[c-nsp] Fwd: using *nix instead of Cisco routers

Kim Onnel karim.adel at gmail.com
Mon Mar 21 20:42:07 EST 2005 

Hi, 
I've taken this thread from OpenBSD list, probably more people here
has experienced this,


---------- Forwarded message ----------
From: Kim Onnel <karim.adel at gmail.com>
Date: Tue, 22 Mar 2005 03:36:43 +0200
Subject: Re: using OpenBSD instead of Cisco routers
To: Jason Ackley <jason at ackley.net>
Cc: Tony Sarendal <tony at polarcap.org>, misc at openbsd.org


I havent played with OpenBGP, Zebra or quagga much,

but i wonder, could there be features less supported on OpenBSD
routers than Cisco ones ??

have anyone used bsd for an internet router(full routing table),
i would be majorly interested in knowing others experience for this,
how did it take it?

I know ISPs use unix-based routers to do some security applications
thats for sure (blackholing, sink holing routers)
(www.cisco.com/global/DK/docs/presentations/SecuringTheDataplane.pdf)

I would most definitely be interested in starting a Lab using OpenBSD
routers, where i can test BGP,OSPF, MPLS without buying expensive
cisco gear,

and if you wanna compare, checkout Juniper routers, they have FreeBSD
under the hood, and they're kicking Cisco in the head
(http://www.farrokhi.net/blog/archives/000074.html)


On Mon, 21 Mar 2005 19:24:36 -0400 (AST), Jason Ackley <jason at ackley.net> wrote:
> On Mon, 21 Mar 2005, Tony Sarendal wrote:
>
> > I know this isn't a cisco list, but no cisco router below the GSR  with
> > engine2 line cards or better can do any form of real pps throughput reliably,
>
>  One of my favorite reads:
>
> "Implementing Access Lists on Cisco 12000 Series Internet Routers"
> http://www.cisco.com/warp/public/63/acl_12000.html
>
>  Quite a bit of limitations based on your ingress/egress cards and engine
>  types, even down to how many entries you can have and how many comparison
>  operators you can use.
>
>  They are good boxes, but you have to spend tons of $$ to really do
>  'everything'.. What, you actually wanted line rate performance, you
>  needed to buy the 'Enhanced' adapter..
>
>  The other aspects (as already mentioned by others) is support. You will
>  continue to pay on a yearly basis to keep the updates to IOS flowing.
>
>  Regarding the fiber comment by Jason C., there is a lack of the large
>  pipe WAN interfaces such as Packet Over SONET, but most providers
>  these days can hand off as GigE at the customer location when you buy
>  that much bandwidth anyways.
>
>  Some other things to keep in mind using OpenBSD as a router in
>  a service provider core:
>
>  1. Lack of channelized interfaces to serve as agg/edge routers
>
>     This directly impacts how many boxes you need to buy, and how
>     much floor space you need to support a given number of
>     connections/customers.
>
>     There are some interesting boxes out there that can take channelized
>     interfaces and speak 802.1q, but I have not played with them.
>
>  2. Lack of ASICs for a 'fast path' (cisco-speak).
>    o The LSR2 was set with i386:
>      http://proj.sunet.se/LSR2/
>
>  3. MPLS/ATM/Frame-Relay protocols
>    o No MPLS - may not be important to you
>    o basic ATM - may not be important to you
>    o No FR - this goes back to #1 tho, take that $$ you saved on your
>      Crisco and get one of those boxes to speak 802.1q to your OpenBSD
>      box.
>
>  Don't get me wrong, I love OpenBSD routers. If you are in a telco setup,
>  make sure you get good -48VDC rackmount systems and you will run forever.
>
>  Interfaces I use with OpenBSD routers:
>
>  FastEthernet/GigabitEthernet (with 802.1q trunking)
>  PCI DS3     - (lmc)
>  PCI T1      - (lmc)
>  PCI OC3 ATM -  I think I am the only use of the en driver :)
>
> cheers,
> --
> jason
>
>

More information about the cisco-nsp mailing list