Low Cost 10G Router

Tue May 19 21:59:46 UTC 2015

I know if is not possible to have a full routing on ex3300(low memory for it) , but i never tried to do a default router on it( with EFL licence and software above version 12)
I have many bgp session with cisco 3750 switchs.. Traffic about 2gb on it... Have a peer( ebgp customer) with a acx2000( i know it have 10gb port) we send to this router a default route only... And it have 1.5gb with us and more 1gb with other link provider...
Enviado via iPhone 
Grupo Connectoway

> Em 19/05/2015, às 17:59, Pavel Odintsov <pavel.odintsov at gmail.com> escreveu:
> 
> Hello!
> 
> Yep, there are no existent open source routers yet exists. But there
> are a lot of capabilities for this. We could just wait some time.
> 
> But DPDK _definitely_ could process 64mpps and 40GE with deep
> inspection and processing on enough cheap E5 2670v3 chips.
> 
> Yes, definitely it's ideas about good future. They can't be used now
> but they have really awesome outlook.
> 
> 
> 
>> On Tue, May 19, 2015 at 11:46 PM,  <charles at thefnf.org> wrote:
>>> On 2015-05-19 14:23, Pavel Odintsov wrote:
>>> 
>>> Hello!
>>> 
>>> Somebody definitely should build full feature router with
>>> DPDK/netmap/pf_ring :)
>> 
>> 
>> Netmap yes. The rest no. Why? Because netmap supports libpcap, which means
>> everything just works. Other solutions need porting.
>> You are going along, someone mentions a neat new libpcap based tool on NANOG
>> and you want to try it out. If you've got DPDK/pf_ring, that means you are
>> now having to port it. That's a fair amount of effort to just eval
>> $COOL_NEW_TOOL.
>> 
>> 
>> 
>>> 
>>> I have finished detailed performance tests for all of them and could
>>> achieve wire speed forwarding (with simple packet rewrite and checksum
>>> calculation) with all of they.
>> 
>> 
>> With what features applied? DPDK with a fairly full feature set (firewall
>> rules/dynamic routing/across a vpn tunnel/doing full l7 deep packet
>> inspection) on straight commodity (something relatively recent gen xeon
>> something many cores) hardware on $CERTAIN_POPULAR_RTOS seems to max out
>> ~5gbps from what my local neighborhood network testing nerds tell me.
>> 
>> As always, your mileage will most certainly vary of course. The nice thing
>> about commodity boxes is that you can just deploy the same "core kit" and
>> scale it up/down (ram/cpu/redundant psu) at your favorite vendors
>> procurement portal (oh hey $systems_purchaser , can you order a couple extra
>> boxes with that next set of a dozen boxes your buying with this SKU and take
>> it out of my budget? Thx).
>> 
>> You are still going to pay a pretty decent list price for boxes that can
>> reasonably forward AND inspect/block/modify at anything approaching line
>> rate over say 5gbps. Then you have things like the parallela board of course
>> with it's FPGA. And you have CUDA cards. But staffing costs for someone who
>> has FPGA(parallel in general)/sysadmin/netadmin skills.... well that's pricy
>> (and you'll want a couple of those in house if you do this at any kind of
>> scale). Or you could just contract them I suppose (say at like $700.00 per
>> hour or so?, which is what I'd charge to be a one man FPGA coding SDN
>> slinging band since it's sort of like catching unicorns) Course you could
>> just have your jack of all trades in house sys/net ops person and contract
>> coding skills as needed.
>> 
>> Don't think this will really save you money. It won't.
>> 
>> Buy a Juniper. Seriously.
>> 
>> (I have a 6509 in my house along with various switches/routers/wifi/voip
>> phones (all cisco). I'm not anti cisco by any means). But they are expensive
>> from what I hear. You get what you pay for though.
>> 
>> What it will get you, is a very powerful and flexible solution that lets you
>> manage at hyperscale with a unified command/control plane. It's DEVOPS 2.0
>> (oooo I can fire my netadmins now like I fired my sysadmins after I gave dev
>> full prod access? COOL!) (Yes I'm being incredibly sarcastic and don't
>> actually believe that). :)
>> 
>> Also look at onepk from cisco. It's kinda cool if you want SDN without
>> having to fully build your own kit.
> 
> 
> 
> -- 
> Sincerely yours, Pavel Odintsov