New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Budget BGP (cisco)
FalconInternet
Member
in Providers
I've been running Vyatta Software Routers for about 3 years now. Never had a problem. Every year or so, I like to check out aging Cisco Routers that may do a better job.
Since Vyatta got destroyed by Brocade, I've been looking at other solutions. Are there any decent Cisco Routers capable of handling 2x1GB Connections with Full Routes from each ISP (Level 3 & twTelecom). I'm looking for something used that can handle it but I don't want to pay $3500 per router either. I looked at RouterOS, but until they do multi-core BGP, I don't really trust the platform yet.
Comments
If you don't need the full BGP tables it can be easy and cheap. But cisco routers capable of handling the full (500K+) BGP tables are not cheap, even at the second hand market.
PFSense may do, it is a freebsd firewall / router. Bring your own hardware too
If you like Vyatta you'll love Ubiquiti's EdgeRouters. Replaced 2 Vyatta routers with 2 ERLites and they were amazing. So much power for under $120 shipped. If you need full BGP tables the non-Lite versions will better suit your needs (Pro is $369 + shipping).
The problem with all of this is if you get hit by a high PPS flood, these lowend routers (there is a good new website name) will just fall over.
VyOS was forked and is actively developed. I have been using it in production with multiple BGP sessions, no problems.
Can vouch for Ubiquiti's stuff but I would skip the EdgeRouter Lite if you're doing BGP. It is just not powerful enough as far as CPU and RAM. Go straight to the EdgeRouter or EdgeRouter Pro.
ERLite can do 1Mpps, Pro can do 2Mpps. Not bad if you compare it to a Cisco router at the same price point.
How large is your budget? Are you tied to Cisco, or would you consider another brand? Does it have to do full tables, or would you be willing to accept a bit less than full tables?
@KuJoe - 1Mpps sounds great for marketing material but what is the REAL max pps? What size is that packet? What interface type is that over? Is it over a single interface or spread across 10 different interfaces.
Take our T1600's they are advertised at 1.92 billion PPS but that is when the wind is in the right direction and everything is optimal. But in the real world you can get slammed hard with 1Mpps over a single interface and things rapidly deteriorate.
Start tweaking headers of packets and router load can go insane even with low KPPS and so on.
For FE then sure soft-routers / WISP-routers are fine, but if you are going to be doing multi-gigabit with policies then you need to scale your router accordingly.
They actually push that over multiple interfaces @ 64 byte packets, as long as they aren't doing connection tracking or something else that disables hardware offload.
When you're scaling to multi-gigabit links it's important to understand application/financial requirements and use hardware appropriately. Everyone loves to have hardware that can push line rate @ 64 byte packets, but sometimes that's not necessary or feasible. Life sucks and then you work with what the bean counters give you.
@Microlinux - So if someone floods your router's primary interface(s) with full-sized UDP packet thats going to die rather rapidly.
To put this into perspective, there isn't a day that goes past where we don't see multiple attacks of this nature. Both from external IPs as well as internal ones.
Well yeah. If the uplink is running hot, no amount of router horsepower will help you.
Undoubtedly. Your situation is not everyone else's situation.
Then, like I said, there are the times were you simply don't have a choice and you have to make the best of it. We all wish we had unlimited resources to throw at problems, that's not always the case and you get by with the best solution you can make work.
There are plenty of 'cheap' Juniper routers out there - M7's, M10's, M20's, M40's, M160's. In fact I think we've got a load of them in St Louis that we've been ripping out from companies we bought, so if the OP needs something like that then we maybe able to help. These will end up being sold for scrap metal like the last lot.
The other option for the OP is to buy managed transit from your colo provider, that way they'll take care of this cost and deliver you a network port.
If he's using Vyatta then Ubiquiti Edge Routers are a huge step up. The most PPS I could push over Vyatta was about 300k PPS before it cut out.
I was able to push ~1Mpps over Vyatta - In a dual L5520 + Intel Pro nics (2x1GE uplink, 2x1GE downlink)
Nice, dual L5420s started seeing packet loss during a 250Kpps attack. Now if only it didn't take an amp and a half to run that though. ERLites use about a quarter of an amp so they are cheaper than a 1U server and cost a fraction to run.
FreeBSD 10.1 w/ a patched OpenBGPd is, in my opinion, the best free software routing platform.
If you have money, csr1000v / vmx are better solutions.
IIRC with Vyatta you need a fully supported NIC or else you'll have those issues.
False, really.
SR-IOV/DPDK isn't used there either way, anything the kernel can address reliably works. HW offloading / checksumming however is different.
Software router can be fast. Alcatel-Lucent can route up to 320 Gbit/s with a single server in software.
On FreeBSD and NetBSD I have had fantastic performance. I ran a couple of very busy route servers (obviously BGP speakers only not actually routing traffic) for 4 years, zero down time.
OpenBGPd config is very simple and I like the syntax. But we used that at my emplyer and there were some serious bugs so we switched to brocade. You should also know, that one fulltable is too much for an EdgeRouter (uses almost all RAM). Another possibility is Quagga on a debian machine.
It uses 2GB of RAM?? Ouch!
There's not only BGP but also the OS, some other Routing Protocols, the Webinterface, Zebra, BGPd, ...
Here's the RAM usage for a EdgeRouter Pro with 2 BGP feeds with full tables (536MB):
https://community.ubnt.com/t5/image/serverpage/image-id/23392iC15D3FB34095BA79/image-size/original?v=mpbl-1&px=-1
According to Ubiquiti, the RAM modules can be upgraded so if you need more RAM, just add it and it will still be cheaper than any decent Cisco.
Links for more info:
https://community.ubnt.com/t5/EdgeMAX/Full-Tables-on-Edge-Router-Pro/td-p/770822
https://community.ubnt.com/t5/EdgeMAX/EdgeRouter-Pro-RAM-Upgrade/td-p/653451
What about bird|quagga or even openbgpd? The last is used by AMS-IX.
Take fast xeons, 64GB ram, ssds and you're done.
If you really need hardware solution, try to find used brocade mlx-e or cisco 6500 platform.
For everyone using ubnt edgerouters - it's really unstable on high pps. Ubiquity never finish their OS - airos, aircams, vyos. This is only for small or medium business.
OK, thats an EdgeRouter Pro. I tested EdgeRouter PoE (I think it was with 512M RAM)
Exactly, good for WISPs or small traffic.
The OP should just bite the bullet and buy a proper hardware router.
@FalconInternet - Where are you colocated?
Yeah, the ER Lite/POE only has 512MB. The normal and Pro versions come with 2GB of RAM for under $400 shipped.
Ubiquiti's Edge Router's OS is basically Vyatta 6.3 with added features and a web interface.
@KuJoe
I know. But it was customized by ubiquiti.