[j-nsp] juniper router reccomendations

Adam Vitkovsky Adam.Vitkovsky at gamma.co.uk
Thu Jul 28 03:50:41 EDT 2016 

> Mike
> Sent: Wednesday, July 27, 2016 3:34 AM
>
> Hello,
>
>      I am a network operator and have been firmly in the cisco camp for many
> years but the price for 10g ports simply seems too unreasonably high across
> the whole product line and I'm wondering if Juniper might be a better
> solution for me.
>
Well, you get what you pay for.


>      In fact, have a need for a new edge router today and the job would simply
> be full bgp tables taken on a 10g port, filtering/rate limiting DDoS type traffic
> (for us, inbound dns > 15mbps = attack, for example) and then forwarding
> the remainder to a 1Gbps uplink behind the router.
> How much of a juniper box do I need to accomplish that and what
> models/licenses would I need to accomplish this?
>
The choice of NPU, doing the forwarding of packets through the box, depends on number of factors.
How onerous edge filters you want to deploy, i.e. how many terms, complexity of the term's match criteria e.g. 5-tuplle or match also packet size, or special flags and how many unique policers,...
And also on the PPS rate you expect coming in with your flavour of IMIX.
Bear in mind that NPUs are rated for very basic IP lookup (ideal conditions) for bidirectional traffic (A to B, B to A) so once you start taxing it with more tasks per each packet the PPS rate will drop.
How much will the performance drop depends on the following.
PPS rate, the lookup process has to be repeated for each incoming packet, so the more packets per second the more taxing it is.
Processing budged, some NPUs can deliver slightly more than the sum of BW of ports they are servicing at a particular packet size, cause it's expected that customers will use some additional features like ACLs or QoS, or the NPU is simply aimed to deliver line-rate for even small packet sizes/high PPS rates.
And on how effective is the NPU's lookup process, that is how effective is the actual lookup algorithm with CPU cycles and memory accesses, some NPUs can even offload complex lookup tasks to a specialized chip.


adam









        Adam Vitkovsky
        IP Engineer

T:      0333 006 5936
E:      Adam.Vitkovsky at gamma.co.uk
W:      www.gamma.co.uk

This is an email from Gamma Telecom Ltd, trading as “Gamma”. The contents of this email are confidential to the ordinary user of the email address to which it was addressed. This email is not intended to create any legal relationship. No one else may place any reliance upon it, or copy or forward all or any of it in any form (unless otherwise notified). If you receive this email in error, please accept our apologies, we would be obliged if you would telephone our postmaster on +44 (0) 808 178 9652 or email postmaster at gamma.co.uk

Gamma Telecom Limited, a company incorporated in England and Wales, with limited liability, with registered number 04340834, and whose registered office is at 5 Fleet Place London EC4M 7RD and whose principal place of business is at Kings House, Kings Road West, Newbury, Berkshire, RG14 5BY.
---------------------------------------------------------------------------------------
 This email has been scanned for email related threats and delivered safely by Mimecast.
 For more information please visit http://www.mimecast.com
---------------------------------------------------------------------------------------

More information about the juniper-nsp mailing list