Zebra Router???

Kevin Day toasty at dragondata.com
Sun Apr 20 06:36:25 UTC 2003

At 01:10 AM 4/20/2003, Richard A Steenbergen wrote:
>As much as I hate to say this, stock FreeBSD makes a terrible high
>performance router. The route-cache is horribly out of date with modern
>techniques, and there just aren't that many wackjobs out there trying to
>shove a hungred megs through a unix box to fully debug it (with the
>exception of a certain notoriously cheap people who will probably respond
>to this email talking about their success with FORE ATM OC3 cards :P).

Ok, I'll bite. We're routinely shoving 500mbps through our FreeBSD system 
running zebra, and we've never hit the 50% cpu mark. 3 GigE BGP peers 
passing me a full table and one GigE LAN interface, a few VLANs, lengthy 
IPFW rules, and tons of "count" rules so I can MRTG each IP passing through 
it. In some off network synthetic testing, I easily maxed out our GigE LAN 
interface before the router dropped a packet. All this on a $1800 Dell 
server with a $150 Intel PCI-X card slapped in there. This system's been up 
for 6 months now. Zero crashes, zero hung interfaces, zero problems.

I'm not saying a FreeBSD+Zebra system is going to do everything that your 
high end router will, but I haven't run into anything that I couldn't find 
some way of doing with the tools that I had. IPFW, Dummynet, tcpdump and 
other tools that come "stock" have saved me quite a bit of effort over some 
other much more costly solutions that couldn't do some things that we 
depend on now.

I know quite a few would consider this a bit of ghetto networking, but I've 
even worked out a pretty reliable hot-standby system for all our web 
servers by running zebra/bgpd on each of them and having them announce 
/32's for the IP's that the web server is listening on to a route 
reflector. Have another box setup as a standby system announcing the same 
/32 to our router with higher metric, and the failover is instant. No extra 
hardware, no fancy load balancers, and the web servers don't even have to 
know anything happened.

Zebra/FreeBSD aren't the best things out there, but when you have 
essentially no budget, there are a lot of us out there who've figured out 
how to make our networks operate pretty well.

I really don't mean this as a flame, Richard... Just that I think a lot of 
people out there have discounted this without trying it or researching what 
others have gotten to work. Not all of us have the luxury of working 
somewhere where not being "cheap" is an option. :)

-- Kevin

More information about the NANOG mailing list