Andy, Running on a VM is better for us in the long term. We run all of our firewalls on VMs, so we need to get a robust and performant 10G traffic path through multiple VMs. We use ESXi now which does not give us as much control or visibility at the network layer. So the plan is to move to Ubuntu, KVM and OVS. This should give us more options.
I guess that I am then limited to how fast BIRD or FRR will run on a single core. Thanks John From: Andy Davidson <[email protected]> Sent: Thursday, June 29, 2023 3:52 PM To: John P Bourke <[email protected]> Cc: [email protected] Subject: Re: [uknof] Full table routers Hi, John Feels like quite a fragile implementation once you separate control from forwarding. Will's suggestion to not use a full table or Tim's suggestion to use PC routers feels way more robust. You can use these Aristas in applications in your network that don't need full table, and you can do 10s of Mpps on a pc router (see Pim from IPng's presentation https://www.swinog.ch/wp-content/uploads/2021/12/Pim-van-Pelt-IPng-Networks-Evolution-of-DPDK-Controlplanes.pdf ) Andy From: uknof <[email protected]<mailto:[email protected]>> on behalf of John P Bourke <[email protected]<mailto:[email protected]>> Date: Wednesday, 28 June 2023 at 21:25 To: Tim Bray <[email protected]<mailto:[email protected]>>, [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> Subject: Re: [uknof] Full table routers Hi I may have "an" answer. I think the Americans call this a "Hail Mary Pass". I have a bunch Arista 7150s, which are EOL and a disappointment. But I found this. https://research.kudelskisecurity.com/2015/10/01/hacking-arista-appliances-for-fun-and-profit/#comments The Arista runs a full Centos 7.6. You strip out the Arista BGP process and BIRD (or FRR I guess) and you have a route server. I say route server, because by pulling the Arista BGP process you have no interaction with the RIB. Thanks John BTW - Not dissing Arista. The 7150 is a bit of a unicorn in their portfolio, using a chipset from Intel which they bought from a startup, which Intel then dropped so Arista understandably did not put a lot of effort into beyond the High Frequency Trading use cases that this low latency switch is good for. From: Tim Bray <[email protected]<mailto:[email protected]>> Sent: Wednesday, June 28, 2023 6:56 PM To: [email protected]<mailto:[email protected]> Subject: Re: [uknof] Full table routers On 28/06/2023 10:27, John P Bourke wrote: Any recommendations for full table routers. We don't need more than 10G. I used Debian + FRR on HP proliants. With startech Nics with intel chipset. Unusual, but did the trick. Help that there was a whole stack of the same hardware running services in the same place. They take a while to boot, but you can make it faster and I think the newer variants are better. Software wise, takes a bit of getting used to. Sometimes conflict between FRR and what Debian wants to do for network setup. Also you can use CAKE :) Also run any scripts or monitoring you want onboard (like counting the BFD flaps per hour to watch the problems that go away and come back very quickly) See also distributions that bundle FRR more specifically for networking rather than a general distribution. -- Tim Bray Huddersfield, GB [email protected]<mailto:[email protected]> +44 7966479015
