Slashdot: News for Nerds


Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Open-Source Router to Take on Cisco?

ScuttleMonkey posted more than 8 years ago | from the combatting-security-by-obscurity dept.


ickypick writes to tell us that CNN is running an article about the emergence of an OpenSource Router product, currently in Beta, that targets mid-size enterprise customers for about one-fifth the cost of current enterprise networking giants' hardware. From the article: "The machine runs on two Intel chips, but far more noteworthy is its software, known as XORP, or extensible open router platform. The versatile open-source application can direct data traffic for a giant corporation as easily as it can manage a home Wi-Fi network." The current release is available for download from Vyatta's web site."

cancel ×



solosaint (699000) | more than 8 years ago | (#14862667)

how is this different from FRISCO

FRISCO? (5, Interesting)

nurb432 (527695) | more than 8 years ago | (#14862695)

Dont you mean FreeSCO?

and that runs on pc hardware, this appears to be on custom hardware that can actually do the job. Using pc hardware only works for a small business.. the bandwidth isnt there.

Re:FRISCO? (4, Interesting)

ross.w (87751) | more than 8 years ago | (#14862870)

I used to use Freesco for my home network running on an old Pentium 133. It is one of the easiest products of this type to set up and one of the few that works for dial-up.

WHen I switched to ADSL Broadband, I needed a modem anyway, and for a small price difference, I bought one with a router/firewall built into it that has an easy to use web based interface.

My Freesco box served me well, but my power bills and the noise level in my study both dropped when I retired it.

Freesco is a good, easy to use and versatile product, but If all you need is a home firewall/router, there are easier ways that aren't really more expensive, even when the box and software are free.

Re:FRISCO? (1)

nurb432 (527695) | more than 8 years ago | (#14862923)

Oh, wasnt knocking it, freesco is a wonderful thing.. ( and I still carry a copy in my toolkit, 'just in case' )

Only meant that commodity pc hardware wont hold up under anything larger then a small busines.

Re:FRISCO (1, Informative)

BertieBaggio (944287) | more than 8 years ago | (#14863007)

Well, this is a router that runs on custom hardware; not a city in Texas. (Yes, or a nickname for a certain city in the Bay Area...)

But yes, FREESCO is "A small free firewall router intended as a replacement for more costly commercial products." And, if you are wondering... "The name stands for FREE ciSCO". They have a website [] , and a very helpful group of friendly support forum [not located in NJ, I might add].

Disclaimer: I'm not affiliated with FREESCO, but my router does run their software on a very old PC. Does the job very nicely, too.

I foresee a day (5, Insightful)

kc0re (739168) | more than 8 years ago | (#14862668)

Seems like everything is Open Source now. (No, I am not complaining, i am backing it)

We have Routers, Firewalls, IDS/IPS's, OS's, Word Processors, Spreadsheets, Presenting software. Hell. I would love to see an experiment where an entire corporate network was made, entirely of Open Source products (except for the hardware of course). From Routers to firewalls to .... You name it.

That would be an interesting, and totally free network.
Also very complicated

Re:I foresee a day (-1, Flamebait)

Anonymous Coward | more than 8 years ago | (#14862686)

the open source fanbois wont be happy untill they have open source hardware as well.

Re:I foresee a day (1)

charlesnw (843045) | more than 8 years ago | (#14862696)

There is no real exchange replacement that is 100% open source. My project is looking to change that. [] is the website.

Re:I foresee a day (0)

Anonymous Coward | more than 8 years ago | (#14862960)

What's openexchange then?

Re:I foresee a day (1)

leenks (906881) | more than 8 years ago | (#14863003)

How about open-xchange [] or OpenGroupware?

Re:I foresee a day (5, Funny)

Anonymous Coward | more than 8 years ago | (#14862723)

--Seems like everything is Open Source now.--

everything but the women...

you have to pay oodles up front and, eventually, you find out the eula isn't what you where led to believe, the eula changes over time and, worst of all, the source is closed. and i mean *closed*.

Re:I foresee a day (1)

chris_mahan (256577) | more than 8 years ago | (#14862739)

I think what you're trying to say is that the app doesn't degrade gracefully.

Re:I foresee a day (3, Interesting)

networkBoy (774728) | more than 8 years ago | (#14862731)

For this to happen it must be in the right order:

1) OSS proponent founds business
2) business grows and stayes with OSS
3) Lower expense in IT infrastructure
4) 1/profit!

Really though, the hard part is winning over an existing business. Starting up with OSS would be magnatudes easier than converting.

Jesus. Just Jesus. (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#14862839)

Oh good fucking Lord! A more blatent attempt at ass-kissing Karma whoreing there never was!

Re:Jesus. Just Jesus.!~ (0)

Anonymous Coward | more than 8 years ago | (#14862879)

Perhaps not.

