Juniper EX4500 review
- — 17 November, 2011 13:47
Ethernet switches like the Juniper EX4500 are a stock ingredient of enterprise networks. They connect desktops to servers in the data centre via a three-tier system of access, aggregation and core Ethernet switches.
Access layer switches reside in cupboards on each floor of the building, connecting desktop computers, networked printers and now also IP enabled telephones. These access layer switches are also connected to aggregation switches in each building and are uplinked to the core network in the data centre — usually by fibre optic links. In the data centre, the core network switches are in turn connected to more aggregation layer switches that connect to racks and racks of servers hosting the applications that users access, such as email, file storage, intranet, outbound web proxies and so on.
The drive to consolidate and reduce this sprawl of under-utilised servers in the data centre has led to a rise in the use of virtualisation technology, which drove the introduction of larger blade servers to fully use their allocation of CPU and RAM.
The Juniper EX4500 is aimed at this data centre and campus network aggregation role. It provides 40 fixed ports which can be populated with either dual Gigabit Ethernet or 10 Gigabit Ethernet fibre optic modules, as well as two additional slots for four port, 10 Gigabit Ethernet fibre optic uplink modules.
In a data centre aggregation role, this is a switch that can be populated with Gigabit Ethernet ports for physical servers, 10 Gigabit Ethernet fibre optic ports for blade server enclosures, and fibre optic uplinks to the core network switches.
In a campus aggregation role it can be populated with 10 Gigabit Ethernet fibre optic links to aggregate access layer switches and uplink them to the core network switches. Alternatively, in a small data centre, it can even be utilised in a redundant configuration — as a core switch — it includes the capability for two redundant power supplies. A key feature of the EX4500 is its Virtual Chassis technology, enabling the switch to be combined with others to act as a single device, removing the need for complex switch configuration.
First impressions are that it boasts seriously solid build quality. Power supplies and fan packs all install with satisfying 'snicks' — it is substantial, heavy and needing a second person to mount it in the rack.
A peek inside (through the hole for the fan pack) shows why. There are substantial heat sinks on every motherboard component. After connecting the 15 Amp power cord (don't be fooled, it wont fit standard Australian outlets due to a wider ground pin) the device sounds like a jet engine winding up.
All five fans in the fan pack start up at full speed, settling down to a dull whine after a few minutes. You get the feeling that Juniper’s engineers consider heat their number one enemy. Removing the fan pack to try and reduce the noise (we didn't have our ear plugs that day in the lab) quickly developed a problem. The switch soon started to protest, it really needs that fan pack in to operate correctly. The EX4500 is initially configured using an LCD panel and two soft-touch buttons. Using this, it is easy to enter setup mode, halt the system or perform a factory reset. In setup mode, upon connecting a laptop to the management Ethernet port, it was also easy to enter the web interface — who has a serial port for connecting to a console port these days?
The web interface allows configuration of the management interface, SSH or telnet access, and SNMP read-only management. Through the web interface, each port can be configured with port role, VLAN options, link options and IP options.
We were impressed by the approach taken by Juniper to secure the configuration. On setup, a root password change is forced, management interfaces are disabled, SSH is made available as a secure alternative to telnet, and SNMP requires a custom community string for read-only operation.
The web-based management on the EX4500 is functional and easy to navigate. Status is shown on the front page, graphically displaying active ports and inactive components, such as an unplugged fan pack. The status of components — even airflow in component such as the fan pack and power supplies — are clearly presented.
Four menu options sit across the top of the web interface; configure, monitor, maintain and troubleshoot; making life really easy for the administrator. Surprisingly, the engineers have included a web-based network sniffer that allows you to download PCAP files. This brought a smile to our faces — no need to lug a notebook down to the data centre to diagnose problems!
The SSH interface is another matter, after connecting via the root account (hint) you will find a very Unix-like command line interface (CLI). Administrators could easily confuse a SSH connection to a Linux server with a JunOS CLI on their switch. Come on Juniper, how about a help command on the CLI? It would definitelay help those who are "manually challenged" at 3am in the data centre.
- default secure configuration
- web interface driven network sniffer
- well-structured web interface with at-a-glance status
- telnet interface didn't seem to work when we first configured it (unlike the SSH interface)
- boot time and shutdown time is a bit long (for the impatient)
- command interface has no help function
It looks as if this switch was built by network engineers for network engineers — specifically for network engineers who like a web interface for management. The addition of the Virtual Chassis technology and various other nice-to-haves (such as the web interface driven network sniffer) makes a user appreciate how Juniper has tried to make their administration job as easy as it can be.
In conclusion, for those migrating to specialised virtualisation hardware, this device is a solid data centre aggregation switch; its easy-to-use web management interface will be a welcome change for most network engineers.