The Making of a Router
Justin M. Streiner
streiner at cluebyfour.org
Fri Dec 27 12:23:36 UTC 2013
On Thu, 26 Dec 2013, Andrew D Kirch wrote:
> If he can afford a 10G link... he should be buying real gear... I mean,
> look, I've got plenty of infrastructure horror stories, but lets not cobble
> together our own 10gbit solutions, please? At least get one of the new
> microtik CCR's with a 10gig sfp+? They're only a kilobuck... If you can't
> afford that I suggest you can't afford to be an ISP.
Build-your-own routers are perfectly OK for a lab environment if you want
to tinker with something, but I absolutely would not put an all-in-one box
that I built myself in production. You end up combining some of the
downsides of a hardware-based router with some of the downsides of a
server (new attack vectors, another device that needs to be backed up,
patched, and monitored, possibly getting a new collection of devices and
drivers to play nicely with each other, etc).
Doing this also requires all of the people in your on-call rotation to be
experienced sysadmins / server ops, in addition to being experiences
network engineers / NOC ops. There are a lot of occasions with a server
where 'just reboot it' can make a problem much worse.
Route servers running Linux or *BSD are another story. There are many
situations where they can be extremely useful, but they are not all-in-one
route server/RADIUS/VPN termination/web server/user shell boxes.
More information about the NANOG