I will refrain from using my corporate name because about 95% of the people that read Slashdot will know it... but we use ALOT of open source projects. Almost no bought or propretary software (we have a small subset of Windows users), but that's it. We use OpenOffice and basically non-Microsoft programs. (We use alot of macs, and iWork and such).. but it seems to work well. Couple extra steps, and no blackberry's (we use Treos, cause our email is imap)

but for the most part our office is OpenSource. Or.. !Microsoft.

so I agree with Parent.

Re:Jesus. Just Jesus.!~ (1)

NitsujTPU (19263) | more than 8 years ago | (#14862978)

Dada, is that you ;-)

Re:I foresee a day (3, Interesting)

rabiddeity (941737) | more than 8 years ago | (#14862975)

Why not the hardware too? With all the talk of MS trying to lock down hardware with "trusted computing", why shouldn't the hardware be open as well?

Re:I foresee a day (4, Insightful)

m50d (797211) | more than 8 years ago | (#14863016)

Why not hardware? I have the source code to the processor in the machine my webserver's running on. It's entirely useless to me since I don't have a chip fab, but I'm sure someone's done something cool with it.

Good to see (1)

charlesnw (843045) | more than 8 years ago | (#14862673)

that this is coming along. Lets see if it gains traction. It appears to popup a couple times a year.

firssst (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#14862678)


its not the software (5, Insightful)

nurb432 (527695) | more than 8 years ago | (#14862679)

For a router, its mostly in the hardware, if it can keep up with real-life data rates.

Software is secondary..

Re:its not the software (1)

ENOENT (25325) | more than 8 years ago | (#14862805)

True. Networking is one area where Moore's Law doesn't help make software solutions more viable in time, because data rates keep going up. By the time software routing gets fast enough to handle routing of 1Gb/sec networks, everyone will be switching to 10 Gb/sec.

Re:its not the software (3, Interesting)

Anonymous Coward | more than 8 years ago | (#14862845)

You would indeed think so, and the hardware seperates a normal workstation from doing a job of a router (succesfully, anyhow).

However, the Operating System nowadays means the difference between a £600 price tag and a £1800 price tag on the 1800 series. Often the offerings from Cisco involve the same hardware but a different (more capable) version of IOS. The software really does create a large premium for the networking giants, and it's not just Cisco that this can be seen at

Re:its not the software (5, Interesting)

Ogun (101578) | more than 8 years ago | (#14862917)

Cisco IOS does nearly everything in software actually. Only on the big iron and catalyst based routers do you have dedicated hardware for packet forwarding. Try storming a cisco box with massive amounts of small UDP packets and see how well it copes. UDP is done in full software mode, you can't use CEF etc on UDP.
Might have changed in the two years I've been away from the networking world, but I don't really think so.
The slightly older 3600 series for example is just a normal PC in essence. RISC MIPS CPU, PCI for the network modules, flash for the OS.
What the do is distribute load instead. Same thing there, the older 7500 series has the CyBys architecture, where each line card is basically a separate router talking to each other over a backplane and a RSP to hold master databases and keep sync.

Yes, the Cisco 7600 has dedicated hardware for forwarding, but that is because it really is a catalyst 6500 switch under the hood.

Granted, many of the interface cards do a lot of processing for that media, framing etc, which keeps load of the main CPU. But what it comes down to is that IOS is quite efficient at doing what it does, which is forward packets.

If you want to learn more, I can strongly recommend the book "Inside Cisco IOS Software Architecture" from Cisco Press, ISBN: 1578701813

More Trust (5, Interesting)

BiggRanger (787488) | more than 8 years ago | (#14862680)

This is good since I always wonder how many back doors are in Cisco routers for Law Inforcement purposes.

Re:More Trust (1)

kc0re (739168) | more than 8 years ago | (#14862693)

Screw law enforcement. What about backdoors period. Not that I am a paranoid guy

but I am reminiscent of the Black Hat/ISS debacle.

Re:More Trust (1)

nurb432 (527695) | more than 8 years ago | (#14862707)

Not as many as people think.

Could you imagine the ramifications if a company got caught with a backdoor? They could kiss their ass good bye.

Re:More Trust (5, Insightful)

causality (777677) | more than 8 years ago | (#14862980)

Could you imagine the ramifications if a company got caught with a backdoor? They could kiss their ass good bye.

Never underestimate the power of Spin, especially when the general public has no interest in being informed about such complex subjects as network security (and lacks wisdom enough to decide that the only two reasonable courses of action are A. Learn about the subject or B. Shut the fuck up).

If the backdoors are for law enforcement purposes, why, then Cisco is simply being a Patriotic Corporate Citizen and Doing Their Part to help Stop Internet Crime etc etc. If this became a big controversy, all it would take is for one politician or one media outlet to talk even more about how wiretapping/remote logging ability is For Your Own Good and for the sole purpose of Stopping Al-Queda or whomever the convenient bogeyman of the day may be (because Oceania has always been at war with Eastasia). Rest assured that there will be such a device/tactic handy to drown out any kind of reasonable debate about the subject, should it ever become a serious issue.

