Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Open Source Router on Par With Cisco, Users Say

timothy posted more than 8 years ago | from the pay-less-per-tube dept.

202

Jane Walker writes "On a mission to avoid paying top dollar for Cisco routers, two users say Vyatta's Open Flexible Router is a viable alternative to the proprietary norm. Find out about the pluses and minor hassles involved in deploying this alternative." This probably won't surprise the users of (much lower end) networking gear like the famously hackable Linksys WRT54G, which — like a number of internally similar routers — can be reconfigured with one of several open-source firmwares to do things impossible with the hardware as delivered.

Sorry! There are no comments related to the filter you selected.

Huh? (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#16188135)

No first post?

Re:Huh? (1)

sdBlue (844590) | more than 8 years ago | (#16188155)

Was working on it. Trying to (gasp) RTFA first...

Difference between hardware and software.... (3, Insightful)

gweihir (88907) | more than 8 years ago | (#16188197)

It is not surprising that low-end software routers can offer most things a proper Cisco router can. However when you need hgher speeds, a software router can not cut it. It is then when hardware routers show their strenght. A 100Mbps line usually does not require a hardware router. A 10Gbps line does.

Re:Difference between hardware and software.... (5, Informative)

Shaman (1148) | more than 8 years ago | (#16188337)

Bleah. This is tripe. Most Cisco routers have cheap, slow Intel processors in them.

Until you get up into the gigabit speeds, regular PC hardware is just as good or better. The only thing you have to watch for in the multi-hundred-megabit routing loads is that you don't have a lot of access control lists - which is also an issue you will run into with any router you might choose. Spending some time sizing the buffers and other kernel parameters is also important, because a stock Linux kernel is not set up to be a network core router.

I've got over 2,000 L2TP connections going into a single 2.4Ghz Intel box running Linux. Performance is significantly better than the Cisco 7204 that it replaced, and it's a lot cheaper and more flexible to support.

Now, in the multi-gigabit routing tasks, do yourself a favour and get a L7 switch with custom ASICs. Extreme, Foundry and others will be happy to sell you one. Cisco's stuff is crap, right up until you get their million dollar badasses which they bought from another party (go figure).

Re:Difference between hardware and software.... (3, Informative)

Shaman (1148) | more than 8 years ago | (#16188449)

FYI, I had a 7204 VXR and the Linux solution easily outperforms it.

Still have it, I never throw anything away...

cisco 7204VXR (NPE400) processor (revision A) with 114688K/16384K bytes of memory.
Processor board ID 21280102
R7000 CPU at 350Mhz, Implementation 39, Rev 3.3, 256KB L2, 4096KB L3 Cache
4 slot VXR midplane, Version 2.1
Last reset from power-on
Bridging software.
X.25 software, Version 3.0.0.

PCI bus mb0_mb1 (Slots 0, 1, 3 and 5) has a capacity of 600 bandwidth points.
Current configuration on bus mb0_mb1 has a total of 600 bandwidth points.
This configuration is within the PCI bus capacity and is supported.

Re:Difference between hardware and software.... (1)

Cally (10873) | more than 8 years ago | (#16188461)

You've heard of CEF, right?

Re:Difference between hardware and software.... (4, Informative)

Shaman (1148) | more than 8 years ago | (#16188573)

Certainly have heard of CEF. And have witnessed first-hand how bad it usually works in a big Internet environment.

Let's see...

--

IP CEF with switching (Table Version 271518), flags=0x0
    1030 routes, 0 reresolve, 0 unresolved (0 old, 0 new), peak 3
    1033 leaves, 27 nodes, 152040 bytes, 269271 inserts, 268238 invalidations
    0 load sharing elements, 0 bytes, 0 references
    universal per-destination load sharing algorithm, id 26B36E8A
    2(0) CEF resets, 1425 revisions of existing leaves
    Resolution Timer: Exponential (currently 1s, peak 1s)
    2250 in-place/0 aborted modifications
    refcounts: 9206 leaf, 7168 node

Adjacency Table has 888 adjacencies
    2 incomplete adjacencies

--

It does speed things greatly. Load on the 2.4Ghz Linux box that replaced it is 0.07 right now, with 1800 L2TP connections.

Re:Difference between hardware and software.... (0)

Anonymous Coward | more than 8 years ago | (#16189065)

I have heard more of CEF than I like. Seldomly I have seen a "solution" with so many problems...

Re:Difference between hardware and software.... (1)

gweihir (88907) | more than 8 years ago | (#16188467)

Sorry, I just meant that for lower speeds, buying Cisco is defeinitely a waste of money.

For high speeds get a hardware router and not necessarily from Cisco. In fact I don't like Cico for several reasons, which I will not go into here.

Re:Difference between hardware and software.... (4, Informative)

element-o.p. (939033) | more than 8 years ago | (#16189663)

Ummm....no. In anything more complicated than what a switch can do, you are using software to process packets.

Yes, Cisco (and others) have routers that use ASICs to handle immediate in/out "routing" in hardware, but as soon as you start putting any kind of ACL, any kind of port/IP translation, or anything else that requires any intelligence on the router, you bring in software, and all of the processing overhead that goes with it.

So....if you are going to do anything *useful* with a router would you rather have a 50-200MHz Cisco box running a bloated IOS (do you *really* use X.25, for example???), or a server-class x86 motherboard running a 1GHz processor with a kernel optimized for routing and software optimized for the protocols you actually use?

We use http://www.imagestream.com/ [imagestream.com] ImageStream Linux-based routers where I work, and they absolutely run circles around the 2600, 3000, and as5000 -series routers that we have. Their support is absolutely phenomenal. When we have a problem with an ImageStream router, we frequently talk with their programmer, and he works with us until we have a patch installed on the box that fixes the problem. If there's a software bug in your Cisco router, it's "yeah, that will be fixed in the next IOS release"...which unless you paid out the <bodily orifice of your choice> for SmartNet you have to *buy*, even though their product was broken when you bought it.

You can use overpriced Cisco iron if you want; I'll stick with the Linux-based routers, thanks.

