Low Cost 10G Router

Tue May 19 22:08:05 UTC 2015

... This customer had a asr1002 , but have a crash on asr router and only have this acx to up your link... Its a good test...

Enviado via iPhone 
Grupo Connectoway

> Em 19/05/2015, às 18:59, Rodrigo 1telecom <rodrigo at 1telecom.com.br> escreveu:
> 
> I know if is not possible to have a full routing on ex3300(low memory for it) , but i never tried to do a default router on it( with EFL licence and software above version 12)
> I have many bgp session with cisco 3750 switchs.. Traffic about 2gb on it... Have a peer( ebgp customer) with a acx2000( i know it have 10gb port) we send to this router a default route only... And it have 1.5gb with us and more 1gb with other link provider...
> Enviado via iPhone 
> Grupo Connectoway
> 
>> Em 19/05/2015, às 17:59, Pavel Odintsov <pavel.odintsov at gmail.com> escreveu:
>> 
>> Hello!
>> 
>> Yep, there are no existent open source routers yet exists. But there
>> are a lot of capabilities for this. We could just wait some time.
>> 
>> But DPDK _definitely_ could process 64mpps and 40GE with deep
>> inspection and processing on enough cheap E5 2670v3 chips.
>> 
>> Yes, definitely it's ideas about good future. They can't be used now
>> but they have really awesome outlook.
>> 
>> 
>> 
>>>> On Tue, May 19, 2015 at 11:46 PM,  <charles at thefnf.org> wrote:
>>>> On 2015-05-19 14:23, Pavel Odintsov wrote:
>>>> 
>>>> Hello!
>>>> 
>>>> Somebody definitely should build full feature router with
>>>> DPDK/netmap/pf_ring :)
>>> 
>>> 
>>> Netmap yes. The rest no. Why? Because netmap supports libpcap, which means
>>> everything just works. Other solutions need porting.
>>> You are going along, someone mentions a neat new libpcap based tool on NANOG
>>> and you want to try it out. If you've got DPDK/pf_ring, that means you are
>>> now having to port it. That's a fair amount of effort to just eval
>>> $COOL_NEW_TOOL.
>>> 
>>> 
>>> 
>>>> 
>>>> I have finished detailed performance tests for all of them and could
>>>> achieve wire speed forwarding (with simple packet rewrite and checksum
>>>> calculation) with all of they.
>>> 
>>> 
>>> With what features applied? DPDK with a fairly full feature set (firewall
>>> rules/dynamic routing/across a vpn tunnel/doing full l7 deep packet
>>> inspection) on straight commodity (something relatively recent gen xeon
>>> something many cores) hardware on $CERTAIN_POPULAR_RTOS seems to max out
>>> ~5gbps from what my local neighborhood network testing nerds tell me.
>>> 
>>> As always, your mileage will most certainly vary of course. The nice thing
>>> about commodity boxes is that you can just deploy the same "core kit" and
>>> scale it up/down (ram/cpu/redundant psu) at your favorite vendors
>>> procurement portal (oh hey $systems_purchaser , can you order a couple extra
>>> boxes with that next set of a dozen boxes your buying with this SKU and take
>>> it out of my budget? Thx).
>>> 
>>> You are still going to pay a pretty decent list price for boxes that can
>>> reasonably forward AND inspect/block/modify at anything approaching line
>>> rate over say 5gbps. Then you have things like the parallela board of course
>>> with it's FPGA. And you have CUDA cards. But staffing costs for someone who
>>> has FPGA(parallel in general)/sysadmin/netadmin skills.... well that's pricy
>>> (and you'll want a couple of those in house if you do this at any kind of
>>> scale). Or you could just contract them I suppose (say at like $700.00 per
>>> hour or so?, which is what I'd charge to be a one man FPGA coding SDN
>>> slinging band since it's sort of like catching unicorns) Course you could
>>> just have your jack of all trades in house sys/net ops person and contract
>>> coding skills as needed.
>>> 
>>> Don't think this will really save you money. It won't.
>>> 
>>> Buy a Juniper. Seriously.
>>> 
>>> (I have a 6509 in my house along with various switches/routers/wifi/voip
>>> phones (all cisco). I'm not anti cisco by any means). But they are expensive
>>> from what I hear. You get what you pay for though.
>>> 
>>> What it will get you, is a very powerful and flexible solution that lets you
>>> manage at hyperscale with a unified command/control plane. It's DEVOPS 2.0
>>> (oooo I can fire my netadmins now like I fired my sysadmins after I gave dev
>>> full prod access? COOL!) (Yes I'm being incredibly sarcastic and don't
>>> actually believe that). :)
>>> 
>>> Also look at onepk from cisco. It's kinda cool if you want SDN without
>>> having to fully build your own kit.
>> 
>> 
>> 
>> -- 
>> Sincerely yours, Pavel Odintsov