The belief that a company which implements poor practices--such as undisclosed, intentional security hazards like backdoors--can "kiss their ass good bye" presupposes a market that consists entirely of informed, educated buyers who understand all security ramifications of their buying decisions (and such "features" that come with the package) and who always look after their own interests. Furthermore it assumes that they have enough sense to disregard any and all statements (on principle alone, as such claims have zero credibility) from any third parties who claim to know what is best for them, if only their particular set of restrictions were implemented. You will find that this last item is becoming lost upon us, especially in the USA.

I find this presupposition to be entirely unrealistic, and for that reason open-source alternatives can only possibly be a good thing, even if only because they give the established solutions such as those offered by Cisco a reason to avoid growing complacent.

Re:More Trust (1)

OmegaBlac (752432) | more than 8 years ago | (#14862825)

This is good since I always wonder how many back doors are in Cisco routers for Law Inforcement purposes.
Just having at least one backdoor is too many when security is critical.

Support? (3, Interesting)

lordkuri (514498) | more than 8 years ago | (#14862684)

Cisco's biggest advantage is their support network. I have yet to ever have a client that didn't buy smartnet with any of their gear.

Granted, some of their "engineers" leave a lot to be desired, but still, PHB's like the warm fuzzy feeling.

Re:Support? (1)

brunes69 (86786) | more than 8 years ago | (#14862760)

Like another poster said, when you can buy 5 other devices for the price of 1 year's worth of Cisco support and keep them as hot spares, it's hard to justify that support.

Re:Support? (2, Insightful)

TheSkyIsPurple (901118) | more than 8 years ago | (#14862793)

Having the hot spares doesn't matter if you are looking at a software problem.

The corporate question becomes who can you call for troubleshooting support that is "guaranteed" to help you.
(If the OSS folk don't answer your question, they don't lose money/contract)

Mod parent up! (1)

Rinnt (917105) | more than 8 years ago | (#14863019)

Beat me to the punch on that point, but it's so true. And even if you don't think the support is worth it, PHBs may beg to differ.

But will it... (4, Insightful)

Eli Gottlieb (917758) | more than 8 years ago | (#14862685)

Make money? This better be good hardware running good software, because otherwise people are just going to say "fsck it, nobody was ever fired for buying Cisco". Why? Because Cisco actually works.

Yes, OSS community, your adversary actually works this time. Beware.

Re:But will it... (1)

Rekolitus (899752) | more than 8 years ago | (#14862824)

They could do more for open source/open standards, like opening up EIGRP, HSRP... and I'm sure their other products won't meet up to the standard that their routers and switches do, considering the number of products they make now.

But you make a brilliant point, and I agree with you. Cisco does work, at least for their core products (routers, switches).

Re:But will it... (3, Interesting)

Harik (4023) | more than 8 years ago | (#14862829)

Eh. Cisco works like microsoft works. I've had my share of router trap/reset cycles, module failures and route storms with cisco gear. You just keep disabling features until you get a subset that works.

As for 'custom hardware', when you get to the point that you need to route 10gig-e at line-speed, then you buy 'custom hardware'. Below that, you drop in quad 100m cards into a linux/BSD box and run something like quagga (or now XORP). I'm willing to bet that not many people here have many routers that really need those kinds of line speeds, so we can all white-box it for a small fraction of the price. I know my linux (100meg) router gets a once-a-year reboot for kernel upgrades. My linux NAT at home gets rebooted every time the power goes out longer then the UPS can handle...

The only other thing that you can't get with open source is cisco hot-failover. And from the people who need that level of reliability, you can't get that from cisco either. :) To be fair, it works now, but they were selling it for quite a while in a very VERY buggy state. I'd be very exited to see an open-source router project that handles paired or triad server configurations with VIP and lockstep state updates, for true multipath redundancy. Good luck on that one, though.

Re:But will it... (1)

crotherm (160925) | more than 8 years ago | (#14862971)

It seems your experience with Cisco has not been mine. Our stuff just works.

Re:But will it... (1)

Feyr (449684) | more than 8 years ago | (#14862990)

if you need any kind of reliability, you buy 2 used cisco routers on ebay. quagga just doesnt cut it (to be polite)

yes im pissed
yes i have multiple quagga routers
and yes ill buy something that actually work next time and won't crash randomly with no error messages

Network outage? (3, Insightful)

MachineShedFred (621896) | more than 8 years ago | (#14862689)

So who do you call when the thing breaks?

With Cisco, I call the rep, and they have a replacement device in our datacenter within the hour, and we load up the config and get it fixed.

Doubt you'll get that kind of service here, and that's what you pay for with Cisco.

Re:Network outage? (0)

Anonymous Coward | more than 8 years ago | (#14862709)

So who do you call when the thing breaks?


>> RTFM!


My router is borken.

Re:Network outage? (4, Insightful)

NerveGas (168686) | more than 8 years ago | (#14862722)

If you can't fix it yourself, you call someone who will charge you to fix it for you. Such support is available for nearly all medium-scale open-source projects. Asterisk is a perfect example, Digium saw the opportunity to not only sell the hardware to make it work, but to make money off of software support as well.