Link to Vyatta (5, Informative)

QuantumRiff (120817) | more than 8 years ago | (#16188203)

Perhaps a link to the actual product would be in order?
Vyatta Open Flexible Router [vyatta.com]

Re:Link to Vyatta (0)

Anonymous Coward | more than 8 years ago | (#16188411)

Dear Vyatta,

I formally invite you to the 21st century and the widespread use of PNG instead of lossy, artifact ridden GIFs.

I'd almost forgotten how bad GIFS look, I thought vyatta web graphics were jpgs at > 75%

Somewhere, a web designer needs an eye test.

Regards,

AC

Re:Link to Vyatta (1)

Xichekolas (908635) | more than 8 years ago | (#16190117)

Dear AC,

We consider our gifs to be artsy and creative... Web 3.0 if you will.

We scoff at your invitation to the 21st Century... as we and our fellow OSS people are well into the 23rd Century.

Captain Kirk says hi.

Regards,

Vyatta

Avoiding "License Transfer" Fees (4, Insightful)

evansvillelinux (621123) | more than 8 years ago | (#16188205)

Isn't this a way to avoid paying for the licensed software on Cisco equipment when it's sold second hand? (Not trolling or anything, I think it's ridiculous for Cisco to demand payment for software that's already been paid for once.)

Re:Avoiding "License Transfer" Fees (1)

Wesley Felter (138342) | more than 8 years ago | (#16189569)

Yeah, I guess you could say that never buying Cisco equipment in the first place is a way of avoiding their fees. But if you already have (or need) Ciscos, OFR won't help you.

Re:Avoiding "License Transfer" Fees (1)

Amouth (879122) | more than 8 years ago | (#16190031)

you only have to pay if you want updated firm ware.. or extra options..

the IOS is more than the hardware... you can buy cisco routers dirt cheep if you don't want the IOS..

another case where the software is what has the cost behind it

if it is only "Standard PC Hardware" (3, Insightful)

MerlynEmrys67 (583469) | more than 8 years ago | (#16188237)

It isn't comparable with Cisco.

But then again for SMB - you don't need 100 MBit routing - many of your internal clients are slamming into your sub 10 Mbit internet connection anyway (that is probably further BW limited by the cable/phone company). Now for true enterprise - you really do need switching/routing at the ASIC level - real switching fabrics (not a glorified PCI bus) in the hardware etc. to handle the multiple GBit links, multiple OC12/OC48 connections to the world, etc.

This is where Cisco shines and I don't see "software only solutions" coming anywhere close

Re:if it is only "Standard PC Hardware" (1)

Cheeze (12756) | more than 8 years ago | (#16188383)

OC3 and greater are probably not in 98% of the companies right now. Most of these companies probably have a weak DSL line with a linksys device. As companies get larger, they move up to T1 and need new hardware, it's probably a shock to have to pay the Cisco tax. What's the price of a 7200VXR class of router these days? If you could provide the same service with an old PC and a few PCI cards at 1/10th the price, you just made a nice cut-rate market for yourself.

Re:if it is only "Standard PC Hardware" (1)

MerlynEmrys67 (583469) | more than 8 years ago | (#16188533)

Strange - why would you expect companies to step down from decent DSL speeds to T1 rates. I assume small companies stay on DSL/Cable for the download rates (host their web server somewhere else - what do you need upload speeds for anyway), then move up to OC12/48 rates (or multiple OC3) when there are enough employees to justify the need for the upload rates these speeds provide - or the reliability of multi homing the network. Again this trade off happens somewhere north of 100 tech workers, or multiple branch offices needing to share resources (SVN/CVS/???) for development

I defy you to be able to route 4 Gbit interfaces through a single low end PC, heck - even a mid range server with a few PCI-X interfaces... Don't think you can do it.

Anyone have any Packets Per Second (PPS) rates for a generic PC ? It used to only be in the 10 Mbit/sec range - for 4 interfaces... I am sure it is quite a bit faster today with decent hardware

Re:if it is only "Standard PC Hardware" (0)

Anonymous Coward | more than 8 years ago | (#16189043)

Obviously if you need to route between 4 loaded Gb interfaces at close to wire speed, a linux router isn't for you. How many companies actually need that? We only route between 2 100Mbps networks and to our 2Mbps leased line, a linux router would work fine for us. Since 100Mbps between networks at the router isn't a bottleneck for us and most traffic is routed to WAN, I'd prefer to invest in layer3 switching before some over-spec'd router ;-)

Re:if it is only "Standard PC Hardware" (2, Insightful)

aesiamun (862627) | more than 8 years ago | (#16189131)

Because even commercial Cable and DSL sales have very little to no QOS. Read your agreement with your local cable co at some point...

You aren't guaranteed uptime as a business cable company anymore than you are guaranteed uptime as a residential customer.

Absolutely true. (2, Insightful)

Shaman (1148) | more than 8 years ago | (#16189323)

If you're not paying at least $100s of dollars a month, you aren't getting any sort of guarantees.

Why change from DSL? Reliability... (4, Informative)

WoodstockJeff (568111) | more than 8 years ago | (#16189133)

Strange - why would you expect companies to step down from decent DSL speeds to T1 rates.

When you need reliability, you have to give up on DSL/cable, because no DSL or cable provider is going to give you service guarantees. If a DSL/cable line doesn't provide it's advertised 2Mb/s download throughput, that's too bad; you might be able to negotiate your bill down. And if it goes down, it's going to be you reporting it to your ISP, not the other way around...

But a T1 circuit (generally) has both through throughput and uptime guarantees written into the contract. And automated monitoring of its performance, and fast notification that something's wrong, 24 hours a day. I've had DSL circuits be out for days; the longest a T1 circuit was down was 8 hours, and there were severe financial penalties proscribed for that event.

That's not to say a T1 circuit is perfect; we use a bonded pair of them to feed one site. One went down, due to an incident with a trencher. Verizon promptly fixed it... by moving the circuit to another pair that tested good in the cable. Guess which pair got used... If you guessed the pair that the second circuit lived on, you'd be right, and it went down. This went on for a day, alternating which circuit was up and down, until one of our people met the Verizon tech at the repair site. "You do know that there are TWO T1 circuits here, don't you?" "Oooops..."

