[180016] in North American Network Operators' Group
Re: Low Cost 10G Router
daemon@ATHENA.MIT.EDU (Rodrigo 1telecom)
Tue May 19 17:58:09 2015
X-Original-To: nanog@nanog.org
From: Rodrigo 1telecom <rodrigo@1telecom.com.br>
In-Reply-To: <CALgsdbfGcRgd=JKLy2P_q7TkEwSEAyCDcb_2X+FoeC=EcK2nNA@mail.gmail.com>
Date: Tue, 19 May 2015 18:59:46 -0300
To: Pavel Odintsov <pavel.odintsov@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
I know if is not possible to have a full routing on ex3300(low memory for it=
) , but i never tried to do a default router on it( with EFL licence and sof=
tware above version 12)
I have many bgp session with cisco 3750 switchs.. Traffic about 2gb on it...=
Have a peer( ebgp customer) with a acx2000( i know it have 10gb port) we se=
nd to this router a default route only... And it have 1.5gb with us and more=
1gb with other link provider...
Enviado via iPhone =EF=A3=BF
Grupo Connectoway
> Em 19/05/2015, =C3=A0s 17:59, Pavel Odintsov <pavel.odintsov@gmail.com> es=
creveu:
>=20
> Hello!
>=20
> Yep, there are no existent open source routers yet exists. But there
> are a lot of capabilities for this. We could just wait some time.
>=20
> But DPDK _definitely_ could process 64mpps and 40GE with deep
> inspection and processing on enough cheap E5 2670v3 chips.
>=20
> Yes, definitely it's ideas about good future. They can't be used now
> but they have really awesome outlook.
>=20
>=20
>=20
>> On Tue, May 19, 2015 at 11:46 PM, <charles@thefnf.org> wrote:
>>> On 2015-05-19 14:23, Pavel Odintsov wrote:
>>>=20
>>> Hello!
>>>=20
>>> Somebody definitely should build full feature router with
>>> DPDK/netmap/pf_ring :)
>>=20
>>=20
>> Netmap yes. The rest no. Why? Because netmap supports libpcap, which mean=
s
>> everything just works. Other solutions need porting.
>> You are going along, someone mentions a neat new libpcap based tool on NA=
NOG
>> and you want to try it out. If you've got DPDK/pf_ring, that means you ar=
e
>> now having to port it. That's a fair amount of effort to just eval
>> $COOL_NEW_TOOL.
>>=20
>>=20
>>=20
>>>=20
>>> I have finished detailed performance tests for all of them and could
>>> achieve wire speed forwarding (with simple packet rewrite and checksum
>>> calculation) with all of they.
>>=20
>>=20
>> With what features applied? DPDK with a fairly full feature set (firewall=
>> rules/dynamic routing/across a vpn tunnel/doing full l7 deep packet
>> inspection) on straight commodity (something relatively recent gen xeon
>> something many cores) hardware on $CERTAIN_POPULAR_RTOS seems to max out
>> ~5gbps from what my local neighborhood network testing nerds tell me.
>>=20
>> As always, your mileage will most certainly vary of course. The nice thin=
g
>> about commodity boxes is that you can just deploy the same "core kit" and=
>> scale it up/down (ram/cpu/redundant psu) at your favorite vendors
>> procurement portal (oh hey $systems_purchaser , can you order a couple ex=
tra
>> boxes with that next set of a dozen boxes your buying with this SKU and t=
ake
>> it out of my budget? Thx).
>>=20
>> You are still going to pay a pretty decent list price for boxes that can
>> reasonably forward AND inspect/block/modify at anything approaching line
>> rate over say 5gbps. Then you have things like the parallela board of cou=
rse
>> with it's FPGA. And you have CUDA cards. But staffing costs for someone w=
ho
>> has FPGA(parallel in general)/sysadmin/netadmin skills.... well that's pr=
icy
>> (and you'll want a couple of those in house if you do this at any kind of=
>> scale). Or you could just contract them I suppose (say at like $700.00 pe=
r
>> hour or so?, which is what I'd charge to be a one man FPGA coding SDN
>> slinging band since it's sort of like catching unicorns) Course you could=
>> just have your jack of all trades in house sys/net ops person and contrac=
t
>> coding skills as needed.
>>=20
>> Don't think this will really save you money. It won't.
>>=20
>> Buy a Juniper. Seriously.
>>=20
>> (I have a 6509 in my house along with various switches/routers/wifi/voip
>> phones (all cisco). I'm not anti cisco by any means). But they are expens=
ive
>> from what I hear. You get what you pay for though.
>>=20
>> What it will get you, is a very powerful and flexible solution that lets y=
ou
>> manage at hyperscale with a unified command/control plane. It's DEVOPS 2.=
0
>> (oooo I can fire my netadmins now like I fired my sysadmins after I gave d=
ev
>> full prod access? COOL!) (Yes I'm being incredibly sarcastic and don't
>> actually believe that). :)
>>=20
>> Also look at onepk from cisco. It's kinda cool if you want SDN without
>> having to fully build your own kit.
>=20
>=20
>=20
> --=20
> Sincerely yours, Pavel Odintsov
