I think the issue, is that don't expect to build your own router using linux/bsd etc.. There are too many kernel parameters to tweak to make it optimal (unless a suboptimal router is ok with your environment) You need people that understand network and the appliance they sell you. Why Cisco is reliable (and expensive), because they give you that experience... Software based router can give you that experience if they are backed by a team that know what they are doing. ----- Original Message ----- From: "Robert Bays" <robert@gdk.org> To: nanog@nanog.org Sent: Wednesday, 14 July, 2010 10:08:30 AM Subject: Re: Vyatta as a BRAS On 7/13/10 10:56 AM, Dobbins, Roland wrote:
On Jul 14, 2010, at 12:39 AM, <khatfield@socllc.net> <khatfield@socllc.net> wrote:
I haven't done real world testing with Vyatta but we consistently pass 750KPPS+ without the slightest hiccup on our FreeBSD routing systems.
750kpps packeting the box itself?
Also, note that kpps is a small amount of traffic, compared to what even very small botnets can dish out.
I work for Vyatta. We regularly see 700+kpps per core using a Nehalem class cpu with higher rates possible in tuned systems. On a multi-core system this translates to a fairly high level of throughput. To echo an earlier post, Linux can comfortably handle gigabit. It wasn't too long ago that this wasn't the case. The growth in the number of cores available to the end user, the introduction of multi-queue nics, the move away from the FSB architecture towards QPI, ever faster PCIe... The technology is directionally trending towards faster, more consistent network throughputs whether your Linux host is acting as a router, firewall, web server, or whatever. There are activities taking place on the software front as well to increase speed and consistency in the realms of forwarding and firewall, including technologies that separate the control and forwarding planes. There is still headroom available in commodity compute to scale further. I will be the first to admit that Vyatta won't work for everyone. We still have a lot of work to do for our system to fit seamlessly in some environments. But, the bet that we have made is that commodity compute coupled with the amazing OSS dev community can keep pace with a good portion of the networking worlds needs. So far, that bet looks like a good one. To discount all software routing running on general purpose processors as being antiquated seems to me to be premature, especially given the various vendors interests as more functionality migrates into the cloud. As that happens commodity components in the cloud fabric will necessarily need to behave more like network appliances. Cheers, Robert.