Linux BNG

Grant Taylor gtaylor at
Sat Jul 14 17:26:27 UTC 2018

I agree with all aspects.

On 07/14/2018 11:09 AM, Raymond Burkholder wrote:
> As mentioned earlier, why make the core boxes do all of the work?  Why 
> not distribute the functionality out to the edge?  Rather than using 
> traditional switch gear at the edge, use smaller Linux boxes to handle 
> all that complicated edge manipulation, and then keep your high 
> bandwidth core boxes pushing packets only
But I do ask:

Do you (the ISP) control the CPE (modem / ONT)?  Could you push the 
VxLAN (or maybe MPLS) functionality all the way into it?

This would have the added advantage of a (presumably) trusted device 
providing the identification back to your core equipment.

Perhaps even minimal L3 routing w/ DHCP helper such that the customer 
saw the CPE as the default gateway.  (Though this might burn a lot more 
IPs.  This might not be an issue if you're using CGNAT.)

Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <>

More information about the NANOG mailing list