Opinions on Alternatives to Cisco Routers?

An anonymous reader asks: "I'm currently working on a project that is 'partnered' with Cisco. Despite that they make good routers, the company's relatively large size does not appear to be willing to meeting unique, customized, requirements. So what are your opinions of the alternatives: 3com, Juniper, etc? Anyone had bad/good experience with these companies? Are all their routers really essentially the same? How about comparative performance with totally customized routing solutions via Linux+Zebra or some other open solution?"

my question....

what could you possibly require that you need cisco to customize their stuff for you? with all the software/hardware coming out of that company, how's it possible that something doesnt quite entirely cover everything you need?

"OpenBSD will soon rule the router world!"

[Pegasus]

Or at least that's what some would want :) Which would be interesting to see ...

Anyway, they already have good failover support for their firewall, nice bgpd, support for T1 hardware was recently merged into -current ... Theo himself is looking into replacing ciscos with OpenBSD.

Something good will come out of it, i'm sure ...

Back in my days...

[psyconaut]

...at a relatively large telco, we had Cisco pretty much rewrite one of their software products for us. We didn't scream or shout, just pointed out that the product was flawed in some areas and that we really would like to use a complete Cisco solutions. They were even flying guys up from CA on a weekly basis at one point.

Yes, it did reinforce millions of dollars worth of equipment sales. But they also probably wouldn't have lost the sales if they refused.

-psy

Re:My experience

[ebrandsberg]

Methinks you haven't looked at what can be done with a PC these days. I work for a company that provides hardware that front-ends the largest websites in the world, and it's Intel hardware with PCI-X bus support, and PCI-X NIC's. These boxes can drive over 4Gb/s of traffic. How many networks drive that much traffic? The point is that with the right software, the hardware can fly. The hard part is the software. If you do the math, a 33mhz 32 bit PCI bus can handle about 1Gb/s, which if run equal xmit and receive, comes to 512Mb/s. A 64 bit 66mhz comes to about 4Gb/s. A 133Mhz 64 bit PCI bus does 8Gb/s, and gig cards now support this. So, even if you drive four Gig cards at wire speed, you are just reaching the top capacity of a single 133Mhz 64 bit PCI bus. Now consider that higher-end motherboards now have more than one PCI bus that can run at this speed, and a PC can make a very good alternative to a router. Again, the key is the software...

Re:If you can't go cisco...

[pyite]

a pretty rare experience to even talk to someone at cisco

Someone's Cisco rep doesn't like them. But seriously, if you're not in constant communication with Cisco, then you don't have a real big deployment. Heck, our Cisco rep comes to our department picnics and foots the bill for happy hour every now and then.

don't listen to the other guy saying cisco will take it personal. First they won't even know

Again, I find that highly unlikely. Let's put it this way, my department is entirely Cisco based. There just so happens to be another department in my organization that has some Foundry ServerIrons for their own use. I was talking with the Foundry guys at CeBit in New York this year and when I made the comment "We're an all Cisco shop." They immediately rebutted with, "No, I know for a fact you guys have some ServerIrons in your machine room." If Cisco's competition knows what kind of hardware we're running, you better believe that every time Cisco sets foot in a customer's machine room, they're taking note of any competitor's equipment that is in there. Use that fact to your advantage. That's all I'll say.

Really depends on your needs

[dtfinch]

Though I wouldn't recommend it, I've seen 30 systems all accessing the internet behind a $30 linksys router (appears to belong in a home network) with zero complaints. It was configured to work as a NAT and also provided port forwarding and log streaming. Though I doubt it could handle much more, it worked well for the given workload and setup needs.

So I don't think a cisco router is necessary for every network. For small networks, cheaper solutions work fine. Just remember that if you underestimate your future needs, it can cost you dearly later. But I've heard even cisco zealots talk about the routers crashing under load, which obviously should be unacceptable for any hardware of "enterprise" quality, but I haven't been around them long enough to see it for myself.

Search google for 'cisco "lawful interception"' if you like a good scare. Also, the fact that their IOS source code was recently stolen is another thing to be concerned about.

But what do I know? My experience with cisco routers is limited to a single class on network security. They're very flexible and featureful routers, certainly top quality even if not bug free, but whether you need one is highly dependent on what you'd want it to do for you.

Re:My experience

[dublin]

Now consider that higher-end motherboards now have more than one PCI bus that can run at this speed, and a PC can make a very good alternative to a router. Again, the key is the software...

Not entirely. Host-based routing is undoubtedly more do-able now than it was a few years ago, since Moore's law is finally delivering hardware that's "fast enough" for most such applications.

The real problems aren't all in the software either. Linux in particular has serious performance problems in such applications. I'm not Linux-bashing here, it's just fact: If you want to do serious host-based network processing, you'll find that only Sun and IBM can really keep up with wire speeds.

There are two reasons for this: First, the superior networking performance of those OSes (which is why *really* big firewalls like the one NASA uses to move *all* of its satellite tlemetry through always run on big IAX boxes); and Second, their markedly superior internal bus architectures. Almost all non-IBM x86 boxes have serious choke points in their buses or buscontrollers. (Seriously, check out the way IBM's x-series servers provide higher I/O cpacities, and you'll realize that if you're planning to really the crank I/O, Dell and HPaq aren't even in this game.

Then, of course, there is the application software, which you correctly point out is often hard to come by (except commercially).

Finally, pay attention to the NICs - they are definitely NOT all created equal. In general, the 3Coms, Intels, and such are trash from a serious performance point of view, and you're generally *way* better off with something designed by a company that haas a clue about protocol and system i/o performance, like Syskonnect.

If you do your homework correctly, you can build a host-based router that will do the job in most cases, but it isn't easy. Especially if you're pushing the limits and don't have the serious multidisciplinary skills required to pull off putting together such a system (I'd estimate fewer than 1 sysadmin in 500 does), you're better off staying with the canned router solutions...

Re:Will your customers accept non-Cisco equipment

[dublin]

I know of several IT shops that will not allow non Cisco equipment into their infrastructure. Would make it hard (if not impossible) to qualify for those accounts.

Cisco is good, but they're by no means in a class all their own from a performance or capability point of view. Personally, I've found Extreme Networks can often offer considerably higher performance at a price that's a bit lower than Cisco's - and the care and feeding of Extreme's gear is *way* easier than Cisco's, too, which is a cost that you should NOT ignore...

I have nothing against Cisco, but Extreme "gets" performance far more than Cisco - for instance, Extreme's gigabit switches have deeper buffers than Cisco's which is irrelevant for most networking tasks, but shows up big-time when you try to do something serious like, say, storage-over-IP, or a cable head-end: it's just way too easy to overrun Cisco's buffers and wind up with your data all over the floor. Of course, if you ever have to retransmit anything because of this, the huge latency involved in that obliterates any chance of good performance. Extreme's engineers know this, and design their gear accordingly.

I'd suggest giving them a chance as an alternative vendor. (I have no relationship with Extreme, either, except as one pleasantly surprised by the company on several occasions.)