Vyatta as a BRAS

Nick Hilliard nick at foobar.org
Tue Jul 13 19:05:21 UTC 2010


On 13/07/2010 16:07, Curtis Maurand wrote:
> On 7/13/2010 4:53 AM, Dobbins, Roland wrote:
>> When a single botted/misbehaving host easily can take down a
>> software-based BRAS, that's a pretty strong indication that
>> software-based edge devices are contraindicated, heh.
>>
>> Software-based edge devices have been obsolete for a long time, now. 
>> They're a great risk to operators who've yet to replace them with
>> hardware-based devices.
>>    
> 
> They are all software based, no matter who builds them.  Cisco IOS,
> Juniper JunOS, etc.

I think Roland's point was that on "hardware routers", there is a
separation of function between the control and the forwarding planes, and
that the forwarding plane is designed to be able to transmit data in an
efficient parallel manner.  I.e. on a well-designed hardware router, if you
trash the data path on the router through ingress A and egress B, the
damage stops there: the control plane is unaffected and ingress C to egress
D is also ok (for arbitrary values of C and D).

Depending on your configuration, this may or may not be important to your
IP connectivity requirements.  For many - if not most - companies, it is.

Nick




More information about the NANOG mailing list