Re:Network outage? (0)

Anonymous Coward | more than 8 years ago | (#14862822)

So ... who do you call when the thing breaks? This "someone" providing Cisco-level service for this product is whom, exactly?

Re:Network outage? (0)

Anonymous Coward | more than 8 years ago | (#14862865)

Nobody yet. It just got released today.

Re:Network outage? (1)

Alioth (221270) | more than 8 years ago | (#14862730)

If it's 1/5th of the cost of Cisco as the summary states, then you have two or three spares which you preload with your configuration. If one dies, just plug in the spare. Much faster than waiting for Cisco to show up. That's what we do with OpenBSD firewalls - it's SO MUCH cheaper than Checkpoint, instead of having one Checkpoint firewall and an expensive support contract, we have hot spares we can just plug in.

Re:Network outage? (1)

omega9 (138280) | more than 8 years ago | (#14862795)

If it's 1/5th of the cost of Cisco as the summary states, then you have two or three spares which you preload with your configuration. If one dies, just plug in the spare.

So on your terms, the cost benefit is mostly crap.

Re:Network outage? (1)

Alioth (221270) | more than 8 years ago | (#14862912)

Really? Let's do the maths.

If the router is 1/5th of the equivalent Cisco router, you'd need FOUR spares per router to equal cost parity with Cisco. Realistically, you're probably not going to have that many, so yes - you are going to spend less money AND have a faster replacement (minutes probably) than Cisco service. Even if you had two hot swap spares per router, you're still way ahead.

Re:Network outage? (0)

Anonymous Coward | more than 8 years ago | (#14862921)

Plus with OpenBSD and CARP you don't even have to plug them in manually - the spare one will take over automatically if the master fails.

Re:Network outage? (2, Insightful)

Vellmont (569020) | more than 8 years ago | (#14862747)

So who do you call when the thing breaks?

Probbably the same people who made the thing, or possibly a 3rd company with a model like RedHat where they offer support. Honestly, how is this any different than other open source products? Support is available commercially, and on a DIY basis from the community.

Re:Network outage? (5, Funny)

gardyloo (512791) | more than 8 years ago | (#14862749)

So who do you call when the thing breaks?

      The A-Team.

Re:Network outage? (0)

Anonymous Coward | more than 8 years ago | (#14862776)

Sir, please look up the following terms in your choice of defineries(word ??)!!!

- OSS (open-source software)

- pay (as in payment for product)

- support (as relates to OSS above)

I believe you missed the entire point of this software and its purpose. Please report back to your cubicle for reimplantation back into the hive-mind...

/NEXT ...........

Re:Network outage? (1)

dangermen (248354) | more than 8 years ago | (#14862782)

Now that statement is misleading. Cisco doesn't just ship stuff within an hour. They have 8x5xnbd and 24x7x4 part replacement. That's also IF you get an RMA issued in time. The Cisco TAC engineer does not have to issue an RMA just because you say so. They can request further troubleshooting.

Cisco replacement turnaround times... (0)

Anonymous Coward | more than 8 years ago | (#14862966)

Last time I needed a Cisco unit replaced (a C2970G-24T-E switch that went totally dead), it took over two weeks to get the replacement onsite. Our 8x5xNBD Smartnet contract and the fact that the 2970 has a lifetime hardware warranty didn't do diddly squat to speed up getting a replacement any faster. The problem was that there simply weren't any 2970's in the immediate supply chain available to send out at the time.

Re:Network outage? (1)

spinkham (56603) | more than 8 years ago | (#14862804)

For the cost diferential, you can have redundancy with a few live spares, a testing environment, etc.
Like everything else in the biz though, it depends how much in house experience and responsibility you want, versus having someone else to blame.
Commodity routers like this unfortunatly don't have the capabilities to reach the high end where the in house expertice is more common.
Unfortunatly for these people, exactly what seperates this new router from LEAF, freesco, openwall and the like I'm not sure. This market knitch seems rather full already, but perhaps they can polish the system more then others...

Re:Network outage? (4, Insightful)

QuantumG (50515) | more than 8 years ago | (#14862836)

I remember a time when one bunch of people would sell products and another bunch of people would repair them when they break. Now when I buy a washing machine, no-one can fix it except the manufacturer. If I had the choice, I'd buy a washing machine that anyone can fix, but these days I don't have that choice. It's the same with my car. Same with my DVD player. Same with my television.

Thankfully if my computer screws up I can take it to any one of many repair shops. If it's a hardware issue I'll probably call the manufacturer and see what my warrentee covers me for, but if it's a software issue, blah, as if I'd call Microsoft. Of course, if it's a laptop and I don't have a warrentee, who can I call? The manufacturer, that's it.

So who do I call if my Linux box is on the fritz? Believe it or not, there's lots of people you can call. Because the software is open there's a whole lot of people who understand it and can fix it. Just like when the hardware is open.

Re:Network outage? (1)

supabeast! (84658) | more than 8 years ago | (#14862941)

Someone still has to make and sell the hardware, and that company will probably be just as happy to sell you a support contract as Cisco is. And if you're building them yourself, chances are that you'll be saving enough money that you'll be able to keep a few spares on hand.

