[c-nsp] Cisco FWSM vs Juniper NetScreen 5400
Gert Doering
gert at greenie.muc.de
Thu Aug 9 05:24:09 EDT 2007
Hi,
On Thu, Aug 09, 2007 at 06:43:28PM +1000, Dale Shaw wrote:
> Alas, the routing protocol is EIGRP. This shouldn't pose too much of a
> problem though as I only need to segment about 20 VLANs.
Well, it will be for the Netscreen - it can only do OSPF or RIP (and BGP).
Besides this, I really hate PIXen, and Netscreens mostly are a pleasure
to work with. They have a few design quirks that you need to get used to
(like: for established state, the session table is consulted before the
routing table, so some things work in surprising ways, if your routing
is asymmetric) - but that's like "for a PIX, everything is a NAT", it
needs getting used to.
Netscreen tech support sucks, but it's no worse than TAC.
10G on Netscreens is going to cost two arms and a leg. At least.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list