Re:Why change from DSL? Reliability... (1)

pe1chl (90186) | more than 8 years ago | (#16189921)

When you need reliability, you have to give up on DSL/cable, because no DSL or cable provider is going to give you service guarantees.

This is of course hogwash. Just like you bonded your T1s to get better reliability, you can do the same with DSL. You can even get DSL and Cable, or DSL from different ISPs.
In real life your reliability will be better than the "guarantee" you get from your LL supplier (which usually does not give any compensation in case of problems anyway, so you still are responsible for your own backup).

Re:if it is only "Standard PC Hardware" (2, Interesting)

Shaman (1148) | more than 8 years ago | (#16188391)

Cisco has the worst-performing L7 switches on the market until you get into the really large-dollar stuff (which they bought from another company). Use Extreme, Foundry or Big Iron and be much happier.

Cisco's routers are cheap, mostly Intel-based systems with PC-quality hardware and low performance for the dollar. If you are routing mostly Ethernet (which most do these days), you can build a multi-hundred-megabit Linux router very inexpensively and get more performance out of it than a 7x00 series Cisco router.

Re:if it is only "Standard PC Hardware" (0)

Anonymous Coward | more than 8 years ago | (#16189355)

I absolutely guarantee the 7600 series will smoke the linux box in any routing task you can imagine. ;)

I assume by 7x00 series router you mean the _7200_ series. Well, it's old, but you're right. Performance-wise, if you don't want to do anything interesting, the linux solution is superior. However, the 7200 series is designed to be reliable, feature-rich, and modular. You pay a price for those options. As you try to add features, the linux solution will fail to outperform a comparable Cisco device. Not to mention the apparent lack of modularity/hot swap capability.

The modern, low-end 28xx series is a more reasonable comparison. Again, you're trading feature set for cost -- the 28xx series starts around $2000 USD. The linux router has most of the basic functionality, and is presumably cheaper, depending on the hardware selected. It does _not_ have advanced features of a modern low-end router:

http://www.cisco.com/en/US/products/ps5854/product s_data_sheet0900aecd8016fa68.html [cisco.com]

Re:if it is only "Standard PC Hardware" (1)

pe1chl (90186) | more than 8 years ago | (#16190099)

This always depends on local requirements. It is not difficult to name some features that a Linux box can perform without trouble, and a Cisco cannot.

For example, when you have multiple single-IP-address links to the Internet, and you want to offer several internal systems access via NAT, you will run intro trouble with IOS.
Linux routers, and also some low-end routers like Draytek 3300 can do this without problem.

In general, IOS has trouble with situations where there are different external connections that each should have the default pointing to them, but should not be arbitrarily intermixing traffic (each should send only traffic sourced from the address of that interface). This is because policy routing in IOS is tied to the "incoming interface", which does not work well for things like tunneling and load balancing.

So, when your task is to provide Internet access and VPN for a small company over multiple redundant DSL connections, it may well be that the Linux box can do things that the Cisco can't. Even though you would think this is a common setup.

Re:if it is only "Standard PC Hardware" (3, Interesting)

Gadzinka (256729) | more than 8 years ago | (#16188547)

If I had one dollar for every time I give this answer, I'd be frelling rich:

99% of businesses use sub 10Mb connection to the Internet and yet they are told the Cisco is the only way to connect them professionally. Moreover, the sub-$10k Cisco gear is a crap when it comes to performace, on par with good PCIe PC running on multiple Gbit eth interfaces.

That about sums it up.

Robert

Re:if it is only "Standard PC Hardware" (1)

HKcastaway (985110) | more than 8 years ago | (#16189077)

Wouldn't those companies do far far better getting a US$20 9V DC Taiwanese router, which consumes less power has less parts to fail and is simpler to install?

Re:if it is only "Standard PC Hardware" (0)

Anonymous Coward | more than 8 years ago | (#16188565)

It isn't comparable with Cisco
It also doesn't have any support for anything that compares with Cisco's extended access control lists for allowing extremely fine-grained filtering of what ports & protocols you wish to allow between combinations of individual hosts and snippets of subnets.

Re:if it is only "Standard PC Hardware" (0)

Anonymous Coward | more than 8 years ago | (#16188739)

It also doesn't have any support for anything that compares with Cisco's extended access control lists for allowing extremely fine-grained filtering of what ports & protocols you wish to allow between combinations of individual hosts and snippets of subnets.

No? [die.net]

Re:if it is only "Standard PC Hardware" (1)

pe1chl (90186) | more than 8 years ago | (#16189173)

Cisco's extended access lists are extremely limited when compared to Linux iptables.
The first thing that is apparent is that they are lists. A linear list is not a very convenient way to express your access policy, especially when you have more than one external interface.

Re:if it is only "Standard PC Hardware" (4, Informative)

Cally (10873) | more than 8 years ago | (#16188583)

Gosh, someone who knows what they're talking about ;)

If your internet link is DSL, you do not need a real router :)

I should point out that this topic comes up every couple of years on NANOG, ummmmmm... here's a reasonable selection from the last decade [google.com] . These people have forgotten more about routing than most of us here will ever know. And until generic PCs come with multi-gig backplanes, it ain't happening anywhere except the low end. And at the low end, you're better off either leaving it to your ISP or using a few whitebox "desktop" switches/routers. They're cheap, cheerful, work, and you don't need to know the difference between "sh ip bgp run" and "sh bgp ip run"...

Re:if it is only "Standard PC Hardware" (1)

Tweekster (949766) | more than 8 years ago | (#16188731)

Most businesses simply dont have those demands...Yes, large businesses do, but that isnt of concern for the hundreds of thousands of small to medium sized businesses in the US.

I LOVE DD-WRT (3, Interesting)

celardore (844933) | more than 8 years ago | (#16188247)

I rent a housemate cable internet, which we had terrible problems with before. The problem is a bad cable causing a load of bad packets to 'clog' the router. It is the only cable long enough I have though, but the DD-WRT firmware worked a treat. It does allow some cool features, such as increasing the number of IP connections from 512 (the default) to 4,096 which is ideal for p2p. You can also boost wireless power from the 28mW default to 250mW+. Anyway, my problem with it clogging up was solved by setting up a cron job within the router so that it reboots at 5am each day. Not ideal, but the solution works until he gets off his ass and finaly buys a wireless card.

