Slashdot Mirror

Yeah you would think more people would be using Juniper routers; however, I think they creepy-looking lady on their homepage is a deterrent.

A large number of providers offer IPv6 support today. NTT/Verio has been offering this as a Commercial Service for quite some time, as well as through the domestic provider OCN and the OCN DSL services. As the 6bone tunneled networks go away, there is ongoing native support being added to networks. IETF and other conferences have been supporting providers that offer native IPv6 services. Aside from the always behind the ball DSL/Cable providers in the edge provider space of multicast, IPv6, etc.. you can contact any of the Tier-1 networks to obtain IPv6 services. Likely for free and not out of the 3FFE space. Build IPv6 into your kernels, ask your service providers for IPv6 and encourage them to provide these to you for little/no additional cost. Juniper and Cisco routers currently offer IPv6 in their current software releases. Now that Cisco has acquired Linksys, hopefully they will assist in providing support for these services in the edge-router space.

Your "pentiums out of dumpsters" have a 1.3 gig backplane? When your hit by a bus, doesn't the new guy know what you rolled? Does your "Pentiums out of dumpsters" provide mission (revenue) critical services for your boss? Is your "Pentiums out of dumpsters" modular? Can you get support from "Bobs rubbish removal" when your boss ask you for Ether Channel support out of your "Pentiums out of dumpsters". Don't get me wrong. All Linux base here unless that Pentium is the road block. If your in love with unix based routers, Check out Juniper

The routers for the I2 backbone in the US are managed by the Abilene NOC at IUPUI. I went to a meeting about a year ago where they talked about setting up the Indiana GigaPOP and replacing all of the routers with Juniper T640s.

We had some Juniper M40 routers that had the A/C dripping on them for quite some time. Nobody knew for a long time... the routers were working fine even while taking on water!

We're talking about a software code upgrade on existing routers...

ISPs are utilizing either Cisco or Juniper in their cores (If they're using something else *chuckle*, it's time to change ISPs).

You can get IPv6 support from each company.

• Cisco
• Juniper

Why do people assume that this is going to require a capital investment?

It's no wonder you didn't sign your post.

I am experimenting with IPFW/DUMMYNET for bandwidth shaping, but using ipfilter for the firewall. A little more complicated, but I think it gives me the best of everything (I really like ipfilter, but it lacks bandwidth shaping features). This is for an ISP, so it will handle workstations and a variety of different servers. We use a PCI T1 card from Sangoma, and multiple port ethernet cards. This allows me to create a DMZ (or several) quite easily. The config, overall, looks confusing at first but really isn't.

Once it is fully implemented, I plan to publish the details (network diagram and config files). FreeBSD is perfect for this task.

BTW- for the curious, what I describe is a poor man's Juniper switch.

I am experimenting with IPFW/DUMMYNET for bandwidth shaping, but using ipfilter for the firewall. A little more complicated, but I think it gives me the best of everything (I really like ipfilter, but it lacks bandwidth shaping features). This is for an ISP, so it will handle workstations and a variety of different servers. We use a PCI T1 card from Sangoma, and multiple port ethernet cards. This allows me to create a DMZ (or several) quite easily. The config, overall, looks confusing at first but really isn't.

Once it is fully implemented, I plan to publish the details (network diagram and config files). FreeBSD is perfect for this task.

BTW- for the curious, what I describe is a poor man's Juniper switch.

Linux Magazene's Last months Issue has a very comphrensive overview. As well as the following sites.

Solaris 8 Faq
IPng Overview
Juniper's Perspective

For those in the "Know" BSD has had V6 compliance for quite some time now. OpenBSD, NetBSD and FreeBSD all support it but OpenBSD will install v6 by default due to it's added security mesaures.

By the way, "IT's all infrastructre?!" A statement that those of us whom actually provide said "Infrastructure" make it seem simple much like magic, it's seamleass and it works well than it's abvoiusly a testament to those that put "it" together.

IPv6 will often be refferd to as IPng in earlier documents.

For those of you whom think "Well I should just plug in to v6 and I'm there." I have only one though; Ignorance is bliss and there are a lot of blissful people out there.

Does that mean that JUNOS is the sixth BSD?

Cisco released IPv6 IOS images back in June with IOS 12.2(2)T. Note that this was the first commerical release, there was a earlier EFT release about for quite some time that served as a beta. The major features are there: IPv6 routing, support for stateless autoconfig, IPv6 address family support in MBGP, support for RIPng. No other routing protocols yet.

You can check out Cisco's IPv6 page for more information.

Juniper also has IPv6 available, here how to configure IPv6 on JUNOS 5.1.

• 3com - no listings (no support???)
  
• Cisco Systems
  
• HP - no listings in network equipment
  
• Juniper Networks - OS support
  
• Linux IPv6 HOWTO
  
• Lucent - interesting
  
• NetBSD IPv6 docs
  
• Windows XP - Installing IPv6
  
• RFC 2492 - "IPv6 Over ATM Networks"
  

The problem was manifold. The managers did not want to spend money on another security guard and employees rebelled at the thought of losing their "privacy" to security cameras. The only major breach of security could of been prevented with a 60 year old physical security guard when 6 arab men almost made off with a M40. The thing was 10 feet from the door when the person monitoring the cameras finnaly wised up and realized they were not supposed to be there. Only then did we get physical security after 9:00pm (when you need it most).

You're not very aware. Cisco Foundry Juniper [fill in the blank here]

Humans don't even have to setup the LSPs. Signalling protocols such as RSVP-TE or CR-LDP can be used to do the setup automagically based on the IGP path or using constraint-based criteria such as reserved bandwidth, desired latency/jitter characteristics, etc.

