Slashdot Mirror

← Back to Stories (view on slashdot.org)

Opinions on Alternatives to Cisco Routers?

Posted by Cliff on from the road-less-travelled dept.

An anonymous reader asks: "I'm currently working on a project that is 'partnered' with Cisco. Despite that they make good routers, the company's relatively large size does not appear to be willing to meeting unique, customized, requirements. So what are your opinions of the alternatives: 3com, Juniper, etc? Anyone had bad/good experience with these companies? Are all their routers really essentially the same? How about comparative performance with totally customized routing solutions via Linux+Zebra or some other open solution?"

9 of 67 comments (clear)

  1. My experience by jgaynor · · Score: 4, Informative

    In my experience, Cisco can meet basically any NEED you have. A good sales engineer can fulfill almost any scenario and guarantee that it will work. The biggest downside with Cisco is, undeniably, price.

    Matching the featureset of a cisco installation with zebra? easy.

    Matching the performance of a cisco box with Linux and Zebra? uh-uh. Not gonna happen. For a small installations maybe, but not when performance or load is involved.

    Why? Cisco does everything in hardware (ASICS). You can't meet performance like that with a PCI nic and the various bottlenecks associated with standard PC-based architecture. Juniper realized this and made a business model out of it. The took some open-source OS (which I can't remember right now - BSD?) and added support for network-task specific hardware. They can match cisco on performance and load-capability if not on product line. And they do it for ALOT less. My suggestion - take a look at juniper, then throw the juni quote back in your Cisco reps face. See if you can get him to bend a little :).

    1. Re:My experience by Urgoll · · Score: 5, Informative

      You're talking about the PIX - Cisco's firewall product line. Those are software only, and if you pirate the software you can easily clone it.

      But the real iron does everything in hardware (except error handling).

    2. Re:My experience by Triumph+The+Insult+C · · Score: 2, Informative

      Why? Cisco does everything in hardware (ASICS).

      on the high end, maybe. on the low end, that can't be further from the truth. on the low end, it's very cheap hardware, made up with better software

      sangoma has made t1/e1 cards for some time now with drivers for *bsd and linux. they have just been recently merged into openbsd-current and will get maintained by the openbsd peeps there.

      between carp, pf, pfsync, the soon-to-be-a-reality ifstated, and now the sangoma drivers, the question becomes more, why cisco?

      besides, you shouldn't support cisco to begin with. they are an evil, non-oss friendly, non-free/open standard, company

      --
      vodka, straight up, thank you!
    3. Re:My experience by PurpleFloyd · · Score: 3, Informative
      Well, the "better quality" Ciscos are certainly computers in the Turing machine sense - they're just not very similar to your desktop machine. Rather, they use extremely specialized high-speed buses and processors to shuffle data around at amazing speed. Simply put, there's no way a 32-bit/33 MHz PCI bus will keep up with an OC-48's worth of data coming in constantly; a high-end Cisco will handle it easily. IOS (Cisco's proprietary OS) won't run on anything but Cisco hardware, either - the hardware and software are tuned to take advantage of each other's capabilities and thus do use hardware acceleration.

      While a Linux box or similar commodity hardware can do a good job in non-demanding situations, you start running into bus-bandwidth issues when you get into really high-speed networking. The only real reasons to use a Cisco router on a small, low-throughput internal network are consistency and Cisco's support, which is truly excellent.

      The one Cisco product line that does use standard off-the-shelf hardware is their firewall line. There, the fact that firewalls need to be able to cope with complex rule sets means that tuning the hardware for one set of circumstances will probably result poorly. Thus, the extensible and customizable nature of the PC architecture wins out over the highly specialized router architecture. Also, it means that it's possible to pirate the software and run it on other PCs - something Cisco certainly doesn't like and will probably come down hard on, legally speaking. I would imagine that has something to do with the incident you're thinking of, where their software was "warez'd;" the latest version of IOS is not hard to obtain, since Cisco makes most of their money on hardware and support contracts.

