Opinions on Alternatives to Cisco Routers?

An anonymous reader asks: "I'm currently working on a project that is 'partnered' with Cisco. Despite that they make good routers, the company's relatively large size does not appear to be willing to meeting unique, customized, requirements. So what are your opinions of the alternatives: 3com, Juniper, etc? Anyone had bad/good experience with these companies? Are all their routers really essentially the same? How about comparative performance with totally customized routing solutions via Linux+Zebra or some other open solution?"

My experience

[jgaynor]

In my experience, Cisco can meet basically any NEED you have. A good sales engineer can fulfill almost any scenario and guarantee that it will work. The biggest downside with Cisco is, undeniably, price.

Matching the featureset of a cisco installation with zebra? easy.

Matching the performance of a cisco box with Linux and Zebra? uh-uh. Not gonna happen. For a small installations maybe, but not when performance or load is involved.

Why? Cisco does everything in hardware (ASICS). You can't meet performance like that with a PCI nic and the various bottlenecks associated with standard PC-based architecture. Juniper realized this and made a business model out of it. The took some open-source OS (which I can't remember right now - BSD?) and added support for network-task specific hardware. They can match cisco on performance and load-capability if not on product line. And they do it for ALOT less. My suggestion - take a look at juniper, then throw the juni quote back in your Cisco reps face. See if you can get him to bend a little :).

Re:My experience

[Urgoll]

You're talking about the PIX - Cisco's firewall product line. Those are software only, and if you pirate the software you can easily clone it.

But the real iron does everything in hardware (except error handling).

Re:My experience

[PurpleFloyd]

Well, the "better quality" Ciscos are certainly computers in the Turing machine sense - they're just not very similar to your desktop machine. Rather, they use extremely specialized high-speed buses and processors to shuffle data around at amazing speed. Simply put, there's no way a 32-bit/33 MHz PCI bus will keep up with an OC-48's worth of data coming in constantly; a high-end Cisco will handle it easily. IOS (Cisco's proprietary OS) won't run on anything but Cisco hardware, either - the hardware and software are tuned to take advantage of each other's capabilities and thus do use hardware acceleration.

While a Linux box or similar commodity hardware can do a good job in non-demanding situations, you start running into bus-bandwidth issues when you get into really high-speed networking. The only real reasons to use a Cisco router on a small, low-throughput internal network are consistency and Cisco's support, which is truly excellent.

The one Cisco product line that does use standard off-the-shelf hardware is their firewall line. There, the fact that firewalls need to be able to cope with complex rule sets means that tuning the hardware for one set of circumstances will probably result poorly. Thus, the extensible and customizable nature of the PC architecture wins out over the highly specialized router architecture. Also, it means that it's possible to pirate the software and run it on other PCs - something Cisco certainly doesn't like and will probably come down hard on, legally speaking. I would imagine that has something to do with the incident you're thinking of, where their software was "warez'd;" the latest version of IOS is not hard to obtain, since Cisco makes most of their money on hardware and support contracts.

Re:My experience

[jgaynor]

didn't they get quite mad at some guys cloning their hardware

The incident you're referring to is the frankenpix project. It used the fact that one of the original PIX product line was a 300Mhz PII on an intel OEM chipset to create a clone using commodity parts combined with a PCI flash card (the only expensive part). Cisco took a cue from this, however, and changed it's business model accordingly. Newer pixes now come in the form of non-X86 standalone boxes or blades that interface directly with the switch-fabric of their higher end chassis (how the hell do you write chassis plural?).

The comment above about PIX licensing is also correct. The base PIXos is still downloadable from Cisco's software repository for free with a valid CCO login, but add-on features are activated via 'product keys' which are a bit harder to come by.