[j-nsp] Juniper ACX

Saku Ytti saku at ytti.fi
Tue Feb 9 10:34:05 EST 2016


On 9 February 2016 at 17:10, Johan Borch <johan.borch at gmail.com> wrote:

Hey,

> Would ACX-series be a good box for L2VPN terminations? I can't find any
> information that VPLS is supported yet, seems to be supported in some 15..
> version. Anyone with experience with for example filter/policy BUM traffic
> and BPDUs? Do it have good control plane protection possibilities, similtar
> to MX and not like EX.

ACX covers many boxes with different HW. ACX2k is BRCM Enduro, as is
Cisco ASR901. My comments are about ACX2k.


VPLS is not supported, and I don't think it ever will be.

Only way to protect control-plane would be forwarding filter where you
match local addresses or implementing it in all interfaces. So not
really.

Firewall filters are funky, like you can't match to prefix-lists at
all, you have to enumerate all the addresses in the firewall filter
itself, which is peculiar, considering this is not HW feature.
IPV6 FW filters weren't supported at all when I tested them.

Very few IFL can have counters enabled (disabled by default)

Shaper calculates L2 rate, which I think is categorically wrong.


If you can live with the limitations, it can be useful and affordable
box, but be sure that the CAPEX benefit is sufficient to justify the
inherent complexity of running HW with limited HW capabilities.

-- 
  ++ytti


More information about the juniper-nsp mailing list