[j-nsp] Outgrowing a QFX5100

[Jason Healy]

Looking for a little wisdom from the list.

We're a small school campus that's been running a QFX 5100 as our core switch/router for several years.  It's been a good piece of equipment but we continue to hit weird limitations and I'm wondering if we're pushing the platform too hard.

My question is, what would be the logical "step up" from the qfx on a small network?  I'm thinking the MX240 as it's the smallest router that has redundant REs.  However, I have no experience with the router family (we're all EX/QFX).  I'd consider a newer member of the QFX family, but I'd need to know I'm not going to bump into a bunch of weird "unsupported on this platform" issues.

Does the MX line handle all the layer-2 stuff that the QFX has, like DHCP snooping, vlan firewall filters, or even dot1x?  Coming from the switching family, I wasn't sure how prevalent those features are on the layer-3 equipment, or if they're configured in some totally different way.

I'm fine with EOL/aftermarket equipment; we've got a pretty traditional layer-2 spoke-and-hub setup with layer-3 for IRB and a default route to our ISP (no VXLAN, tunneling, etc).  Our campus isn't growing so capacity isn't a huge issue (we're 1g/10g uplinks everywhere, and the 10g aren't close to saturation).  I *might* want 40g as a handoff to an aggregation layer, but that's about it.  Thus, I'm OK with a relative lack of new features.

Thanks,

Jason