WANTED: ISPs with DDoS defense solutions

However, I would like to see Java or Other Language to run on the


(I know you can install and play Quake on one vendor�s boxes) but I mean
to do things really belonging to the router but so far I have yet to see

a vendor

to take programmable boxen (outside their own development) seriously.

Maybe it�s just too hard.

It's not hard at all technically. The hard part is that manufacturers do
not want to have to provide support for such flexible boxes when they have
such a hard time just dealing with the complexity of existing general
purpose routers. Current routers are trying to be all things to all
people. They have far too many knobs and their routing software runs on
far too many hardware platforms. If they let you run scripts on the box
itself, there would be a combinatorial explosion in complexity which would
make it a lot harder for the manufacturer's router gurus to help you.

But you can still build this yourself for some environments using
something like Click, the modular software router.
You may not be able to get the type of interfaces that you need because of
the need for driver support. Click simplifies the task by using Linux
device drivers but Click is not Linux and does not use the Linux kernel.
However you can integrate Click into a Linux system as a kernel module
rather like building a real-time Linux system
There are various manufacturers that make PCI WAN interface cards that can
be used in such boxes.

The real question is whether or not this type of build-your-own router is
feasible financially because of the small quantities involved compared to
a box manufacturer. And where in your network could you confidently deploy
such boxes when you know that you will have to support them yourself.
Personally, I think the most interesting spot to try these boxen would be
at the provider edge and the customer edge because it's not hard to think
up value-added services that could be provided by such boxes and generate
additional revenue.

--Michael Dillon