Who do you call? (1)

jd (1658) | more than 8 years ago | (#14862952)

If there's martian frames in Network Neighborhood,

Who do you call?


Its not exactly GPL. (1)

bunbuntheminilop (935594) | more than 8 years ago | (#14862692)

Open source may not equal GPL, but its the first think I think of. Likewise, a psudo Berkeley is not quite open source.

If RMS is reading, you'd agree no?

Re:Its not exactly GPL. (2, Informative)

nurb432 (527695) | more than 8 years ago | (#14862724)

And this is a problem why? Some of us dont agree with the concept of the GPL in the first place.

  If they choose not to use GPL, bsdish doenst make them bad, it makes them more free, with fewer restrictions.

Re:Its not exactly GPL. (1)

bunbuntheminilop (935594) | more than 8 years ago | (#14862934)

:P BSD sux0rs, GPL roolzzz!


The GPL licence spreads faster and easier than the BSD licence, which is the point of the extra restrictions. Uptake by hardware manufactures is therefore better if they are uptaking GPL licenced firmware than BSD firmware.

The arguement is redundant, however, as XORP could be forked to be GPL, if I'm not mistaken.

Re:Its not exactly GPL. (1)

WilliamSChips (793741) | more than 8 years ago | (#14862951)

Fewer restrictions != more free. BSDish may be more free for the programmer, but the code is more free(and contribution is more likely to be propagated) in a GPL project.

Re:Its not exactly GPL. (1)

nurb432 (527695) | more than 8 years ago | (#14863032)

While we can debate 'propagation rates' all day, i still feel its more free.. ( the problem is that a lot of BSD licensed code is used and no one even notices or knows how much was used, so its hard to really nail down which propagates better )

if i want to sell a product with BSD code, im free to do so, without any strings atached of having to fork over code just beacuse somone asked... All i have to do is give them credit, i dont even have to admit what code i used.. With GPL, I cant get away with that, and always run the risk of having to open my code up in the process.. More restrictive/less free.

Now, im *not* saying GPL is bad, as we can all choose the license we want. I just think BSD is much less restrictive, and in the end, more free. If you want some control over the use of your code, then GPL is a better choice. If all you really want is credit, then BSD is the better choice. Keyword, choice.

Re:Its not exactly GPL. (1)

jx100 (453615) | more than 8 years ago | (#14862808)

I believe the modified BSD license is considered perfectly acceptable by RMS. Just because it's not GPL doesn't mean it's not actually open-source.

Sweet! (4, Funny)

creimer (824291) | more than 8 years ago | (#14862703)

It can turn my old AMD K5 machine into a top-end Cisco machine. Does anyone have a spare ISA network card?

Wha wha what??? (2, Funny)

garrett714 (841216) | more than 8 years ago | (#14862712)

Initial funding to develop XORP is provided by Intel and the National Science Foundation. Further funding has been provided by Microsoft Corporation and Vyatta. We are extremely grateful for their support.

Re:Wha wha what??? (1)

Spy der Mann (805235) | more than 8 years ago | (#14862914)

Further funding has been provided by Microsoft Corporation

In related news, hell just called tech support for one of their heaters. Minor issue, however. Will be fixed in a couple of months.

OK, now that the joke's written... (2, Informative)

Spy der Mann (805235) | more than 8 years ago | (#14862930)

i find this feasible. It's a BSD-style license (wink wink, nudge nudge) so this means it's perfectly applicable for an "embrace and extend" operation.

Re:Wha wha what??? (2, Informative)

not-admin (943926) | more than 8 years ago | (#14862936)

Just because this is /., doesn't mean that you can pull the "OMG Microsoft" card. In this case, it is being overuled by the "w00t! OSS!" card.

Uh... (2, Insightful)

kclittle (625128) | more than 8 years ago | (#14862728)

...the key to routers and switches is the purpose-built hardware (the "switching fabric"). Sure, you can route using just SW and a 4-port ethernet card, but you'll be several orders of magnitude slower than a Cisco or Juniper box crammed full of ASICs.

Re:Uh... (1)

kclittle (625128) | more than 8 years ago | (#14862810)

(I'm assuming, of course, that they're using the Intel IXA family of network processors -- I don't see how, then, they get a 5x cost reduction...)

Re:Uh... (1)

NerveGas (168686) | more than 8 years ago | (#14862881)

... until you use an ACL (or any other useful feature of said Cisco), then you're back to process-routing, in which case, it's going to be orders of magnitude slower than a multi-GHz CPU with mammoth memory bandwidth.


The Oracle Strategy (1)

Sigfried (779148) | more than 8 years ago | (#14862752)

If they become any kind of threat to Cisco, all Cisco needs to do is to buy the company, and render the issue moot.

Re:The Oracle Strategy (1, Funny)

Nick Driver (238034) | more than 8 years ago | (#14862981)

If they become any kind of threat to Cisco, all Cisco needs to do is to buy the company, and render the issue moot.

