On Mon, Aug 11, 2008 at 01:14:53PM +0200, Marco Fretz wrote: > Johan Beisser wrote: >> On Fri, Aug 8, 2008 at 2:59 PM, phoenixcomm <[EMAIL PROTECTED]> wrote: >>> Hi Gang, >>> well heres my 3 cents, >>> first why use a stupid PC (any os) for routing...... REALY BAD jue,jue >>> brake >>> down and buy a old Cisco 7200, 7500, 3600 they are all very good >>> routers, I >>> used a 7500 for a while and now use a 3640 >>> i use pf as a transparent bridge behind my router.. and protects my >>> servers >>> I have 3 nics, (world, dmz, ssh) >> How odd. I know at least one site that runs all of their BGP off of >> OpenBGP on OpenBSD boxes that are dedicated as routers. In all cases, >> these systems outperform the equivalent Cisco hardware for a fraction >> of the cost. > > Forget this. Cisco does CEF (cisco express forwarding) that's stream > forwarding in hardware. You don't have a chance to reach this PPS with a pc > / server based router (any os). And I don't think there is any equivalent > hardware for Cisco and other router vendors. Because only routing decision > is done in CPU / memory, packet forwarding is done on the "hardware > layer"... so you can't compare Cisco CPU / memory against PC cpu / memory > that's not fair :-) >
On the 3600, 7200, 2800, 1800 and everything else that is not a L3 switching router that costs over 100k everything is done in SW. Cisco CEF is nothing more then a fast path through the box that skips everything that is time consuming. It is still a software feature and everything runs over the CPU. Systems like the 7600 platform are able to do forwarding on the switch modules but unless you get the fucking expensive ones you have not enough cam space for a full feed. But it is not honest to compare a Cisco 7600 or other high end super expensive near line speed routers with a openbsd box that is surely inexpensive compared to those behemoths. > But software routers e.g. OpenBSD are cheap and work well. If you don't > need more than about 800Mbit/s throughput and you want to save some money > us software routers... but agree, with a good server hardware, intel nics, > dual core cpu, etc. you can get good performance out off a server based > router / firewall. > -- :wq Claudio
