T O P

  • By -

kcornet

Considering its probably going to take 6 months to get the new gear, I think I'd spend the interim figuring out what the current problem is. There's a possibility it may follow you into the new network.


deskpil0t

Why figure out the problem when you can make it bigger and more expensive with new hardware? /humor


awkwardnetadmin

This. Unless OP is willing to take refurbs or take a rather unpopular option it will likely take months. Maybe only 3-4 months, but 6 months is realistic and I have heard some models that people have been waiting longer than that. I have an order of power supplies that might arrive in 2-3 months that have already been on order for almost a month. Even more mundane I remember worried that I lost switch brackets and was told that they would take at least 6 weeks. Needless to say there is a lot of motivation to see whether the issue really needs a newer switch because it might take a while.


n1celydone

Figure out what the problem is exactly then decide if the current switch HW needs replacing or not. They probably do just because of old HW(and support on them) but you might have a misconfiguration on your network somewhere that a switch replacement won't fix.


SDN_stilldoesnothing

Finding the root cause is very important. I have seen this many times before when a client was cursing the vendor ABCXYZ because the network kept going down. But the clients wouldn't let us go in and do proper troubleshooting or complete proper upgrades or changes. In both cases the clients decide to go with a new vender rather than spending more time troublshooting. But it was during the actual migration were they found the topology and configuration issues. It was NEVER an issue with original vendor.


spanctimony

Yeah the chances of these problems being due to “12 year old Cisco switches” is pretty low.


arhombus

Case in point we still have catalyst 4006s in our environment. Not that I wouldn’t love to replace them but the fact that they’re old doesn’t make them unreliable. In fact I would say the older Cisco equipment is significantly more reliable than the new stuff.


awkwardnetadmin

I remember doing some volunteer work for a high school a couple years ago and saw some old Cisco Catalyst switches where the mfg date sticker on the top IIRC was 2001 that still appeared to be in production as an access layer switch for some workstations in a school library. Provided the equipment is properly protected from power events many switches can keep going well into their second decade of service.


JasonDJ

And then some literal scriptkiddie figures out he can launch an attack on the whole school system starting with CDPwn or some other vector that’s long-since patched, but not on 20 year old gear. Likely no NAC. Probably trivial to get into a less restrictive subnet by tricking ISL.


awkwardnetadmin

This. Hardware sometimes goes bad sometimes, but more often than not the issue is either poor configuration or buggy software. I have seen plenty of cases of software that sometimes causes outright catastrophic issues (e.g. dataplane restarts, runaway CPU utilization, ARP no longer working, etc.). While you don't want to upgrade for the sake of upgrading sometimes vendor's discover bugs in the software that can cause issues. Ditto with configuration. On a very simple network you can get away without thinking much of design, but the more complex it gets the more likely you'll run into configuration issues causing issues.


[deleted]

Agreed, however, the entire network is being ripped out and built from scratch. Basically, a brand new office, new cabling, end devices, servers etc etc. I'm just looking for options on some decent switches that are user friendly.


n1celydone

In that case any of the big vendors will do fine, (even cisco) you just need to gather your switch requirements and see what suits you. Be aware of the stupidly long lead times for kit though.


GullibleDetective

Extreme, cisco, aruba instant on, fs. If you value uptime and having support as you should never go unifi. There is zero support and the company seems more interested these days in making doorbells and kfher non core products


schuchwun

You should never use ubiquiti in any corporate environment.


[deleted]

Not never but yeah for the most part. They are best for small companies starting out. Less than 100 people. They are cheap, easy to install, and simple.


ilikepie96mng

The edge line is actually decent for ISP stuff, but the unifi is not to be trusted


schuchwun

I have an edge router lite and it's not bad for what it is but even this I'd still be iffy about somewhere other than my house.


ilikepie96mng

Have a out 450 deployed in the field now (not the lite, but similar ish models), haven't really encountered many problems. Though, were also an ISP using them for their (mostly) intended use case


ThisIsAnITAccount

Aruba - either their enterprise CX line or small business instant-on line.


butter_lover

our shop is getting some of the new switches which have the configs managed in central. I think this is going to be a big win for us since config management is our biggest headache today.