(cough, cough) Linksys (cough)

I was doing work for a F200 company (0)

Anonymous Coward | more than 8 years ago | (#14862755)

and their top IT dogs didn't want to touch routing. They outsourced the entire deal to their ISP. Now if they are scared to touch it, I think this will need something big to be taken up.

Personally I don't know much about configuring a router but this is a great way to learn. I have to say that all these great FOSS applications must be a boon to college CS courses. They actually get to play with real world stuff and make a contribution while working on a GPA. That is actally very awesome.

As soon as I am done playing with Xen Live CD I might give this a look.

Now if i can get Xen to run WINE with 100 instances of SecondLife and camp 24x7 I could make $400/day with a decent computer. Yea that beat break-even by a wide margin...but does this business plan scale? ... Damn engineers always asking these stupid questions...Ya Know what I mean!

Free and Open Source hardware? (1)

edmicman (830206) | more than 8 years ago | (#14862762)

So I can get the hardware for free, too, right?

I love open source software naming (5, Funny)

stinky wizzleteats (552063) | more than 8 years ago | (#14862763)

Grep. Gimp. Kugar. Krita. Kexi. LaTex. Tcl. And now, the piece de resistance - xorp.

Why route when you can XORP!

Re:I love open source software naming (1)

daverabbitz (468967) | more than 8 years ago | (#14862815)

Yes, because Cisco IOS, Catalyst and Rapier are so much more obvious as to what they do :P .

Re:I love open source software naming (5, Funny)

DrSkwid (118965) | more than 8 years ago | (#14862994)

says stinky_wizzleteats

Re:I love open source software naming (1)

rabiddeity (941737) | more than 8 years ago | (#14863025)

Maybe the developers are Klingon?

Re:I love open source software naming (1)

NitsujTPU (19263) | more than 8 years ago | (#14863030)

Yay Ren & Stimpy.

new company dupe project (3, Informative)

tazanator (681948) | more than 8 years ago | (#14862767)

Imagestream has been doing this for ~8 years now ... course they provide support and all the hardware but this is doable. After all a DS3 Imagestream Rebel is only a P3 Intel and 256mb upgrade. Still it is another step in proof that cisco is not the networking god PHB's think.

Could be promising for some markets (4, Interesting)

squidguy (846256) | more than 8 years ago | (#14862770)

This could be a hit, if the costs keep down, for the small-medium business and home broadband markets. But I have trouble seeing how this will take significant market share in the Enterprise except for perhaps edge or LAN devices. For one thing, you pay Cisco, Juniper, Foundry, whomever for wire-speed implementations (among other issues) that rely largely on the ASICs and the overarching hardware architecture, beyond just the OS.

For the home market, there are already open-source software solutions such as for the Linksys WRT54-series wireless router, which is itself based on the GPL. See 2391 [] for more info.

Until someone funds an open-source chip foundry, these won't replace the core.

Re:Could be promising for some markets (2, Interesting)

NerveGas (168686) | more than 8 years ago | (#14862853)

The idea of Ciscos and others using custom hardware to accelerate the routing is, in great measure, over-hyped. Yes, they do have some hardware that GREATLY speeds things up, but in most cases, it only works if you're not using any of the features that make their expensive equipment truly useful. Most of the nice features will kick you from CEF to process-switching, and at that point, a modern PC has *gobs* of CPU cycles, memory bandwidth, and even I/O.

I/O used to be pretty pathetic for PCs, but when you look at motherboard chipsets with up to 32 PCI-E lanes coming off of them, that gives you a theoreticaly 80 GB/s bidirectional transfer. Realistically, the connection from the CPU to the chipset would be a limitting factor, but if you're talking about Opterons, you get 12.8 gigabits/second. You can find Cisco routers that will beat that, but you're talking about more than an order of magnitude in price difference.


Software is not the issue. (3, Informative)

NerveGas (168686) | more than 8 years ago | (#14862788)

The largest impediment is not software, but hardware. The two benefits to a Cisco are that (A) there is someone who *will* fix your problem for a fee, and (B) You can buy an interface card for ANY network type out there.

As for (A), the same will likely become available for this if it isn't already.
(B) is a lot harder. When you get into odd network types and high-speed telco lines, it becomes a bit more difficult - it isn't as easy as just calling your Cisco salesmonkey and buying the card you need.

It should be noted, however, that adding a card to a Cisco isn't always painless. I've had to upgrade the OS - which involved upgrading both memory and flash - just to support another ETHERNET card. How many decades has Ethernet been around for, and they want an OS upgrade to support one? And only to support an additional card, the built-in ethernet worked just fine.

Right now, we're using a Linux router for ethernet routing within our data center, which it handles just fine. As soon as our Sangoma cards show up, it's also going to handle a T3 to our office as well - but only clearchannel, we can't split it between phone and data (as I'd like to do.)

