I work at a state REN and we are seeking a lead for a new edge device for
on prem deployment at customer sites.
We currently deploy two classes of routers-- a high end and a low end. Both
the high end and the low end use some of the standard edge features:
MPLS-TE, MBGP, flowspec, vrf, PIM, etc. We deliver full tables over these
devices to the customers that need them.
We recently finished a new ethernet procurement and have a large number of
sites (~200) moving from <1Gbps in bandwidth to 1-10Gb in bandwidth. Our
currently deployed low-end router can't handle these speeds and we can't
afford to place our high end router at 200+ sites.
So, we're looking for a middle tier router to deploy. Something with 2+
SFP+ ports, software that can handle the aforementioned features, and
something with an API that we can leverage for programmatic management.
So far we've not found anything that checks all the boxes. Layer 3 switches
seem like obvious choices, but lack some of the features and RIB/FIB we
need at the edge. Other devices like the Juniper MX5/10 certainly meet the
requirements, but are priced way beyond what we can afford.
Any suggestions for devices we might have overlooked? Preferably in the
less than 10K per unit price point. If such a magical device exists.
-Dan
Cisco ASR902 or Juniper ACX..
Woops, missed the full tables requirement there.. Never mind.
Is it a necessity to terminate the layer 3 at the edge? You could get a
10Gbps switch and move it all back to a central location where you have
your high end routers. It would then be terminated as a VLAN and be a
router on a stick kind of topology. Could be a cheaper way to do it without
taking MPLS all the way out to the edge.
As Tim said above, I too was thinking about the Juniper ACX. The 5048/5096
model could suit your needs. They are primarily designed as layer 1(TDM)/2
backhaul devices and i'm not sure they can do a full table. They do have
full JunOS MPLS features. Could be a way to use MPLS-TE to move the layer 2
back to a core location and terminate later 3 there. Would give you some
flexibility over just doing ethernet stuff as I mentioned in the first
paragraph.
Hamish
Mikrotik? I believe they support all these features other than maybe
flowspec, and you can get a box with a 10G SFP+ port for around $500.
Mikrotik for OS, and Hardware choice would be to use an X86 appliance (Lanner Electronics, Axiomtek etc)
You should be able to get a cost effective box that will meet your performance requirements.
As to feature set, while most of them are their you should do some testing to see if feature set meets your requirements.
Most folks often forget that Mikrotik is OS and they also make Hardware (a variety of sizes for a variety of needs), and the OS can be deployed on standard or custom hardware server or appliances.
You can always go the 'Custom' Linux Route, using x86 boxes with your own distro, too bad that Vyatta OS took a different route under Brocade..
Faisal Imtiaz
Snappy Internet & Telecom
Dan, The new asr920 by cisco would fit 4x10g SFP+ and 24 ports SFP or copper 1g line rate about 6 k list without license . You can leverage netconf yang model as its cisco edge or other flavor choice
You can unicast if you want more data as we've done EFI and evaluated them in our labs
Bob Watson
VyOS is a community fork of Vyatta and is still being developed very actively and it pushing ahead with many new features! It's pretty stable too imo.
http://vyos.net/wiki/Main_Page
Regards,
Tim Raphael
No MPLS though, if that is a requirement.
Correct. But hopefully not far off now that there are x86 packages for simple MPLS operations. With a bit of luck an RSVP or LDP implementation isn't far behind.
Regards,
Tim Raphael
Just sitting around whining and waiting for someone else to do the job
is nowhere near as effective as chipping in and helping... or funding
the efforts that exist.
I find this rather offensive as you clearly have no idea what I have contributed to the OSS community or more specifically to the VyOS project.
Among working, studying a masters degree and a little sleep to keep me sane, I already do what I can.
Tim
I find this rather offensive as you clearly have no idea what I have contributed to the OSS community or more specifically to the VyOS project.
Among working, studying a masters degree and a little sleep to keep me sane, I already do what I can.
My sincere apologies. At the time, that kickstarter was failing, and I
was mindblown that nobody had seen the potential of it, and I had
spent 3 days, trying to convince more people to throw in, as I had
already thrown in all I could.
My comment was directed far more at the universe than yourself and was
more in the context of my prior bufferbloat-related rant earlier in
the day, which I have spent 4 years on, mostly full time, and mostly
unpaid.
I am still sad that nobody threw in for that get one give one program
(who pays for the software engineers?), and that it took events like
heartbleed to get the LF´s core infrastructure inititative funded,
and, well, frankly, it is a long, long list of things that bug me that
have accumulated... that I will try to keep off this list.
Tim
Correct. But hopefully not far off now that there are x86 packages for simple MPLS operations. With a bit of luck an RSVP or LDP implementation isn't far behind.
So to return this to a more rational basis - why does an edge network
need MPLS in the first place?
L3VPN hand off is the only thing I can think of from the top of my head. But then, there would be no need to have a full table unless you had customers requesting a full table.
It sounds like the OP is looking for one device to do multiple roles where two/three different device types and/or sizes would fit better.
L3VPN hand off is the only thing I can think of from the top of my head. But
then, there would be no need to have a full table unless you had customers
requesting a full table.
Well my interpretation was that IPv4 address space had become so scarce that
other methods were becoming more needed even on the high end edge networks.
It sounds like the OP is looking for one device to do multiple roles where
two/three different device types and/or sizes would fit better.
But that seems more plausible.
I think e in ren is edu not edge
L3vpn or L2vpn for pseudo back haul or l2 extensions
State ren I assume to stand for regional education network so likely vrf would be public internet possibly Internet 2 , district traffic, maybe higher Ed access for night class and vice versa.
One way to achieve 10g mpls plus full table and stay under 10k you may be better served to break out pre-agg role for mpls and private L3 hand off and for Internet peering step a hop back and peer at agg with a heavy duty juniper or cisco box over a l2vpn extension to the CE
Yes, correct. And thanks for your work and suggestions.
I have one customer who needs an L3VPN for some shared private routes along
with a full table in inet.0. There are ways of accomplishing this
creatively but I'm looking for devices that can handle these types of
requests that permit us some level of sanity.
You’ll be looking at a Juniper MX or a Cisco ASK9K I think.
The MXs are targeted as being full-features edge routers. An MX5 will take a full feed just fine and do all the *VPN you want.
If you’re talking about multiple full feeds then you’ll need a MX240 with one of the higher-power REs for a decent reconvergence time.
You could possibly look at rolling vMX (if it's even available yet) on x86
hardware. It's licensed by throughput and feature set. If you are doing
L3VPN, I think you would need the advanced license. This may fit within
your budget.