Re: The Making of a Router

["Justin M. Streiner" <streiner () cluebyfour org>]

On Thu, 26 Dec 2013, Andrew D Kirch wrote:

> If he can afford a 10G link... he should be buying real gear...  I mean, 
> look, I've got plenty of infrastructure horror stories, but lets not cobble 
> together our own 10gbit solutions, please?  At least get one of the new 
> microtik CCR's with a 10gig sfp+?  They're only a kilobuck... If you can't 
> afford that I suggest you can't afford to be an ISP.

+1

Build-your-own routers are perfectly OK for a lab environment if you want 
to tinker with something, but I absolutely would not put an all-in-one box 
that I built myself in production.  You end up combining some of the 
downsides of a hardware-based router with some of the downsides of a 
server (new attack vectors, another device that needs to be backed up, 
patched, and monitored, possibly getting a new collection of devices and 
drivers to play nicely with each other, etc).

Doing this also requires all of the people in your on-call rotation to be 
experienced sysadmins / server ops, in addition to being experiences 
network engineers / NOC ops.  There are a lot of occasions with a server 
where 'just reboot it' can make a problem much worse.

Route servers running Linux or *BSD are another story.  There are many 
situations where they can be extremely useful, but they are not all-in-one 
route server/RADIUS/VPN termination/web server/user shell boxes.

jms