A while back, I had a rather perverse thought. You can hook up a LOT of interfaces to a high-end Cisco, and most routed telecom isn't very high-bandwidth. A T3, at a measly 45 megabit, is still very small considering the throughput of today's hardware. An OC3, at 155 megabits, still isn't much. The perverse thought was that if someone would come up with T1 and T3 modules with integrated CSU/DSUs that connected via USB or firewire, you could stuff a machine chock-full of 4-port controller cards, and be able to hook up 20 or more interfaces very quickly, and easily. In theory, each USB controller card *should* be able to push the ~200 megabits without much trouble, and even a plain old 32/33 PCI bus could *almost* handle the 110 MB/s of all 20 lines at full-tilt. Realistically, however, I do know that USB has many deficiencies which entirely prevent it from fulfilling that task.

Is there really a market for this? (2, Funny)

Anonymous Coward | more than 8 years ago | (#14862791)

As I understand it, there's already this open source routing software called "Linux". I sysadmin at a medium sized financial trading house, and managed to toss out our two Cisco routers a year or so ago. I replaced them with Gentoo Linux boxen running the standard IP stack and routed, on office ready Dell PCs (with a couple of extra ethernet and fibre cards as appropriate). And you know what? It's been even more reliable, less downtime for patches or crashing or hardware failure. I'm not likely to go back to Cisco until I see the same standard of freedom and quality in their code that I do in Linux.

Well the top three questions I'd have (4, Insightful)

Sycraft-fu (314770) | more than 8 years ago | (#14862799)

This is all assuming I'm willing to go unsupported, of course.

1) By far the most important is what kind of interfaces can I get for it. Of course I can get ethernet but what about T1, DSL, SONET, etc. If all this does is route packets over ethernet, which I then need to plug in to another router to get to my WAN, that's not so useful. I'd say over 90% of the Cisco routers I see in business are for WAN connections. If you are going to have to buy those anyhow, then what's the point?

2) What kind of load can it handle? Having something that can do a gig is all well and good, but can it still do a gig with 20,000 clients generating 50,000+ connections? That's where many budget routers and firewalls fall flat. They do everything in software so they can do the traffic no problem, but it's the concurrency that kills them.

3) Does it support layer-3 switching? That's where you in effect route the first packet of a flow and switch the rest. Leads to much lower impact on the router, and lower pings. Can't do it going from one media to another, but for internal routing it's the way to go.

This is, as mentioned, not considering support. I mean it's all well and good to slap some NICs in a system, load an OS that can route traffic, and call it a router/firewall/whatever, but it's something else entirely to see that survive under a real load. We see that all the time on campus when we test new potential devices. They promise gig throughput, something I have no doubt they deliver, and less than we use, but they instantly crash when exposed to our network. Why? Well we have like 30,000-40,000 comptuers or so that generate hundreds of thousands of concurrent connections. They just aren't equipped to process that kind of load and they stop passing traffic. The Ciscos, however, that compose the entire core, edge, and distribution parts of the network, operate without problems.

Re:Well the top three questions I'd have (0)

Anonymous Coward | more than 8 years ago | (#14863013)

2) What kind of load can it handle? Having something that can do a gig is all well and good, but can it still do a gig with 20,000 clients generating 50,000+ connections? That's where many budget routers and firewalls fall flat. They do everything in software so they can do the traffic no problem, but it's the concurrency that kills them.

I am dumber for having read that. L3 devices (routers) have no idea what "concurrent" connections are, GENERALLY speaking bandwidth is bandwidth. Perhaps I misunderstood. Can you expand upon this?

An Interesting Point to Note... (2, Insightful)

webmistressrachel (903577) | more than 8 years ago | (#14862802)

History repeats itself.

Microsoft built an empire out of OSS (using OpenBSD). Linux tries to compete with their own, better, product. However, companies are still resistant due to "support issues" (how much support did you actually get from M$ last year, though?) and familiarity.

Cisco built an empire out of Netlib, etc. Vyatta will try in vain to take a slice of the pie, but companies again will "go with what they know".

This is how the vast majority of us have ended up with rubbish IT setups, and those amongst us who care about quality etc. get modded "Troll" for ranting about it.

Re:An Interesting Point to Note... (0)

Anonymous Coward | more than 8 years ago | (#14862948)

Err... what?

OK. If you're going to go by WebMistressRachel, we're going to see nudie pics, because the rest of your post is just wrong.

Microsoft existed as a company with an enormous revenue before OpenBSD ever existed. Hell, Microsoft existed before Dick Stallman finished getting an erection by tapping out his programs in morse code using parens... I mean, dreaming of a lisp-based windowing system.

So, let's get on with the nudie pics.

Nig6a (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#14862806)

Practicaul purposes, to work I'm doing, beyond the scope of Share. *BSD is

5 years late? (3, Interesting)

Garak (100517) | more than 8 years ago | (#14862812)

This seems to be alittle late to be jumping into this market. Most of the big players are starting to switch over to multilayer switching. Software routers are only needed where you need to do something like NAT or firewalling.

If your big enough to need a routing protocol like BGP, your going to need some serious hardware. Software based routers running on off the self hardware are fine for 100mbit ethernet routing, but beyond 100mbit you need some specialized hardware.