Re:I LOVE DD-WRT (0)

Anonymous Coward | more than 8 years ago | (#16188351)

the problem is a bad cable causing a load of bad packets to 'clog' the router. It is the only cable long enough I have though

Cable is cheap. Buy a new cable.

Or buy a cable spool. A thousand feet of cat5 will cost less than $60.

Re:I LOVE DD-WRT (1)

celardore (844933) | more than 8 years ago | (#16188477)

Cable is cheap, but I don't need to buy it. I have no use for it, I have plenty of ethernet cables that are adequate for my own purposes. I told the guy I sell internets to that he's welcome to buy a wireless card that will actually give him better performance, as proven when I borrowed a wireless MIMO USB card for him to use temporarily.

Part of the problem with the cable is that it *has* to be jammed in the corner of my fire door to my rented flat (so no property modifications like drilling). Which damages it a little more everytime I close the door. That said though, it has been running for months with few problems, with the exception of the automatic router reboot every day.

Celardore

Re:I LOVE DD-WRT (1, Funny)

Anonymous Coward | more than 8 years ago | (#16189071)

I told the guy I sell internets to...


So YOU'RE Senator Stevens' roommate!

Re:I LOVE DD-WRT (0)

Anonymous Coward | more than 8 years ago | (#16189749)

If you love DD-WRT you should definately check out OpenWrt (www.openwrt.org) - adds the same features as DD-WRT and more, with more flexibility better performance.....and higher geek-factor ;-) http://www.macsat.com/ [macsat.com] also contains some examples on what you can do with OpenWrt.

ASICs (3, Insightful)

Rekolitus (899752) | more than 8 years ago | (#16188251)

This seems to be an entirely software router that just runs on a standard x86 machine.

Isn't half the point of buying a dedicated-hardware router that you get ASICs and whatnot that do the job faster than software?

Re:ASICs Issues (1)

mpapet (761907) | more than 8 years ago | (#16188915)

get ASICs and whatnot that do the job faster than software

I agree with you in principal(sp?) but I have a question:

As we upgrade some machines, I've got dual cpu (1.5ghz =/-) and 2+GB RAM being replaced by dual cores. Would server hardware be able to handle as much, if not more than the cisco asics (2800's mostly) I've got?

I get a damn good router for free. And I've got a spare parts inventory + redundancy. What am I missing?

Re:ASICs Issues (1)

Shaman (1148) | more than 8 years ago | (#16189007)

Fully depends on the load you plan to place on it. If you're using something with custom ASICs, it's probably a multi-gigabit switch and you're not going to beat the performance of one of those with any off-the-shelf hardware. Mind you, if your target is a Cisco 2924, then go for it... they'll only handle a little over 1Gbps of actual switched traffic...

Re:ASICs Issues (1)

silas_moeckel (234313) | more than 8 years ago | (#16189721)

OK first of 2800 series routers realy dont have much in the asic department they realy are software routers with some asics avalible to speed up things like crypto. Realy a PC can deal with just about anything that a sub 7200 can handle. Latency might be a bit higher but that could be solved with some firmware as x86 procs are not happy dealing with gigabit speeds and min MTU sized packets due to the number of interupts generated, now I would not want to do that with a 2800 either.

The problem with PC's is more that the only inferfaces that you can get are ethernet and if your going to compare a PC to a 65xx series switch it's going to get burried of course it also costs 10-20 times more than a good pc server.

Now a 3550 that has an EMI image would be the closest thing to a PC it's about 4-7k with 24 fast e ports or 12 gig ports the server your going ot need to route 24 gigs of traffic is gong to cost more than that from a Dell or HP as your talking about a lot of slots (5 2 port gig cards plus the onboard pair) and is going to need 3GB a sec of backplane and memory access just for traffic and I dont even want to think about the interupts per second.

Cisco has it's place and it's not low density localy manged 100bt routing.

Re:ASICs Issues (1)

Score Whore (32328) | more than 8 years ago | (#16189965)

Would server hardware be able to handle as much, if not more than the cisco asics (2800's mostly) I've got?


You are ignoring the other half of the equation. Specialized hardware typically requires less power to do a given task than general purpose hardware to do the same task. Ie. a 600 Mhz P2-generation Celeron + Hauppage PVR150 MPEG2 encoder with 192 MB RAM that sits at 97% idle while converting analog tv to 720x480 MPEG2 vs. a 2.2 Ghz Athlon 64 X2 with 2 GB RAM that cannot convert analog tv to 720x480 MPEG2 in realtime.

So, yeah. It is very likely that a high-ish end PC will be able to compete evenly with a low-ish end Cisco router, but you're going to pay more in power. More than you'd pay up front? Dunno. But if your business relies on your net connection being there and working properly, then I'd go with the Cisco, solely for the fact that Cisco has motivations to make sure their shit works that OSS developers don't.

do NOT modify the hardware - or it may cost you (-1, Flamebait)

Anonymous Coward | more than 8 years ago | (#16188255)

Modifying the hardware with open source softwares will probably put you violation of the DMCA - do NOT do it, it isn't worth the risk - and I should know, I'm an attorney with a major IP law firm here in NYC.

Many of these hardware vendors are actively seeking out people who use open sources codes to modifying their hardware and having the FBI kick down their door. These guys are playing hardball - I suggest you leave your hardware as it came in the box, and if you need more functionality - BUY the better hardware.

No free rides in this world, guys.

Re:do NOT modify the hardware - or it may cost you (2, Interesting)

Rekolitus (899752) | more than 8 years ago | (#16188305)

Huh? What?

It's my hardware. If I buy a Cisco router via eBay, you're telling me I'm not allowed to put Linux on it if I can figure out how?

Re:do NOT modify the hardware - or it may cost you (1)

Vlijmen Fileer (120268) | more than 8 years ago | (#16188857)

Well spoken. Not everybody (in fact, almost nobody) lives in dickhead DMCA coprrupted USA.

Re:do NOT modify the hardware - or it may cost you (2, Interesting)

blackbear (587044) | more than 8 years ago | (#16190035)

According to Cisco it is in fact your hardware, but it's still their software, and you can't sell it or transfer it.

