highly unlikely. Let's put it this way, my department is entirely Cisco based. There j
Re:If you can't go cisco... (Score:1)
Re:If you can't go cisco... (Score:1)
Re:If you can't go cisco... (Score:2)
unique custom solution? (Score:2, Insightful)
procurve (Score:2)
Re:procurve (Score:2)
Really depends on your needs (Score:3, Interesting)
So I don't think a cisco router is necessary for every network. For small networks, cheaper solutions work fine. Just remember that if you underestimate your future needs, it can cost you dearly later. But I've heard even cisco zealots talk about the routers crashing under load, which obviously should be unacceptable for any hardware of "enterprise" quality, but I haven't been around them long enough to see it for myself.
Search google for 'cisco "lawful interception"' if you like a good scare. Also, the fact that their IOS source code was recently stolen is another thing to be concerned about.
But what do I know? My experience with cisco routers is limited to a single class on network security. They're very flexible and featureful routers, certainly top quality even if not bug free, but whether you need one is highly dependent on what you'd want it to do for you.
The Eleventh Commandment (Score:2)
Here endeth the lesson.
Brother Ed Almos
Budapest, Hungary
Re:The Eleventh Commandment (Score:1)
Suggestions (Score:3, Informative)
Core Network:
Juniper
Layer 2/3 routers: (Can still perform all router functions, but are cheaper per-port)
Riverstone Networks
Extreme Networks
I wouldn't recommend anyone else. Alcatel, Foundry, and 3COM haven't really impressed me.
Interestng note, Qwest uses Juniper M20/40s in their core OC28 network. Juniper, IMHO, is the only real Cisco competitor for a network backbone. And, Juniper uses a BSD OS on their routers.
I've had good experience with riverstone support.
I work in an environment where we see many different router vendors every month. Riverstone seems to be the ones who stick around. Also, you might not have heard of them because they sell mostly MAN (Metro area networks) which are most deployed abroad.
-n
Opinions from a network engineer (for a living) (Score:3, Insightful)
While the math on the hardware is straight, he fails to comprehend that the routing engines of Linux and FreeBSD are completely not designed for rapid routing and forwarding lookups. While there is some progress being made in this area, it is incredibly slow work. The Linux and FreeBSD IP stacks are not designed for packet forwarding and rapid cut-through switching; they're designed for dealing with an entirely separate problem, and the code is pretty ugly compared to the rest of the large body of network code. BSD has a leg up on Linux, but 2.6 is catching up fast in this regard.
I don't understand what you think you're not getting from Cisco. From an innovation perspective, Cisco has pretty much every feature in real-world networks deployed that people need, with some minor exceptions in the MPLS world. While Juniper beats them on lookup and engine performance, the Juniper backplane has some distance to go when coupled with large amounts of traffic. Your own description of your problem isn't sufficient data for me to really speak to your requirements, but I have to go on record here and say I think your statement about Cisco not able to provide unique, customized needs is a little off-kilter. I question what your unique and customized needs really are, because the reality of network engineering is you find a set of features, you find a box that meets your performance requirements, and you roll out. Cisco has a feature/performance mix for every network from A to FF, including yours.
If your sales team isn't working well, then find a different one. This is standard business practice, and not unique to Cisco.
Please do not take the advice of other trolls in this thread who suggest that they can recommend you a vendor without knowing intimate details of your application. They are snakeoil salesmen. People who suggest Juniper, Extreme, Riverstone, may all have good recommendations, and they may be sound for your application, but I wouldn't make that judgement call without being absolutely certain that they knew all your requirements. For example, I do over 5Gb/s outbound to the Internet on Foundry Networks gear, and while it works, I can't honestly say that i'm happy with it for the features that I need. We gave Juniper a shot and they didn't have the right cost-per-port/density that we needed, so we ended up heading in Cisco's direction. This decision took me about a month and a half in comparing all the options, and doing a feature matrix that was weighted towards what I needed.
This may all seem like stupidity or busywork to you, but I assure you it is not. Any network design requires this much attention, and your company will thank you for it. Do not try to do things cheaply - the PC router road is a worn one, mostly because people come back down the same path they took to get there and go off in another direction.
If you are insistent on using "open-source" using Zebra, GateD, or Click under FreeBSD, Linux, or something else, I would advise you to wait for some time unless your traffic needs are under a couple of megs a second.
Re:Opinions from a network engineer (for a living) (Score:2)
Someone earlier made the suggestion that, for a small group ( 30 users) a linksys (or similar consumer broadband product) router would suffice. If an office is sitting on a frac-T1, is the consumer-level router sufficient? For many companies, the cost of a cisco router is prohibitive, to say nothing of the expertise often required.
Thoughts?
Maybe these people still want their souls (Score:1)
Optical Carrier on PCI cards (Score:2)
http://solutions.sun.com/catalog.static/en_US/6
There are other ppl providing card solutions, I have
seen a few from back in the day before the DOT BOOM
went DOT BUST
While I worked for Cisco I researched alternatives
Some of these cards were reverse engineered to make the
original juniper gear I believe
juniper has since made more robust equipment
Peace,
Ex-MislTech
We use Foundry Networks (Score:1)
As you can see, this is no small installation. While Cisco is an obvious choice for this kind of setting, it is not by far the only one. When we built this system in early 2002 there were reasonable offering
Business Networks (Score:1)
As far as servers go, we use either IBM or Compaq (none of the HP models). For desktops Del
Enterasys.. (Score:2)
We have a full network of this stuff, and we are currently upgrading our core, then moving outwards, plan to do gigabit to every desktop in the next 2 yrs. The new Management tool for the router seems sweet, since the last one sucked ass, it will cost though.. The eqipment isn't cheap but they seem willing to give pretty good discounts (I'm guessing to make sales