I really don't see any advanage this system has over a linux router with the usual tools(zebra/quagga, ip, ifconfig, iptables, ebtables, etc...)

No worries from Cisco (0)

Tiger4 (840741) | more than 8 years ago | (#14862828)

There is a tech fix for this problem. Just embed a packet sniffer in the next software update to prevent traffic from coming or going to the Vyatta or XORP sites. No software, no web presence, no problem. Closed source, so who's to know? Advantage: Cisco.

Already use an open source router (0, Offtopic)

argoff (142580) | more than 8 years ago | (#14862830)

At home and at work, a nice multi-homed Linux box with iptables, shapecfg, openvpn, ipsec, and iproute already does a nice job of firewalling, vpn-ing and routing traffic. IMHO, handles loads and traffic flow pretty nicely - and it's a lot easier to upgrade and do traffic analysis than on those closed off-the-shelf boxes.

What is the special sauce here? (1)

putko (753330) | more than 8 years ago | (#14862840)

Is there any special hardware or chips on this thing? Or is it just a low-end computer? I saw this story before and it didn't mention anything about the hardware

Packet Forwarding is so 1990's (3, Interesting)

saridder (103936) | more than 8 years ago | (#14862883)

The game has long since moved from just forwarding packets to providing intelligence in the network. Now companies want integrated security, voince, application intelligence and application (l5-L7) optimization, QOS, high availability, etc.. none of which you'll find in an open source router. This is why the networking companies stay in business. If companies wanted cheap packet forwarders, they would have bought linksys, 3com, huawiei, hp or any other me-too commodity router. They didn't and Cisco won.

you mean like the LRP? (1)

the_REAL_sam (670858) | more than 8 years ago | (#14862887)

Linux Router Project

Which already tanked, but was an open source floppy disk firewall-router-telnet-ssh installation that could run on a 486 with a single floppy and 2 network cards.

Somebody bought it out. How? IDK, since it was an open source public domain type project.

I'm sure there could still be some floppies of it.

LRP website is still there but the (1)

the_REAL_sam (670858) | more than 8 years ago | (#14862924)

the project halted as the main developer stopped working on it due to lack of funds.

i couldn't get the ftp site to share legacy files to me either. =\

XORP + Click (3, Informative)

jd (1658) | more than 8 years ago | (#14862927)

You really want to run Xorp alongside MIT's Click, as that gives you the best routing capability. The two are intended to interoperate, but there's bugger all documentation on doing this.

The number 1 problem with Xorp is that it supports only a tiny fraction of standard Internet routing protocols. They don't have the developers to support anything more than a bare-bones software router. If you're only going to use what they have, it's no big deal. (NOTE: I am only including actual common routing protocols, here. There are over 150 routing protocols defined and implemented by somebody, but few routers support more than 3% and only the Really Major Routers even pass the 10% mark.)

The number 2 problem is that it lets the native OS deal with all of the QoS. This means that Xorp isn't guaranteed to behave the same on different platforms. It's not a lethal problem and some (including the Xorp developers) consider it a major bonus. I'm not convinced it's a good thing, though. It makes multicasting very confusing.

The final problem is that Click will normally be run as a kernel module, but Xorp is in userspace. This means you've a LOT of context switching when running in such a mode. Because you want minimum latency, the overhead of pushing packets into userspace in the first place might not be efficient enough.

I believe Xorp to be a good product. It is also the ONLY software router that is (a) Open Source and (b) being maintained (Quagga, Zebra and MRT are all dead, and GateD was withdrawn). I don't know if the Xorp group want more core developers, but I desperately hope that third-party developers offer patches and modules for it to beef up the abilities.

(Linux is an important software router. NetBSD and OpenBSD could be, if the routing software was good enough. The three of them should have the low-to-medium router market totally sewn up in no time flat, in a very short timeframe. That won't happen, though, if there's not enough independent interest and support.)

VC led company for OSS? (0)

Anonymous Coward | more than 8 years ago | (#14862935)

The founder and chairman of the board is a venture capital guy. Me thinks their primary motivation isn't providing lower cost solutions. Rather, its to make a billion dollars.

XORP spawned from Click... (4, Informative)

shadowmatter (734276) | more than 8 years ago | (#14862938)

Eddie Kohler, whose PhD thesis at MIT was the Click modular router [] (which from what I understand turned into the "engine" behind XORP), is one of the principal designers and developers of XORP. They published a paper at NSDI [] last year, which you can read here [] (Warning: PDF). It states very clearly what the goal of XORP is, and how well it performs. Quite interesting.

Cisco "lock" on the market? Excuse me? (2, Informative)

SuperBanana (662181) | more than 8 years ago | (#14863021)

A start-up tries to break Cisco's lock on the $4 billion corporate router business.

Cisco's market share year to year over the last 5-6 years has bounced from a near-dominating 80% to as low as 50%...and it's swung that much in ONE year.

That must be some definition of "lock" I'm not familiar with...

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account