This bit me a couple of years ago when I bought a 2611 on e-bay, and wanted to put the latest security fixes on it. Not being Cisco certified, I contacted Cisco to find out about getting or purchasing updates. I was told that my router was "gray market" and that I would need to buy another license for it.

"How much is that?", I asked.
"$1500.00."
"Holy shit!" (hangs up phone, lest they send the software gestapo.)

I had my lawyer review the license agreement that happened to be included in the box. He concurred. I was screwed if I wanted to use this router legimately.

I have the money to buy as much Cisco gear as I need, but this pissed me off so much that I haven't bought any since that day. Nor have any of my customers.

Cisco is not the only game in town, and they aren't the best any more. The people saying they are; either are not looking, or don't know anything else. Cisco just seems to be the only company with a product line extending from the very low to the very high-end.

Free rides fo rall (-1, Flamebait)

Anonymous Coward | more than 8 years ago | (#16188345)

No free rides...well, that isn't true. You can cheat and steal your way inot all kinds of free rides. Your neighbor's unscured LAN seems to be a popular free ride. How about welfare...uh oh...that's flaimbait...nevermind, scratch that last one...

Re:do NOT modify the hardware - or it may cost you (1)

celardore (844933) | more than 8 years ago | (#16188349)

The Linksys WRT54G firmware is released under the GNU GPL... That's like an invitation to modify it.

Re:do NOT modify the hardware - or it may cost you (1)

v3xt0r (799856) | more than 8 years ago | (#16188381)

Excuse me sir, can you please put down that glass (FUD) pipe.

Thanks!

Stupid lawyers (1)

nuggz (69912) | more than 8 years ago | (#16188421)

So you're claiming to be a lawyer, but I have a few questions.
Why post as an anonymous coward?
Are you violating your client confidentiality with the parent post?
If I wipe their firmware (which I have a license to use) how am I violating their copyright?

Re:do NOT modify the hardware - or it may cost you (1)

Skapare (16644) | more than 8 years ago | (#16189009)

Your understanding of technology is obviously zilch, zippo, nada, nothing. And that leaves me with the feeling that your understanding of law is also generally diminished. And I presume you've never changed any software on the PC you own?

English, please! (1)

Goaway (82658) | more than 8 years ago | (#16188283)

Can we have that article again, this time in English, please?

TWO consultants agree? (1)

cosinezero (833532) | more than 8 years ago | (#16188379)

Two unknown consultants decide that Cisco sucks?

If we were to judge solutions based solely on the word of two-or-more IT consultants, we would have "enterprise solutions" with MS-ACCESS backends, with a "robust" monthly backup to .TXT files on floppy.

Seriously, the holes in this article are big enough to park a datacenter full of Cisco hardware in.

Speaking as a fulltime Free Software zealot (0)

Anonymous Coward | more than 8 years ago | (#16188387)

I'm afraid I have to say that no real network engineer would use Linux (or even BSD, which is a better routing platform - that's why Quagga and Zebra were born and remain most comfortable on BSD) anywhere near the core or backbone. Sure, a drop-and-forget appliance will do for a branch office or a retail outlet - but you could use an $80 Netgear desktop switch in the same application and save yourself a lot of time and grief. Meanwhile, real network engineers - those running BGP and counting throughput in Mpps/interface - will continue to use real routers from Cisco (and Juniper for the more daring of us.) The problem's not the software, it's the hardware. When you can plug multiple 48 10GE linecards into a toy platform, post a story on Slashdot. Until then, stick to IOS for routing.

Re:Speaking as a fulltime Free Software zealot (0)

Anonymous Coward | more than 8 years ago | (#16189783)

This haughty attitude is quite common amongst self-proclaimed "network engineers".
The reality of course is that not many companies use 10GE, let alone would need anywhere near multiple 48-line 10GE interfaces on their routers.

Any reasonable network designer uses switches for the highspeed stuff, and recognizes that there is little point in having 10GE on the inside of their router when the outside is only tens or hundreds of megabit/s.

And at that rate, a Linux box can route and encrypt packets without assistance from exotic hardware.

* As long as we're not switching half the U.S. (2, Insightful)

mpapet (761907) | more than 8 years ago | (#16188441)

Summary: Works great, supposed problem sounds like it was a driver issue more than an application issue.

Reads like a well-placed article-vertisement.

The "as long as we're not switching half the US" comment are the one's I grow tired of. It's a well-wrapped insult.

I'm not saying Linux is the best tool for routing half the nation, but the comment points out some things that do prevent more linux adoption.

1. "free" is not as good as something I paid for
2. Don't fsck with the status quo.

I admin a company 100% cisco routers/firewalls and I know for a fact Linux can do what gets done.

I'm not going to tell the boss to "just" switch or evangelize too much because of the social/economic implications of doing so may impact my future. I like my employer, they like me, so when we need another router, it's a cisco. I am personally disappointed by this, but I think it explains why innovation takes -so- long to come to the data center. (at least in the U.S.)

Let's not forget that cisco can fire most of their software devs and use a linux-based router project if it ever got close to competing with some Cisco products. Does that qualify as innovation? I'd say no. It's not cheaper or better.

Re:* As long as we're not switching half the U.S. (0)

Anonymous Coward | more than 8 years ago | (#16188909)

I think routers are one of those things where "No one ever got fired for buying Cisco." and I think its one of the few areas where it makes sense.

Networks these days are vital to most companies. Few companies can get anything done if they don't have their networks up and running. So if you have a linux box that goes down or crashes causing tens or hundreds of thousands of dollars worth of lost revenue or productivity, no one is going to commend you for saving a $50k by going w/ a linux+PC solution as opposed to a CISCO solution, and you will probably get fired.

It is a sad fact of life that IT is a cost center, and often IT departments highest level of performance is "didn't f$%k anything up." Most IT workers don't get their name heard by upper management until they F something up.

If I was a network guy, I would whole heartedly recommend a Cisco box without any qualms whatsoever. The downside risk is huge, and the upside is small.

Advertorial (2, Insightful)

HKcastaway (985110) | more than 8 years ago | (#16188475)

It is great that someone is out there tyring to put some preassure on Cisco however this company is not it. I think the average Linux installation with NAT is a bigger threat that this project.

