Appliance Vs Software based routers

Tarig_Ahmed · July 25, 2010, 7:20am

Dear all

Greetings

I'm wondering why the software based router is not preferable in business even if they have high featured Processers, and high capcity of memory.

What is the main deferent between Appliance router and Software based routers?

thank you all in adavance.

Jack_Bates · July 25, 2010, 7:31am

Tarig Yassin wrote:

What is the main deferent between Appliance router and Software based routers?

I believe the main difference is the ability to handle features at line rate speeds. The more interfaces/speed + CoS/ACL, the harder it is for a software based router to keep up.

Jack

Adrian_Chadd · July 25, 2010, 8:21am

The official answer: commodity hardware doesn't handle all the features needed
at "line rate".

The (more often than not) unofficial answer: using a custom platform
raises the entry barrier for cloning/abuse/etc. It's a bit hard to
run your appliance MIPS software on an off-the-shelf PC; but it (used)
to be possible to run PIX software on a PC (and in a VM too, IIRC.)

Fun times,

Adrian

Valdis_Kletnieks · July 25, 2010, 2:30pm

Sorry, but you've gone wrong already. You can't ask "why something is true"
until you first establish that the something is in fact true. There are
*plenty* of businesses where a software based router is quite preferable due to
its lower cost and increased flexibility. Proof: How many "software-based
routers" (whatever that really means) has Cisco sold that are making their
shops very happy?

Owen_DeLong · July 25, 2010, 3:58pm

Most "Appliances" are small(er) software-based routers.

Owen

Nathan_Eisenberg · July 25, 2010, 4:07pm

I'm wondering why the software based router is not preferable in
business even if they have high featured Processers, and high capcity
of memory.

It may be helpful before proceeding if you provide some examples of each, so we can understand your definition of a 'appliance' vs 'software router'.

Best Regards,
Nathan Eisenberg

TGLASSEY · July 25, 2010, 4:24pm

They are all software based routers... It really shouldn't matter
whether an Appliance Application (i.e. some routing program is running
on a minimal runtime environment ) or a routing program is running as
part of an OS or as an Application on an OS. It is all Software until it
becomes silicon.

The only issue is how far off the metal you are and its not hardware
based routing really until there is no OS, no development environment,
no software involved right?

Todd

Nathan_Eisenberg · July 25, 2010, 5:00pm

They are all software based routers... It really shouldn't matter
whether an Appliance Application (i.e. some routing program is running
on a minimal runtime environment ) or a routing program is running as
part of an OS or as an Application on an OS. It is all Software until
it
becomes silicon.

The only issue is how far off the metal you are and its not hardware
based routing really until there is no OS, no development environment,
no software involved right?

As has been pointed out, hardware/appliance/software can be a highly semantic issue, at least for some people. OP seemed like a specific question couched in vague terms - I'd rather have a discussion about what OP was trying to accomplish than rehash "Vyatta as a BRAS".

What's specifically important is the distinction between an 'appliance' platform (like a MIPS or Cisco routing switch), and what I presume OP infers a 'software' platform to be (an x86 box running iptables or Quagga). In that case, I would tell OP that the PCI/PCI-e bus architecture isn't built to handle the rampant interrupts (or polling) that a real routing/switching workload generates. The bus controller is built/sized to pump data to and from a video card/IO controller/etc, not to ship Ethernet packets up to the CPU and back out again in 8 different directions. On the other hand, moving packets between 8 interfaces is exactly what a routing switch like a Cisco 3750 is built to do.

So, I wanted to retrieve the values of 'software router' and 'appliance' from OP to see if that's where he was going.

Best Regards,
Nathan Eisenberg

William_Herrin · July 25, 2010, 5:03pm

http://www.pagiamtzis.com/cam/camintro.html

Regards,
Bill Herrin

Laurens_Vets · July 25, 2010, 6:49pm

The (more often than not) unofficial answer: using a custom platform
raises the entry barrier for cloning/abuse/etc. It's a bit hard to
run your appliance MIPS software on an off-the-shelf PC; but it (used)
to be possible to run PIX software on a PC (and in a VM too, IIRC.)

Cisco PIX: no, Cisco ASA: yes. It even runs under VMware... It's however very hackish...

Mirko_Maffioli · August 4, 2010, 1:14pm

Cisco ASA under VMware??

Xavier_Beaudouin · August 4, 2010, 1:53pm

CiscoASA is based on x86, there is no reasons you cannot run this into VMWare or Xen...

Xavier

Daryl_G_Jurbala · August 4, 2010, 2:53pm

If that were the only qualification, PIX builds for the 515s would run under VMWare or XEN as well. Maybe they do, but I've never seen it.

Mike_Walter · August 4, 2010, 2:56pm

I assume the ASA's don't run natively on VMware or Xen, I assume you have to use something like GNS3. I think that would be fine for testing, but in real world production running an ASA on GNS3 under an another OS seems like a bad idea. I hope Cisco will come out with Virtual Appliances for some of their products like they did for the Nexus 1000V.

-Mike

Greg_Whynott1 · August 4, 2010, 3:06pm

it works, i see folks creating networks of hosts under ESXi protected by an ASA instance.. not for production. I'm sure its not legal but Cisco doesn't seem to have a strong stand on it, I'd think as long as you are using it for educational use and not commercial, they may not care a whole bunch.

What you can not do while emulating ASA is use encryption, no VPNs or otherwise. this is due to the fact the ASA units use hardware encryption, when the OS makes calls to the controller, it isn't there..

-g

Curtis_Maurand1 · August 4, 2010, 3:43pm

As long as VMWare's hardware (NIC , storage, etc.) line up with Cisco's. You still have to have drivers.

--Curtis

Greg_Whynott1 · August 4, 2010, 3:44pm

GNS is just a front end for dynamips/qemu. ASA will run under qemu without the use of extra wrappers/tools. it will run natively under vmware too. ASA is basically an application running above a linux kernel. I forget what the internal name is, lisa or similar…

-g

Lamar_Owen · August 5, 2010, 6:32pm

it works, i see folks creating networks of hosts under ESXi protected by an ASA instance.. not for production. I'm sure its not legal but Cisco doesn't seem to have a strong stand on it, I'd think as long as you are using it for educational use and not commercial, they may not care a whole bunch.

Much like Juniper's stance on Olive, perhaps?

What you can not do while emulating ASA is use encryption, no VPNs or otherwise. this is due to the fact the ASA units use hardware encryption, when the OS makes calls to the controller, it isn't there..

ASA, yes, but older PIX doesn't; google for 'frankenpix' to see more.

Cisco used lots of embedded x86 where it made sense to do so (lots of places: LocalDirector, Content/Cache Engines, PIX, SwitchProbe, IPTV, MCS, and others).