[127742] in North American Network Operators' Group
Re: Vyatta as a BRAS
daemon@ATHENA.MIT.EDU (Curtis Maurand)
Tue Jul 13 11:05:58 2010
Date: Tue, 13 Jul 2010 11:05:09 -0400
From: Curtis Maurand <cmaurand@xyonet.com>
To: nanog@nanog.org
In-Reply-To: <711A949B-79BD-4995-85F8-4155A2452C00@suspicious.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 7/13/2010 2:56 AM, Truman Boyes wrote:
> On 13/07/2010, at 4:50 PM, Dobbins, Roland wrote:
>
>
>> On Jul 13, 2010, at 1:34 PM, Sharef Mustafa wrote:
>>
>>
>>> do you recommend it?
>>>
>>
>> My comment would be that a software-based BRAS - 7200, Vyatta, et. al. - is no longer viable in today's Internet, and hasn't been for years, due to security/availability concerns. Same for peering/transit edge, customer aggregation edge, et. al.
>>
>> -----------------------------------------------------------------------
>> Roland Dobbins<rdobbins@arbor.net> //<http://www.arbornetworks.com>
>>
>> Injustice is relatively easy to bear; what stings is justice.
>>
>> -- H.L. Mencken
>>
> A low cost 7200 or ERX-310 would easily fit the bill, and you can buy them cheap these days.
>
>
Cisco may be a lot of things, but low cost is not one of them.
I've been running Vyatta on a small 1U Supermicro Server (cost $600.00)
for over one year. It handles all of our VPN traffic and is the main
router for our fiber connection. Except for dropping a tunnel every now
and then its been flawless. I've set up a cron job to monitor the VPN
and restart any tunnel that might drop. No tunnel is ever down for more
than a minute.
router:~# uptime
11:01:52 up 377 days, 17:22, 1 user, load average: 0.00, 0.00, 0.00
--Curtis