PC hardware is a joke, slow backplanes, limitation on how many interfaces you can plug in. On the techspecs the number of interfaces types they use is well very very limited. Then reliability of PCs a joke compared to a Cisco box.

Where is this product used?
- Is this a bloated replacement for the US$20 taiwan PPPoE router you can buy? The taiwanese will beat it on TCO hands down on power consumption.
- Is this for the edge of the network to service downstream customers? Why part away from the thousands of installations which live, have predictable and very proven track record of something like a Cisco 7200VXR..

The article (Advertorial) is nicely skewed as making Cisco seem expensive. Go on ebay and look for Cisco routers with FE ports, you can find them for a few hundred dollars. Or try to compare this with 3550 which will provide 24 ports with Layer 3 functionality for way below the US$2000.

I am tired of Cisco killing products off when they feel like it.
They could go into the market of breathing new life into a product that is being cancelled by other vendors. Firebox II anyone?

Vyatta still need a strategy. period.

Re:Advertorial (0)

Anonymous Coward | more than 8 years ago | (#16189055)

Go on ebay and look for Cisco routers with FE ports, you can find them for a few hundred dollars.

You might be able to find some Cisco routers that have FE ports for cheap, but they can't route packets anywhere near the 100Mbps speed. I got a 3620 with a NM-2FE2W module for my 20Mbps fiber connection, and the thing can barely do 15Mbps. I ended up using m0n0wall [m0n0.ch] on a spare machine that can route MUCH faster than 20Mbps I currently need. I love Cisco equipment, it has great features, and very reliable, but for the performance you get with the low end stuff, the price is a joke. The 1800/2800 routers have better performance, but with all the software features they can get really expensive. Check out this [cisco.com] document for some realistic routing performance.

Re:Advertorial (1)

HKcastaway (985110) | more than 8 years ago | (#16189233)

Cisco does pump out "PIG" versions of their IOS specially if you load the latest and greatest. You will get poor performance out of them. Always go for older versions, stability, higher performance etc...

I've never maxed out 3640, so I don't have personal stats but know of one of the portals in HK a few years ago was running more than 20Mbit through a 3640.

No huge suprise (2, Insightful)

peterdaly (123554) | more than 8 years ago | (#16188485)

In or around 1999 I had a 1000 device network routing through a 133Mhz PC running Linux. The 133Mhz system practically thought is was sittle idle as it shuffled packets between three 100 megabit networks.

I'm not suprised at all that these Open Source solutions are on par with Cisco for many users. My only real concern would be support. At least back then (I have not dealt with them recently), Cisco had great support and would "own" network problem resolution in a way that made it worth paying their price.

Re:No huge suprise (3, Insightful)

macdaddy (38372) | more than 8 years ago | (#16188873)

There is nothing like calling Cisco TAC at 04:00. You get an Aussie TAC engineer that knows 1) you're network is seriously fscked up or you wouldn't be calling him at 04:00, 2) you've already removed what little hair you have from your head and your scalp is bleeding. The nightshift engineer is highly experienced in working under said conditions and is more than capable or resolving the problem. I've been in that position twice in the last month. All I can say is I want to move to Austrailia, mate.

I wish the SmartNet prices were a little more reasonable. They should cut the prices dramatically for the lower-end 8x5x4-day replacement support so that more people can afford it. This would be a solid recurring business for Cisco whereas only a small percentage of Cisco customers bother buying support nowadays.

Re:No huge suprise (1)

nuintari (47926) | more than 8 years ago | (#16188889)

So, you have a couple of subnets, all through one central router that has one default route, so your routing table has what? All of four entries? And you think this proves that a PC can beat a 'real' router?

Sorry, that just doesn't need much power to work. Try adding in OSPF, and some redundant links into your internal network. Get a second ISP and become multihomed, run BGP and add all 194,000+ entires from the global routing table into the mix, watch that P133 slow to a crawl.

Software routers handle everything on the CPU, the reason 'real' routers work in enterprise scale enviroments is because they do not. The CPU handles BGP and IGP topology changes, individual flows are routed directly on the line cards. Show me a PC based router that can do that.

Re:No huge suprise (1)

Shaman (1148) | more than 8 years ago | (#16189081)

You only get that kind of performance out of a Cisco when you spend big bucks. Really, really big bucks. You figure a quad-processor Compaq with same-day service is going to be more expensive than a big Cisco router with tepid performance these days?

Re:No huge suprise (0)

Anonymous Coward | more than 8 years ago | (#16189605)

High end Cisco routers aren't about CPU horsepower, they're about specialized I/O hardware that keeps routing from having to *bother* the processor.

in other news (4, Insightful)

atarione (601740) | more than 8 years ago | (#16188529)

a small truck can replace a semi truck.... if you are moving small amounts of items.

Linux on WRTs and such. (0)

Anonymous Coward | more than 8 years ago | (#16188531)

The Linux on WRTs and such is not at the same league as Cisco or other specialised OSes on their own hardware.
Home user may see that it seems to do the same thing, but this is still far from the reality.

Support, Support, Support (5, Interesting)

bstory (89087) | more than 8 years ago | (#16188545)

Ok, I haven't looked at the performance numbers, but as a network administrator of a medium sized corporate network I could care less. Whether it be Cisco, Juniper, Nortel or 3Com the difference is in the support. When my wan interface or network interface dies at 2am I don't think anyone from the OSS community is going to have a parts depot within 4 hours to fix the problem. I also don't see 24x7 tech support phone numbers manned by volunteers anytime soon. Vendors don't make the money on the hardware, they make it on services and support. I love OSS, but Linux and OSS are not the magic pill for everything.

Re:Support, Support, Support (2, Informative)

HKcastaway (985110) | more than 8 years ago | (#16188659)


You also forgot to mention the fact that the likelyhood of a hardware failure on a PC to a Cisco unit is like 20:1 (for most products).

Cisco has a far fatter margins on the hardware than PC vendors and can provide a much higher quality product, can afford to underclock the machines for higher reliability etc.