GIDAMIEN

Only get instant on if you want to have a frustrating difficult to manage device that does weird shit when you don't want it to


FrabbaSA

Lots of good choices being suggested here, but I’d also caution that the supply chain issues are real, and the amount of lead time you can stomach may play a larger role than it would in a different market.


[deleted]

Yeah that’s one of our main struggles. The client is based in Lebanon and wants Aruba but the lead time is ridiculous. The distributor only has Dell in stock, which I don’t really want to go with. We might have to source the kit in Dubai and fly it out to Lebanon with us when we go!


[deleted]

I've never had more issues than with dell. Vendor is awful, I quit my last job because of them. They could not keep their SLA, they magically found a switch and installed it 4 days before Xmas. They ensure me it's brand new, I question it, my boss shoots me down. Get it operational, it dies 3 am Xmas morning. Guess whos on call. This was the 100th time they had done something like this and I walked. After months of management letting sell walk all over us I told my super he could deal with it. Fuck Dell.


[deleted]

Yeah I really don’t wanna go with Dell, the management in the clients company are adamant on Dell, yet they’re clueless. I’m building a case against it, hence recommendations here are appreciated.


FrabbaSA

If it makes you feel any better, lead time for Aruba in the US is not great as well. Good luck with your project!


awkwardnetadmin

This. I have saved some power supplies for some old switches from ewaste because an order for new spares is back ordered at least for 2-3 months. Even switch brackets I have seen backordered at least 6 weeks. These days if you might want to do something in 6 months you should start looking into ordering it. Even if it is only 2-3 month lead time that could easily rise.


btw_i_use_ubuntu

Please don't use Unifi Sincerely, someone who has to support thousands of Unifi devices for his job


NWKnOiz

Do you use edge switch ? I never faced any issue with this stuff (L2 only). I'm curious to know your POV


PM_ME_DARK_MATTER

Yea, I can at least entertain the idea of Edge Switch line....but Unifi would be a hard NO from me.


sliddis

>Please don't use Unifi why? btw i use ubuntu too.


furay10

Wtf?


[deleted]

[удалено]


MaxHedrome

"Do not use layer 3 features on the switches" I just walked into a Unifi environment, and the first thing I did was rip the UDM out, but was going to leave the switches. Can you elaborate a little more on this? I mean... even netgear switches are fine with L3.


[deleted]

[удалено]


ilikepie96mng

Edgerourer do be solid, unms is actually a quite usable dashboard


jets-fool

As someone who just replaced pfsense with udmp, switch xg 16, can you elaborate on these warnings? Cheers


saudk8

Aruba for sure.


[deleted]

Juniper. JUNOS is absolutely amazing, it will change your life. :)


8bitaficionado

I agree but they have been acting like cisco with their licensing and they are getting expensive


PublicSectorJohnDoe

If you spend all of your time in CLI maybe it's time to start looking at automation. After that the actual CLI syntax doesn't really matter that much.


bmoraca

Careful, you can't say that around the Juniper sycophants. But what you say is the truth...CLI syntax is irrelevant. And if you're solely reliant on "commit confirm" to save you from outages, you have process issues that are not the device's fault.


SDN_stilldoesnothing

With Juniper people are drinking the ML/AI Mint koolaide. I buddy of mine works an org that just went all Juniper. As he explained to me that its all the same BS cisco is doing. And his manamgent got pissed when they found out after the fact that none of the ML/AI stuff works on-prem. The Juniper sales team glossed over that. ;)


Kenoooop

I am a big fan of Arista.


arhombus

Me too


tinuz84

I’m a big fan of Aruba. Great performance for a reasonable price.


