[c-nsp] Extreme vs. Cisco

[Joe Maimon]

Jon Smith wrote:

> I was wondering if anyone has any good comparison of cisco switches
> vs. extreme? Also any horror stories about extreme. I have used
> Cisco's products and like them very much, but need to argue to
> management that we don't need to go the Extreme way.
> 
> Any thoughts would be appreciate it.
> 
> --Jon
>

Well as far as the summits go, theres good and bad.

the cli. It seems to take a dozen commands to get anything done compared 
to cisco.

configuring every vlan on every port I need it over and over again.

much prefer to simply enable dot1q for all vlans in the switch on port, 
except for when I have reason to prevent that vlan from that port.

Usualy if I remember I write a for loop with echo and paste that in instead.

Wrapping your head around their acls and writing them....fun. And they 
are applied on the whole switch immediately.

Various gotchas with poe and qos.....

the way I always have the niggling suspicion that its just not 
forwarding certain traffic right when troubleshooting something and 
getting it resolved by rebooting it.

For example, there were times when certain hosts from subnets could 
traverse the l3 switches but others a couple bits different wouldnt.

the way the Summits are crippled with stp features (no such thing as per 
vlan) and ONLY TWO ospf interfaces.

Read the manual carefully for statements like "on the summit series 
xxxxxxxxx" "not supported on the summitxxxxx"

No real equivalent to portfast. Ports either run real stp or something a 
bit more than not at all.

Tech support is eager but there seem to be plenty there not quite on the 
ball.

They do RMA's very efficiently.

Every problem you have with STP they will tell you to use EAPS, never 
mind that you are trying to run a heterogenous environment.

(I posted a topic on this a while back)

You see, one stp domain with 4 core switches and 4 distribution switches 
is too much to handle and every transition to forwarding anywhere on any 
port running stp will cause dropped packets.

EAPS is not a loop prevention mechanism. Its a redundancy ring scheme.

How about "unreproducible" by tac STP bugs where "blocked" ports seem to 
broadcast storm certain traffic anyways?

How about the inability to disable a "load sharing port (portchannel)"?

There are plenty of other little annoyances they will throw at you. 
Expect them and dont complain.

Every ssh upgrade you want you will need to contact them manually for.

That said, once you do get them to do something, they seem to keep doing 
it. They have fairly decent inertia.

VRRP works fairly well. STP does actually work after all is said and 
done. Load sharing works well. Performance is nice. They rev their sw 
frequently. l3 features are a bit skimpy such as no secondary ip 
addresses (why does nobody seem to think this has any value) or loopback 
interfaces so on so forth. no vrfs.

Simple ospf performs as expected. RIP2 for those who want it runs nicely 
as well.

After using the cli for a while you do get proficient in it, but its 
still plenty extra typing. Try comparing the size of default config 
between cisco and extreme.

I believe it quite likely that projects I have been involved with summit 
switches cost far more in time spent on their idiosyncracies than in 
money saved in equivalent cisco gear where you can write the config 
offline two months in advance.

Never mind downtime and outages and "unrealized" opportunities.

And of course, as far as feature comparison, forget about it. No 
contest. However try selling that to management.

It goes like this

"Which of these features must we have according to our current plan?"
"can we do without and save 50-60%?"
"change the plan"

Dont even try explaining future proofing.

Most of this is just venting.