Re:Support, Support, Support (1)

SaDan (81097) | more than 8 years ago | (#16188821)

I would think that with the money you save using the Linux based solution, you could afford to buy a spare card or two. Who in their right mind wouldn't?

We use Cisco stuff, and we have spare routers, switches and firewalls because even Cisco's reponse time is too slow for our needs. We also have Linux based networking hardware, with spare hardware.

Re:Support, Support, Support (1)

bstory (89087) | more than 8 years ago | (#16188927)

Well considering that I'm not in all 10 of my locations it's nice to be able to call Cisco and have their technician come out since we don't have IT presence everywhere.

Re:Support, Support, Support (2, Insightful)

LWATCDR (28044) | more than 8 years ago | (#16188813)

I tend to agree with you but...
With the cost of commodity PCs these days you could probably have an entire second router on hot standby for the cost of a single year's support contract.
If it is a T-1 then just move the cable over. If it is an Ethernet connection the fall over could be entirely automatic http://linux-ha.org/ [linux-ha.org]
You will also have a trade off of in house time to test and configure vs just buying Cisco.
Of course their are times where generic hardware will not cut it. However this does offer some interesting options to a off the self router.
Dedicated hardware will always be faster but software offers a great deal of flexibility.
With cheap duel core 64 bit hardware just how fast can a software router be today?

Re:Support, Support, Support (1)

HKcastaway (985110) | more than 8 years ago | (#16188931)

who cares how fast the 64bit dual core is?

Does a PC have the backplane to move 32/80/120Gbit/s?

Can it distribute the routing tables to the different interfaces so that switching is done at the card level not at CPU level? Oh wait you have a 64bit cpu so you don't care, but doesn't that mean that the data will be once more on the PCI bus of the machine, which is not designed for switching?

It is not just cpu that matters, you need the right architecture, which the PC does not really have.

Re:Support, Support, Support (1)

LWATCDR (28044) | more than 8 years ago | (#16189601)

As I said, there are times when you just move up to custom hardware.
32/80/120Gbits? Yes you would have to have a dedicated router that costs big dollars but then it would probably be cheap compared to the cost of the connection.

However not that many companies can afford or need a 32GBit Internet connection and yes your right I can not think of any PC off the top of my head that could handle it.

However for 100 MBit connections or maybe even for 1GBit connections a PC based router could be just the ticket. There is a lot of space under your 32GBit connection that a PC based router could handle just fine and dandy.

Just like I do not think that FOSS can provide a solution for every market I don't think that FOSS combined with COTS PC can route a 32GBit connection yet. In a few years from now maybe, but then you would be correct in pointing out that a PC just can not handle that 4 TBit connection your custom router can.

Re:Support, Support, Support (2, Insightful)

macdaddy (38372) | more than 8 years ago | (#16188925)

Well said. This easily says 80% of what needs to be said. Without support you have an OSS space heater at 02:00, assuming it will power up at all.

Re:Support, Support, Support (0)

Anonymous Coward | more than 8 years ago | (#16189303)

"When my wan interface or network interface dies at 2am..."

You go grab your contingency hardware and install it. What, you don't stock extra hardware in the event of an emergency? It must not be important then if you don't.
 

Re:Support, Support, Support (1)

teh_chrizzle (963897) | more than 8 years ago | (#16189575)

let me start by saying you're right. according to every firmly established idea in network engineering, you are right. routers built from PC parts and linux or openBSD are based on new ideas that challenge the establishment. they are based on an idea that has yet to be proven right, or proven wrong.

When my wan interface or network interface dies at 2am I don't think anyone from the OSS community is going to have a parts depot within 4 hours to fix the problem.
the argument for routers made from commodity parts is that if your WAN interface is just a NIC, you could have a box of replacement cards sitting in box next to the router just in case. in that case, your fix happens 4 hours faster than the mightiest of depot logistics. in that scenario, an identical router built and configured and waiting in the wings is the only thing faster. it's easy to have hot spares when your boxes are $500 each, and not $2000. that's the argument, anyway. i've never seen a PC based router used outside of someone's house, but that's not to say they aren't out there in production somewhere.

I also don't see 24x7 tech support phone numbers manned by volunteers anytime soon. Vendors don't make the money on the hardware, they make it on services and support.
if what you are really paying for is support, why not buy/build cheap commodity stuff and pay for top notch support? while i don't personally know any open-source-router-gods-for-hire, there have to be some out there or there wouldn't be so many open source router projects.

if anything, using an open platform means you can choose a support plan from a vendor that is right for you, rather than settling for what you get when you buy a brand name. if you get mad at cisco for shipping yet another router with no IOS, where are you going to turn to? will foundry help you configure your empty cisco box? those magic serial config cables that cisco guys use can be tough to come by in an emergency, but a floppy disk, keyboard and a monitor are easy.

of course the community isn't going to answer the phone in the dead of night for free, but if your problem is common, the answer is probably sitting in an FAQ or a forum somewhere right now and you'll be able to find it faster than logging a ticket with a disembodied callcenter in another hemisphere. if it's not common, and does require heavy wizardry, paying the right person not only helps you, but can help the community as well.

in the end, which is a better value, a VAR that adds value to an expensive product, or a VAR that adds equal value to an inexpensive product?

Huh, Samba file sharing? (3, Insightful)

IpSo_ (21711) | more than 8 years ago | (#16188557)

"The feature set was comparable to your standard Cisco router," Knox said. "They were offering translating, gateway capability, Samba file sharing, VLAN trunking to 11q ... it really looked like a corporate-level router," he said.

Since when do "corporate-level routers" offer samba file sharing? This seems like the LAST thing I would ever want to put on a router. The only thing I could possibly see Samba being useful for is downloading log/config files. But on a router that is kinda scary, SCP seems much more secure and just as useful.

Open source routing is definitely an option now though. Over 3 years ago the web hosting company I worked for swithced out their Cisco routers that couldn't handle the slighest DDoS attack for a couple AMD based Linux boxes that could easily handle wirespeed DDoS attacks with ease. Not to mention they were a fraction of the cost.

Re:Huh, Samba file sharing? (0)

Anonymous Coward | more than 8 years ago | (#16188745)

Why waste the 70GB or so of left-over disk space. Since this machine is on both networks, I would do something like use it as net host for installing applications from.

