[127735] in North American Network Operators' Group
Re: Vyatta as a BRAS
daemon@ATHENA.MIT.EDU (Truman Boyes)
Tue Jul 13 02:56:37 2010
From: Truman Boyes <truman@suspicious.org>
In-Reply-To: <2DBC2701-5719-4156-9B44-E31DA93288BA@arbor.net>
Date: Tue, 13 Jul 2010 16:56:16 +1000
To: "Dobbins, Roland" <rdobbins@arbor.net>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 13/07/2010, at 4:50 PM, Dobbins, Roland wrote:
>=20
> On Jul 13, 2010, at 1:34 PM, Sharef Mustafa wrote:
>=20
>> do you recommend it?
>=20
>=20
> My comment would be that a software-based BRAS - 7200, Vyatta, et. al. =
- is no longer viable in today's Internet, and hasn't been for years, =
due to security/availability concerns. Same for peering/transit edge, =
customer aggregation edge, et. al.
>=20
> =
-----------------------------------------------------------------------
> Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
>=20
> Injustice is relatively easy to bear; what stings is justice.
>=20
> -- H.L. Mencken
I agree. In a bind I have seen small providers experiment with =
FreeBSD/Linux L2TP termination (as a LNS), I would recommend against it =
if you have a business that depends upon these customers' happiness. =
There were all sorts of issues to address when the customer ran =
significant traffic forwarding through the unix boxes, namely adjusting =
kernel parameters for NMB_CLUSTERS, heap sizes, all sorts of sysctl =
parameters, adding additional interface counts, etc. A low cost 7200 or =
ERX-310 would easily fit the bill, and you can buy them cheap these =
days.=20
Cheers,
Truman
