[180017] in North American Network Operators' Group
Re: Low Cost 10G Router
daemon@ATHENA.MIT.EDU (Rodrigo 1telecom)
Tue May 19 18:06:27 2015
X-Original-To: nanog@nanog.org
From: Rodrigo 1telecom <rodrigo@1telecom.com.br>
In-Reply-To: <6632909F-4742-4C7C-A3DD-A73972DDCBA0@1telecom.com.br>
Date: Tue, 19 May 2015 19:08:05 -0300
To: Pavel Odintsov <pavel.odintsov@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
... This customer had a asr1002 , but have a crash on asr router and only ha=
ve this acx to up your link... Its a good test...
Enviado via iPhone =EF=A3=BF
Grupo Connectoway
> Em 19/05/2015, =C3=A0s 18:59, Rodrigo 1telecom <rodrigo@1telecom.com.br> e=
screveu:
>=20
> I know if is not possible to have a full routing on ex3300(low memory for i=
t) , but i never tried to do a default router on it( with EFL licence and so=
ftware above version 12)
> I have many bgp session with cisco 3750 switchs.. Traffic about 2gb on it.=
.. Have a peer( ebgp customer) with a acx2000( i know it have 10gb port) we s=
end to this router a default route only... And it have 1.5gb with us and mor=
e 1gb with other link provider...
> Enviado via iPhone =EF=A3=BF
> Grupo Connectoway
>=20
>> Em 19/05/2015, =C3=A0s 17:59, Pavel Odintsov <pavel.odintsov@gmail.com> e=
screveu:
>>=20
>> Hello!
>>=20
>> Yep, there are no existent open source routers yet exists. But there
>> are a lot of capabilities for this. We could just wait some time.
>>=20
>> But DPDK _definitely_ could process 64mpps and 40GE with deep
>> inspection and processing on enough cheap E5 2670v3 chips.
>>=20
>> Yes, definitely it's ideas about good future. They can't be used now
>> but they have really awesome outlook.
>>=20
>>=20
>>=20
>>>> On Tue, May 19, 2015 at 11:46 PM, <charles@thefnf.org> wrote:
>>>> On 2015-05-19 14:23, Pavel Odintsov wrote:
>>>>=20
>>>> Hello!
>>>>=20
>>>> Somebody definitely should build full feature router with
>>>> DPDK/netmap/pf_ring :)
>>>=20
>>>=20
>>> Netmap yes. The rest no. Why? Because netmap supports libpcap, which mea=
ns
>>> everything just works. Other solutions need porting.
>>> You are going along, someone mentions a neat new libpcap based tool on N=
ANOG
>>> and you want to try it out. If you've got DPDK/pf_ring, that means you a=
re
>>> now having to port it. That's a fair amount of effort to just eval
>>> $COOL_NEW_TOOL.
>>>=20
>>>=20
>>>=20
>>>>=20
>>>> I have finished detailed performance tests for all of them and could
>>>> achieve wire speed forwarding (with simple packet rewrite and checksum
>>>> calculation) with all of they.
>>>=20
>>>=20
>>> With what features applied? DPDK with a fairly full feature set (firewal=
l
>>> rules/dynamic routing/across a vpn tunnel/doing full l7 deep packet
>>> inspection) on straight commodity (something relatively recent gen xeon
>>> something many cores) hardware on $CERTAIN_POPULAR_RTOS seems to max out=
>>> ~5gbps from what my local neighborhood network testing nerds tell me.
>>>=20
>>> As always, your mileage will most certainly vary of course. The nice thi=
ng
>>> about commodity boxes is that you can just deploy the same "core kit" an=
d
>>> scale it up/down (ram/cpu/redundant psu) at your favorite vendors
>>> procurement portal (oh hey $systems_purchaser , can you order a couple e=
xtra
>>> boxes with that next set of a dozen boxes your buying with this SKU and t=
ake
>>> it out of my budget? Thx).
>>>=20
>>> You are still going to pay a pretty decent list price for boxes that can=
>>> reasonably forward AND inspect/block/modify at anything approaching line=
>>> rate over say 5gbps. Then you have things like the parallela board of co=
urse
>>> with it's FPGA. And you have CUDA cards. But staffing costs for someone w=
ho
>>> has FPGA(parallel in general)/sysadmin/netadmin skills.... well that's p=
ricy
>>> (and you'll want a couple of those in house if you do this at any kind o=
f
>>> scale). Or you could just contract them I suppose (say at like $700.00 p=
er
>>> hour or so?, which is what I'd charge to be a one man FPGA coding SDN
>>> slinging band since it's sort of like catching unicorns) Course you coul=
d
>>> just have your jack of all trades in house sys/net ops person and contra=
ct
>>> coding skills as needed.
>>>=20
>>> Don't think this will really save you money. It won't.
>>>=20
>>> Buy a Juniper. Seriously.
>>>=20
>>> (I have a 6509 in my house along with various switches/routers/wifi/voip=
>>> phones (all cisco). I'm not anti cisco by any means). But they are expen=
sive
>>> from what I hear. You get what you pay for though.
>>>=20
>>> What it will get you, is a very powerful and flexible solution that lets=
you
>>> manage at hyperscale with a unified command/control plane. It's DEVOPS 2=
.0
>>> (oooo I can fire my netadmins now like I fired my sysadmins after I gave=
dev
>>> full prod access? COOL!) (Yes I'm being incredibly sarcastic and don't
>>> actually believe that). :)
>>>=20
>>> Also look at onepk from cisco. It's kinda cool if you want SDN without
>>> having to fully build your own kit.
>>=20
>>=20
>>=20
>> --=20
>> Sincerely yours, Pavel Odintsov
