For those of you who migrated from Cisco to Juniper...

just2cool

Gawd
Joined
Sep 22, 2005
Messages
524
So I've been made an offer I couldn't refuse to leave corporations for a bit and join a smaller financial firm with a hell of a lot less politics. No regrets on starting where I did, I learned more there than I ever thought I could in just 2 years.

Having said that, I came from a huge Cisco shop (you name a router/switch, I've probably worked on it here, including the CRS-1). Now, this new shop is entirely Juniper. Aside from one training class and playing with one box in the lab, I've had very limited JUNOS experience.

What are some things you like about JUNOS compared to IOS? What are some things you dislike? How's the reliability in comparison? Since Juniper landed Morgan Stanley and NYSE, I'm assuming they're pretty reliable :)

I also hear that Juniper support is nowhere as good as Cisco's, which I've actually found to be true. Can any of you elaborate on support you got from them?

Thanks!
 
I've only worked on JUNOS in the lab. I still prefer IOS (it's what I learned on), but JUNOS has some nice features and does seem to be pretty solid. Get some books and go to town.
 
Haha, that's a good question actually. I normally like to finish what I've started. I might as well take a shot at the lab at this point, why not?

If I pass, maybe I'll study for the JNCIE. But I doubt I pass the CCIE lab on the first try, we'll see.
 
we recently moved from Cisco to juniper due to availability issues on the ASA's. I've been rolling out mostly SRX100's and 240's. So far I like them, learning curve was certainly present. The whole zones.policies thing takes some getting used to, I love being able to make a ton of changes prior to a commit on in production gear, I love that it evaluates your input and spits out errors when you do stupid things, and I love the config rollback (last 5 are kept on flash, keeps up to 50 iirc)
so far they've been pretty stable, I had some VPN issues that are still unresolved, just VPn's dropping out (site to site ipsec) with nothing useful in the logs, but I haven't looked into it too closely, they were like 2 minute outages at small branch offices.
The cost of entry to get two SRX100's running in HA is so stupid cheap, it's great.
all switching functionality has to be disabled when HA is enabled, kinda lame on a device that has 8-16 ports targeted for a branch office, but whatever.
Still in the process of testing out their dynamic access ipsec vpn stuff, so I'll reserve comment until it's rolled out into prod for my client, but seems to be ok so far.
 
commit confirmed... is your friend.

We put in a j2350 because it was cheaper that getting a cisco. The JunOS as a second language video's helped and Google filled in the blanks. I do like I can do alot of things in one line vs a few lines in IOS.

IE:
set interfaces ge-0/0/0 unit 0 family inet 192.168.1.1/24

Overall I like it. I wish I had more Juniper to play and work with. Ours has be reliable and the only issue we did have was fixed with a software upgrade. CLI is easy to get use too and I prefer it to the GUI they include with it.
 
Last edited:
KB Jump page - super useful http://kb.juniper.net/KB15694

Juniper Golden configs - Was also useful http://www.juniper.net/us/en/local/pdf/app-notes/3500153-en.pdf

Configuring HA: http://kb.juniper.net/KB15504

Troubleshooting HA on SRX: http://kb.juniper.net/KB15911


The IOS to JUNOS config conversion stuff doesn't really work well, you're far better off doing everything from scratch if you're migrating Cisco to Juniper.

to get rid of switching config prior to enabling HA run:
Code:
delete vlans
delete interfaces vlan
delete interfaces interface-range interfaces-trust
delete security zones security-zone trust interfaces

you'll have an amber warning light (or was it HA light?) until you do a rescue save.
Code:
show system alarms
request system configuration rescue save

I'll try to think of more stuff
 
Cool, thanks for all that guys. I'm going to look into those links. It's going to feel weird leaving IOS. I've literally joined change calls slightly drunk before and could still configure stuff easily. Now I'm going to feel like a newbie.

Juniper comes at my current place from time to time in order to make us consider them for routing. It never works out, but they give us free JUNOS books. What do you think of this one? I now have an excuse to read it haha.
http://oreilly.com/catalog/9780596514426
 
IIRC our rep mentioned that if you're certified by Cisco, they'll pay/waive fees to get you certified on JUNOS. Can't recall if that was our Juniper contact, or our channel partner.

either way, pretty cool. obviously it's so that you buy more stuff, but nice to not have to pay for Juniper certs.
 
IIRC our rep mentioned that if you're certified by Cisco, they'll pay/waive fees to get you certified on JUNOS. Can't recall if that was our Juniper contact, or our channel partner.

either way, pretty cool. obviously it's so that you buy more stuff, but nice to not have to pay for Juniper certs.

It is a program available to everyone who is Cisco certified. I signed up when it was first announced, but never did anything with it, since I didn't have any equipment to train on.
 
Back
Top