RSVP overview from Juniper

CR-LDP overview from Juniper

Humans don't even have to setup the LSPs. Signalling protocols such as RSVP-TE or CR-LDP can be used to do the setup automagically based on the IGP path or using constraint-based criteria such as reserved bandwidth, desired latency/jitter characteristics, etc.

RSVP overview from Juniper

CR-LDP overview from Juniper

No. The common thread is hardware. You mentioned routers, switches, servers (running NT and Solaris), etc.

Juniper routers use an OpenBSD based OS (JUNOS) as the kernel of their software (as well as an Intel-based PCI platform routing engine as hardware). This reduced development cost and time of their products, but the list price is as high or higher for similar Cisco products.

Why?

Network equipment vendors manufacture hardware and are therefore subject to economies of scale. If Cisco ships 10 times as many 12000s as Juniper ships M40s, guess which one will be cheaper to manufacture?

Another factor driving up hardware costs is the limited customer base for this sort of equipment. What is the market demand for 10Gbps routers?

Of course if you want to run open source software on specialized hardware, that is possible too. For instance, you can run Linux on a Cisco 2500, if you are an open source purist. It would be unlikely that this will significantly reduce the cost of owning and deploying a network, however.

No. The common thread is hardware. You mentioned routers, switches, servers (running NT and Solaris), etc.

Juniper routers use an OpenBSD based OS (JUNOS) as the kernel of their software (as well as an Intel-based PCI platform routing engine as hardware). This reduced development cost and time of their products, but the list price is as high or higher for similar Cisco products.

Why?

Network equipment vendors manufacture hardware and are therefore subject to economies of scale. If Cisco ships 10 times as many 12000s as Juniper ships M40s, guess which one will be cheaper to manufacture?

Another factor driving up hardware costs is the limited customer base for this sort of equipment. What is the market demand for 10Gbps routers?

Of course if you want to run open source software on specialized hardware, that is possible too. For instance, you can run Linux on a Cisco 2500, if you are an open source purist. It would be unlikely that this will significantly reduce the cost of owning and deploying a network, however.

Alright.. so first off, this isn't news. Anyone following the NANOG list knows that the routing table is increasing exponentially with the rest of the internet. There isn't anything that can be done about that, realistically. The aggregation Nazis will scream day and night that they can fix the Internet if you would just let them aggregate things properly. Fine, but that would require a total renumbering of the internet, so it isn't at all possible with IPv4, unless everyone out there really feels like renumbering every machine on their network with a publicly addressable IP. Think about that for a minute. They'll scream that they can do it without renumbering, but they're wrong. The routing table is an intricate mesh of advertisements and if everything was aggregated, nothing would work right. BGP's first method of selection of routes is the longest match rule, whereby when you're choosing a route to pass traffic on, you choose the most specific advertisement, eg choose a class C rather than a class B advertisement. If everything was aggregated into /20 or larger blocks, there would be no practical way to load balance traffic in a multihomed environment (when you have transit through more than one ISP).

And secondly, BGP isn't the cause for the routing table growing, it is the cure. There is no way we would still be using IPv4 without BGP. It saved the internet by introducing classless routing.

The answer to this is simple.. upgrade, upgrade, upgrade. There are routers out there that can handle far more than the internet has to throw at them right now.. it's just that Cisco doesn't make them. Juniper does.. check them out. They built a router off some sweet hardware and BSD. You can type 'start shell' in the router and drop to a BSD shell, and they have the route processor to chew through a routing table many times the size of our current table.

ISPs need to keep up with the growth and upgrade their routers, or they will have problems. Much of the instability of the 'net is due to that now, routers get overloaded and reboot and cause all kinds of churn in the network, which overloads other routers, which reload.. you can see the cascading effect. The ISP I work for had to upgrade all of our older routers to 128m of ram and newer route processors.. if all the ISPs did this, there would be no routing table problems. They just don't want to spend the millions they need to to upgrade their infrastructure, unless the users start screaming. So start screaming at your ISP! (unless it's mine. ;)

//Phizzy

Have a look at the Junipe r White Paper about JunOS. Yes, it's FreeBSD, but the TCP/IP stack was completely gutted and replaced. If you go through the paper, there are a number of other areas where it differs from standard FreeBSD, too.

I'm a FreeBSD fan, but I'm interested in the truth, too!

Also, don't forget that Juniper do contribute stuff back to the FreeBSD code base even though they don't give the whole OS away for free. Which they couldn't do with a GPL-licensed piece of software.

-Dom

Actually, the OS on a gigabit switching router (GSR) doesn't really do much. No OS is going to actually keep up with 40Gbit/sec on modern processors, the real work is done by the hardware with the OS providing GUI functions and poking the appropriate hardware bits as needed. I'd guess that using Linux is going to do them more good from a marketing standpoint (riding on the current wave of hype) then from a technical one.

A similar product, the Juniper Networks M40 , uses a modified version of the FreeBSD kernel.

What can push that kind of bandwidth?

Nothing we have just now.

However it is "just" a bunch of 20Gbit/sec links we need to fill, so "all" we need is something to make use of 20Gb/sec, and to buy a whole buttload of them.

Let's see, I think Juniper's current product is (see http://www.juniper.net/products/m4 0-brochure.htm) capable of 2*8*2.5Gb/sec, or 20Gb/sec as a theoritical max. So in thery you could use a few racks of the highest capacity/highest density routers to drive one of these monsters. In practice I expect it would take at least another spin of Juniper's hardware to do it, but in realiaty they have time for another spin or three before this stuff is likely to be for sale anyway.

I guess we have just solved the "what can we build the backbone out of to support upgrading all the current modem connections to DSL" question...