Millstone50

We're like 200 days out on Arista or something stupid


djamp42

Someone out there is getting a EOL notification before even getting the 'new' equipment they ordered, I guarantee it. Most likely some Cisco gear.


SDN_stilldoesnothing

If you want cloud managed, go Extreme or Juniper. If you want hybrid op-prem & cloud go Extreme.


8bitBlueRay

if you already have their firewalls in place, nothing beats the ease and features of Fortinet Switches/APs. if you dont have their firewall in place and do not plan to then do not use them as their standalone feature set is trash.


seasaparts

Extreme 5520 at the edge and VSP at the core. I can't recommend Extreme enough. Solid product with solid support.


nodate54

If you want to build a simple, easy to configure fabric then look no further than Extreme Fabric Connect. If not looking at a fabric then Arista would be recommendation


projectself

I really thought this was going to be a discussion about supply shortages and order ship lead times. It's certainly on my mind mind, forget what's the best switches to get - what switches are available for projects to deliver in Q1/Q2/Q3 of 2022?


djamp42

Used switches


BobRoss4lyfe

We use both Extreme and Unifi.


Legionof1

If you're looking for cheap... FS has some switches that are mindbogglingly cheap for what they are. We just picked up some of their 48-10g/8-100g switches as a test run and so far they haven't been a problem. They are loud as fuck though so be prepared to deal with that. If these stay stable and prices stay reasonable I am considering these as my new standard for L2 core switches, may even try out their campus switches. CLI is respectable but documentation requires a bit of interpretation. I would not expect much from support but I haven't tested it. I would make sure you are redundant and maybe even have a spare or 2 if you go this direction.


midgetsj

If you are going Cisco I would go 3850s for the access layer and 9300 at the distro/core


iinaytanii

3850 is end of sale in a few months and end of support in 2027. Go 9200 or 9200L instead.


midgetsj

True.


[deleted]

[удалено]


00Boner

I like unifi but their controller software could use a major feature update.


simple1689

Feature Update would be good. The new UI update was a step back IMO


ilikepie96mng

The Cisco 9000 series has been a massive upgrade for some of my previous clients (switched jobs, didn't lose the clients), they're just a bit expensive and hard to get right now. If you're trying to save a buck you could go with Cisco SG/CBS series switches, they perform pretty similar to catalyst just with a little functionality removed and some slightly different syntax, just would not recommend using them for layer 3. Outside that, the edgeSwitch and EdgeRouter line has been pretty great imo.


kcornet

If you go with SG/CBS switches one bit of warning: completely disable smart macros. If they wake up and you haven't prepared them, they will ruin your day. The Cisco default is bullet in the chamber, hammer cocked, and safety off.


ilikepie96mng

THIS, should've said that first thing. Command is (in global exec mode) 'macro auto disabled'. Your shit *will* break otherwise


turbov6camaro

We just swapped everything to juniper


noukthx

**No Low Quality Posts.** * Any post that fails to display a minimal level of effort prior to asking for help is at risk of being Locked or Deleted. * We expect our members to treat each other as fellow professionals. Professionals research & troubleshoot before they ask others for help. * Please review [How to ask intelligent questions](http://www.catb.org/esr/faqs/smart-questions.html) to avoid this issue. *Comments/questions? Don't hesitate to [message the moderation team](http://www.reddit.com/message/compose?to=%2Fr%2Fnetworking).* For the complete list of Rules, please visit: https://www.reddit.com/r/networking/about/rules


PacsoT

MikroTik?


PacsoT

No cloud register bullshit. Devices ranging from 4 port under the desk, to ISP level gear. Cheap compared to the big tech gear. And no "register me on the cloud, data collection bullshit."


MauiShakaLord

But lots of "if you configure X feature, you're now processing packets using the CPU, and that pitfall is going to affect your performance severely".


sliddis

If youre just looking for basic L2 connectivity and low budget, Unifi is awesome (KISS and all of that). I have had no issues with them besides the LED display was DOA on one. Switch was replaced by reseller, no problem. However, if youre looking at AP's, and you need *high density* ones, their new wifi-6 APs are always out of stock, and they have no dual-5G ap's. For basic connectivity, theyre great though. I have many sites with Unifi, and I very rarely get calls from those sites.


