Re: cheap MPLS router recommendations

[Robert Bays <robert () gdk org>]

> On Oct 26, 2020, at 11:51 AM, Eric Kuhnke <eric.kuhnke () gmail com> wrote:
>
> If we're talking about whitebox router and ipifusion, what we're really talking about is vyatta/vyOS and the linux 
> foundation DANOS stuff on an ordinary x86-64 server that has a weird shape.

Maybe tangential, but to be clear, VyOS is not equivalent to DANOS/Vyatta.  And DANOS is a subset of Vyatta.

VyOS is a fork of the second generation Vyatta code which used the Linux kernel as the packet forwarding plane.  
Control plane integration is based on a proprietary scripting language with bash shell interpretation.

The current generation Vyatta is for the most part a completely different system.  Some of the changes at a very high 
level:  Linux kernel based forwarding has been replaced with bespoke DPDK based software packet forwarding to improve 
features and performance.  Merchant silicon forwarding support was also added to be able to support hybrid 
software/hardware forwarding paths on the same box.  The control plane is a completely re-written event driven system 
using yang as the modeling language to improve features, ease of use, operation, and security.  The Vyatta routing 
protocol stack is proprietary.

DANOS is the open source version of current generation Vyatta, which makes up the bulk of the Vyatta code since AT&T 
released it to LF.  Active Vyatta development on the OSS is done upstream in github.  The major differences between 
Vyatta and DANOS are mostly due to licensing restrictions.  FRR in DANOS replaces the proprietary routing protocol 
stack in Vyatta.  Also, the merchant silicon integration in the DANOS forwarding plane currently only supports a 
limited number of Broadcom DNX based systems using OpenNSL rather than a proprietary SDK.

From a hardware perspective, Vyatta/DANOS supports hybrid software/hardware forwarding environments.  So you could 
install it on standard x86 system that looks like a server to enable software forwarding.  In this environment it has 
been tested to 100(s)Gbps depending on the hardware.  Or you could install it as a VNF in the cloud.  Or you could 
install on a merchant silicon based whitebox switch and get hardware based forwarding at the full Tb capacity of the 
merchant silicon chip.  There are install guides at danosproject.org <http://danosproject.org/> for those use cases.

There are also vendors that produce hybrid systems with large enough punt paths between the x86 SOC and the merchant 
silicon to support true hybrid environments where some features/forwarding are handled by the merchant silicon and some 
by the SOC.  One example, in a CPE device you may want local traffic routing and filtering services handled by the 
merchant silicon while IPsec is handled in software using DPDK on the x86 SOC.  

Vyatta/DANOS is deployed in production at scale in all of these footprints.  So it’s not just for weirdly shaped 
servers anymore.

-r