Re:Huh, Samba file sharing? (1)

HKcastaway (985110) | more than 8 years ago | (#16188831)

They can also use Cisco PIX's which run on AMD cpus and handle DDoS and also can automatically fail over when used in pairs.

This is a good thing? (1)

fiendy (931228) | more than 8 years ago | (#16188721)

It was my understanding that Cisco was the best network hardware manufacturer out there, but after having 3 linksys routers die on me in the last 5 years (one a week out of warranty coverage). I won't be going anywhere near linksys again.

My buddy just lost one as well.

Re:This is a good thing? (1)

HKcastaway (985110) | more than 8 years ago | (#16188797)

I suggest you buy Cisco next time, not Linksys.

When comparing the products of the two companies in say Wifi routers, Cisco Aironet (even though it can't be reflashed for Linux), is a far superior product to the Linksys equivalent in terms of quality, configuration etc.

Re:This is a good thing? (1)

theelectron (973857) | more than 8 years ago | (#16188969)

Hate to break it to ya, but Cisco only bought Linksys 3 years ago, so you probably can't put all of the blame on Cisco if you had some of those routers for 5 years or so. Also, if you kill them that fast, are you sure it's not an environmental factor like overheating?

Re:This is a good thing? (1)

fiendy (931228) | more than 8 years ago | (#16189647)

Nah, standard residential use of the 4/8 port routers. Heat wouldn't have been outside of normal operating temps.

I was aware that Cisco only recently bough linksys, but at any rate, I still won't be buying them again, since I've had nothing but trouble with them.

Re:This is a good thing? (1)

HKcastaway (985110) | more than 8 years ago | (#16189865)

Try Cisco, not Linksys.

So... a Cisco router as good as a Cisco router? (1)

Kenja (541830) | more than 8 years ago | (#16188779)

Hate to break it to ya, but Linksys is owned by Cisco.

Re:So... a Cisco router as good as a Cisco router? (1)

HKcastaway (985110) | more than 8 years ago | (#16189313)

General Motors owns many car companies. Are all General motors of the same quality as a Cadillac?

Re:So... a Cisco router as good as a Cisco router? (1)

Kenja (541830) | more than 8 years ago | (#16189485)

A Linksys router being as good as a Cisco router is like saying a Cadillac is as good as a GM car.

My Linksys is a router with a Cisco logo on the front, is that not a Cisco router?

Re:So... a Cisco router as good as a Cisco router? (1)

HKcastaway (985110) | more than 8 years ago | (#16189573)

As you said it is Linksys with a Cisco logo on it. Buy Cisco if you want Cisco.

Re:So... a Cisco router as good as a Cisco router? (1)

myz24 (256948) | more than 8 years ago | (#16189603)

The more appropriate question is, is Cadillac of the same quality as any other GM product.

Since when ... ? (1)

MrNougat (927651) | more than 8 years ago | (#16188947)

Since when do we listen to "users?"

You're buying the hardware (3, Insightful)

thesandbender (911391) | more than 8 years ago | (#16189093)

I use Debian at home for a general purpose router and firewall and it is very flexible. There have been times when I've been tempted to deploy it as a small/medium business router in lieu of cisco but it's not just about the software, it's about the hardware as well. For a reliable system you need reliable parts... which are more expensive... preferable a cpu with a low thermal dissipation but still fast enough to handle the load, which is going to cost you money and either a RAID system or (ideally) a flash based storage system, which is going to cost money. You can build a system that will beat Cisco's cost/feature set easily. Building a system that can compete on cost/mtbf ... not so easy... and generally just not worth the effort. The article referenced a "still servicable pc" ... which roughly translate into "a machine that we picked up from behind the receptionists desk and cleaned all the dust bunnies out of.... *shudders*

Re:You're buying the hardware (1)

HKcastaway (985110) | more than 8 years ago | (#16189495)

Bravo! The voice of reason spoke!

Re:You're buying the hardware (0)

Anonymous Coward | more than 8 years ago | (#16189709)

"Building a system that can compete on cost/mtbf ... not so easy..."

http://www.soekris.com/ [soekris.com] You can build reliable routers and bridges out of these assuming they are within range of your network traffic needs. And at their cost, you can have several on hand ready to go in the event of a failure.

Where should Vyatta go? What direction? (1)

HKcastaway (985110) | more than 8 years ago | (#16189443)

I think most points have been covered now.

I think the way we can help Vyatta is by giving them suggestions as to where they should go in the market.

What direction should they take in your opinion?

Best WRT54G/s Firmware I've found (1)

SweetsGreen (879364) | more than 8 years ago | (#16189669)

I actually just flashed my GS v1 to DD-WRT yesterday. I;ve tried many other firmwares...Talis/Freeman, Alchemy, HyperWRT. They all had the same problem when in client mode I would loose the wireless connection to the AP and would have to re-boot to get it to reconnect. DD-WRT is the only one that works without a hitch, although I noticed HyperWRT had faster thruput (when it worked). It also doesn't get clogged up like everyother firmware when using Bittorrent or P2p

Re:Best WRT54G/s Firmware I've found (1)

macsat (800634) | more than 8 years ago | (#16189983)

You should give OpenWrt a go (www.openwrt.org). It adds the stability of DD-WRT and the performance you know from HyperWRT. Really worth a shot !

Looks Cute. (1)

DoctorDyna (828525) | more than 8 years ago | (#16189997)

This package looks great, and I've got a couple of things to comment on that have been being said. Firstly, everybody seems to be talking about this like its some kind of CATOS/IOS ala Cisco replacement. They don't seem to be billing it like that at all, as far as I can tell. Of course, the dedicated "meant to do that" hardware solution from Cisco is going to be legions better than any software you can stuff on a PC.

Lets take the discussion where it probably should have gone, to the guys contracted to set up a network for a local law firm office, with 20 employees. Maybe a veterenerian's office that probably doesn't do that much business (dollar wise). It's the folks like this that might still need what a Cisco has to offer in features, but doesn't need what Cisco offers in capacity, and definatly not what they offer in cost. Considering how (it looks to be) well documented, I don't think that the contractor mentioned will have any problems supporting it. It's our bread and butter.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?