      --

      That's it. I'm no longer part of Team Sanity.
    4. Re:My experience by jgaynor · · Score: 3, Informative

      didn't they get quite mad at some guys cloning their hardware

      The incident you're referring to is the frankenpix project. It used the fact that one of the original PIX product line was a 300Mhz PII on an intel OEM chipset to create a clone using commodity parts combined with a PCI flash card (the only expensive part). Cisco took a cue from this, however, and changed it's business model accordingly. Newer pixes now come in the form of non-X86 standalone boxes or blades that interface directly with the switch-fabric of their higher end chassis (how the hell do you write chassis plural?).

      The comment above about PIX licensing is also correct. The base PIXos is still downloadable from Cisco's software repository for free with a valid CCO login, but add-on features are activated via 'product keys' which are a bit harder to come by.

    5. Re:My experience by jgaynor · · Score: 2, Informative

      4Gb/s Bus bandwidth != $Gb/s routing throughput.

      If your traffic was nothing but orderly, GIANT flows of data that went one for minutes at a time then maybe you could get some use out of that bus. Traditional traffic will squash the processor before the bus even gets up to a jogging pace. Giant backplanes or busses are very good for non-policy work (read: switching) but won't help when individual attention must be paid to each packet or frame.

      Its the policy involved with routing that will squash a PC-based router. Each packet has to be checked against ACLs, Quality of Service policies, line subscription rates, etc, etc. Big iron handles this by flow switching, IE applying policy to the first packet in each flow and then switching the rest based on that initial policy decision. There simply is no PC equivalent without specialized hardware.

      Even then, flow switching fails when viral traffic or network scans are thrown into the mix. Millions of ip threads per second, all with different destinations addresses and ports will bring even the hardiest of PCs to it's knees.

    6. Re:My experience by forged · · Score: 2, Informative
      The key is programmable ASICs, pure and simple.

      You've got it. And the most common such ASIC in Cisco's middle range is called PXF for Parallel Express Forwarding.

      PXF is basically a programmable ASIC using a custom assembly language (think of it as a FPGA) where packets come in one side and are pushed through columns. Each PXF is one grid of 4 rows x 4 colums (16 CPU in total), and packets stay in each column for 128 cycles. Each column is responsible for one task, rarely two. What one PXF does includes IP decapsultaion and encapsulation, sanity checks (ttl, etc.), netflow accounting, NAT, L2TP, Policing/CAR, MAC rewrite, WRED, WFQ, LLQ, traffic shaping, L2TP LNS. This was 2 years ago on the c7200 and c7400 platform; now they're using two PFX processors in serial on newer platforms to do even more features.

      PXF is found on the c7200 platform (NSE-1), c7304, c7401, OSM line cards for the Cat6K/c7600, ESR 10k and uBR 10K where two PXF are working in serial, 10720, and probably more.

      So the PXF basically does the features described above in hardware. When the c7304 was introduced it was the quickest NAT box that Cisco had with 2Mpps switching performance with NAT. The main router CPU was hovering at 0% utilization, obviously. Not too shaby.. I'd like to see a PC do that but I don't think it's gonna happen any time soon :)

  2. News ! by Anonymous Coward · · Score: 1, Informative

    Juniper now has both service provider and
    enterprise products, including industry leading firewall/security
    boxes, SSL remote access, and small access routers.

    These are priced right and have
    advantages over cisco, not the least
    being that Juniper is a responsive and
    fast moving company.

    p

  3. Suggestions by noah_fense · · Score: 2, Informative


    Core Network:
    Juniper

    Layer 2/3 routers: (Can still perform all router functions, but are cheaper per-port)
    Riverstone Networks
    Extreme Networks

    I wouldn't recommend anyone else. Alcatel, Foundry, and 3COM haven't really impressed me.

    Interestng note, Qwest uses Juniper M20/40s in their core OC28 network. Juniper, IMHO, is the only real Cisco competitor for a network backbone. And, Juniper uses a BSD OS on their routers.

    I've had good experience with riverstone support.

    I work in an environment where we see many different router vendors every month. Riverstone seems to be the ones who stick around. Also, you might not have heard of them because they sell mostly MAN (Metro area networks) which are most deployed abroad.

    -n