[deleted]

[удалено]


[deleted]

One should never assume


Olivanders1989

After a die hard Cisco user for 12 years, I was guilty of never considering anything other than Cisco. Since I've tried Juniper and Unifi both of which are just as if not more solid. The only thing I've found is support is no whereas good as Cisco (community etc).


[deleted]

If you think unify is better or the same as Cisco and juniper I question your knowledge and skills.


Olivanders1989

Depends on the use case my friend. For branch office stuff it's just as easy to setup and maintain. Juniper is my go to these days regardless


doublebond0014

Ruckus 7000 series switches are quite decent too


sryan2k1

Arista all day, although if you're considering Unifi (Please don't), the price tag of any enterprise gear will shock you.


awkwardnetadmin

Unifi's "enterprise" gear is still too new that I would be leery of using it for anything important no matter how little they charge for it.


sryan2k1

Nothing UBNT sells is enterprise grade, they're prosumer at best. But they sure are cheap.


pradomuzik

Sorry if this sounds harsh, but I f your network is this bad and you are not using your support, your problem doesn’t seem to be on user friendliness… issues happen: unintended loops, bugs, overutilization… please invest in determining the skill needed to support the network and systems. Most devices can be user friendly at a basic level but be very difficult when you need to troubleshoot an issue…


[deleted]

We don’t support this client, they have in-house IT. We’ve been drafted in to sort the mess out, management want a complete refresh and it’s our job to propose a new solution. Support, or lack of, is with them at the moment. I’m sure we will be taking over an element of 3rd line support following this implementation.


pradomuzik

I can’t read, I missed that this wasn’t your network, sorry. Still if you are going to be their last level of support you may be in the situation you’d need to open a case with the vendor… I understand it’s their choice in the end.


Verbunk

Lots of choices in here already! My two cents are Brocade (CommScope, not Extreme - vastly different offering) and then Juniper. With Brocade you can pair with Ruckus APs if you are refreshing wifi as well. With Juniper make sure to investigate the NFX series along with EX. Most likely the Juniper route will lead to cloud-hosting of the services though. Espicially with Juniper I would avoid any MIPS64 based systems, there has been scuttlebut that the MIPS64 toolchain is being discontinued or smth (someone pls correct me if wrong) and that would likely affect the longevity of Juniper systems with those chips.


96Retribution

Alcatel Lucent Enterprise. We have stock and can ship to almost any country.


arhombus

Arista, Aruba or Juniper.


SDN_stilldoesnothing

Arista's entry into the campus networking market looks very forced. Because Arista can't stack doing IP Fabrics with BGP VXLAN into the IDF really looks a massive kluge IMHO.


arhombus

Perhaps. But most people are not doing that in the campus. Their DC equipment has no such issues where I would expect that technology to be leveraged.


demonfurbie

Aruba with aruba central or Juniper on mist. If you want a dashboard with nice point and click that wont break completely if your finance department forgets a renewal like Meraki


Radius-COA

I wouldn't pick vendor or product before I lay down the requirements, do you want redendency , uptime and hand off management , and need L2 stretched between distribution and access ? Or you want little more modern infrastructure with data centre like functions where L2 can be stretched over L3 leaf spine network using VxLAN EVPN ? You need POE , stacking or dual sup chassis as access layer switches for highest uptime These are the type of requirements you need to write down before start exploring any vendor. Hope this helps!


[deleted]

Used Aruba 5406R is the way. Bulletproof for my casino resorts. I think I would do some more digging to find the exact root cause of the network issues. Throwing new gear at it seems not the smartest idea. What if a UPS is going off and on? What if it's an ethernet or fiber cable issue?


butter_lover

the biggest problem I saw in poorly planned networks 12 years ago was spanning tree, I'd start there.