[j-nsp] Flow Based Router
sthaug at nethelp.no
sthaug at nethelp.no
Wed Dec 23 11:23:13 EST 2009
> It depends on your definition of flow based router. Cisco used to
> build routers with a flow based cache many years ago, and the process
> of installing a new entry in the cache was software based (example:
> 6500 with Sup1). It didn't work very well in the face of exhaustive
> address space scanning, e.g. denial of service attacks and similar.
As already pointed out, the SRX is flow based, and so is newer versions
of the J series software. But the question is still - how relevant is
comparing the SRX to what Anagran makes? It seems Anagran is stressing
"bandwidth management", typically as a way to control P2P traffic.
I doubt anybody is planning to make a flow-based version of a T1600 or
a Cisco CRS-1.
Personally, I was sad to see the J series become flow based. Yes, I
know that it can be turned off - but the software bloat is still there
and so is the opportunity for bugs.
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
More information about the juniper-nsp
mailing list