Slashdot Mirror

• Zebra GNU Routing software (emulates IOS)
  
• Quagga (Zebra, but more up to date and maintained by people who accept outside input)
  
• BGPD - Supports BGP-4 and multi-homing.
  
• Motorola FT100 CSU/DSU (we had the ones with V35's on the back, and custom pinned cables to translate into the 24 pin serial interface on the T1/E1 cards)
  
• Cyclades PC300 (we had the PC300/TE-2, I believe, with 2x 24 pin serial ports which required adapters from V.35 out of the back of the CSU/DSU)

This has also happened with Zebra (http://www.zebra.org/ and Quagga (http://www.quagga.net/ amongst others. Despite a piece of software being released under an open license, either BSD-style or GNU-style, if the community feels that an individual or single organisation has some sense of "ownership", then it seems reluctant to contribute. This has been seen with OpenOffice.org. Even projects such as OpenBSD may suffer from this to a certain extent.

Most businesses would be insane to rely on open source programmers to develop their software for them... that's why many of you reading this still have a job developing commercial software or in-house homegrown software. They give you money, you develop software that they want.

I get paid to develop in-house software. To save time and money, my boss has chosen that we take a bunch of Open Source projects (such as FreeRADIUS, ChilliSpot, and Zebra) and build on top of them. While putting the pieces together, we (the programming team) found bugs in these software, and missing features. And because we have a strong incentive to get things fixed/written (deadline!), so we reported bugs promptly, and helped fixing them. We also helped started writing the features that we want.

In the end, we are able to produce a much more robust, solid product, in much much less time + money, because we were building on top of the Open Source projects. And during the development stage, these projects also benefit from us in forms of bug fixes and new feature implementation, and at the end, we even convinced our accounting department to give some donation (tax write-off!) to some of the projects.

I'd say it's a win-win situation.

I am suprised there has not been a mutitude of posts mentioning GNU Zebra.

For all of you that wants a broader view of the routing state of the art you may have a look at Zebra routing engine

> MRT and Zebra are now fast-decaying abandoned project I do not follow routing software very near, but you have some alternatives out there: -Zebra
- Quagga
- Bird
>The only Open Source software router I can find is Click
Check these ones:
- LiberRouter
- openrouter

I should probably keep researching Zebra and lartc and stuff.

There's also Quagga, a fork of the GNU Zebra (thanks Kunihiro), which is further along, more mature, in much wider use than XORP (I've not heard of anyone actually using XORP in production, while GNU Zebra and Quagga most definitely are) and, most importantly, not written in C++ ;).

NB: I'm biased.

Ironic that there is no mention of Quagga or Zebra (that I can see) in either the XORP website, or the CNET article.
Zebra has been around for a long time now, and is pretty good. Due to the slow release cycle, Quagga forked the codebase, and so there are updated releases. Unfortunately neither project has seen fit to hit the magic 1.0 release.

- Ivan

unfortunately zebra doesn't support MD5 on BGP. Now what? 'upgrade' to cisco?

AC

GNU Zebra is a cisco IOS clone for linux. i think its what you're looking for.

1. China - Wensong Zhang, LVS Project
2. Japan - Kunihiro Ishiguro, Zebra Project
3. India - Naba Kumar, Anjuta Project

Can anyone say Zebra? Which is not maintained actively (make that at all) anymore because the main 'developer' is working on a commercial variation called ZebOS.

But fortunately after almost a year of quarrelling we now have the PJ fork called Quagga or mirrored at quagga.ch. So long for official GNU projects ;)

Usage : %s [OPTION...]
Daemon which manages kernel routing table management and redistribution between
different routing protocols.
-b, --batch Runs in batch mode
-d, --daemon Runs in daemon mode
-f, --config_file Set configuration file name
-k, --keep_kernel Don't delete old routes which installed by zebra.
-l, --log_mode Set verbose log mode flag
-P, --vty_port Set vty's port number
-r, --retain When program terminates, retain added route by zebra.
-v, --version Print program version
-h, --help Display this help and exit
Report bugs to %s
bug-zebra@gnu.org

ObGPLQuote:

3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following:

* a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,

* b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,

* c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.)

That's really neat, have to check it out, but as an employer are you going to hire someone who only has experience on an emulator. If someone claimed to know Cisco and BGP and had only used Zebra are you going to trust them on your 10,000$ router? And that's a really bad example as some mainframe's go for quite a bit more 10,000$.

Zebra is an open source multi-protocol routing software developed to run on Unix systems (actually developed on Linux). It utilizes a *very* IOS-like command structure, and supports RIPv1/2, OSPF, and BGP. It also supports the IPv6 specs for each of those protocols.

It is close enough to IOS to be useful from a training and functionality standpoint.

I haven't messed with it in about 18 months, but it was good back then. I'm sure that it's even better today.

Check it out.

In a lot of situations, an old PC with a bunch of ethernet cards, GNU/Linux, and Zebra would be perfectly fine for a router. Memory is cheeper, and it's probably faster (though a Cisco 2500 is still plenty powerful enough for the task). A PC also is quite a bit more flexible. Further, in the case of Zebra, the syntax used is very similar to Cisco's IOS, so there is a smaller learning curve for those who are used to IOS already.

However, one drawback is security. On a Cisco router, you only have to worry about someone breaking the IOS system; with Zebra, you have to worry about someone breaking the underlieing OS AND Zebra itself. Breaking either gives you access to the router itself. Further, IOS has been around for years and has been throughly debugged. Zebra is not quite in a 1.0 release. Plus there are features; Zebra won't have support for multicast routing protocols until 2.0.

You basically have to decide if the extra expense of a Cisco router is worth whatever reduction in secuiry and stability. And you can't go the Zebra if you need multicast (like for streaming videos, game servers, whatever).

So basically you're saying you need this and some RAM, considering workstation RAM is dirt cheap compared to router RAM it seems like a Linux BGP router is seems pretty reasonable.

Use GNU Zebra

It'd be hard to find someone to sell you IP address blocks nowadays, (I know class A's are close to impossible) so that will be a big factor thats for sure.

Well I would say for the mail and DNS servers you wouldn't need anything fancy since they're not processing scientific stuff or crack rc5 or so. So for mail servers even a couple of pIII's would be good.

Routing equipment... Having tinkered with only BayNetworks, Cisco, and Juniper, I would say stick with Juniper Networks (possible an M160) for large BGP networking (OSPF is a pain), for internal you could use like a BayNetworks Centillion. Cisco is overrated to me. Or if you really want to cut corners then get a Sun Ultra10 and slap on Zebra (but thats rather ghetto)

If your going to be doing VoIP stuff, PBX's are rather expensive, but I would look into the Merlin's from Lucent which was a fairly good experience for an older company I worked at, and it was the cheapest. However timeframes to get PBX's involved out here suck so if your local telco is in the same market as a vendor your looking at, prepare for a wait.

I don't know the prices of everything entirely (since my co is partnered with many we see discount prices on all this crap) but it can go into low-mid 6 figure digits.

As for the negativity with everyone stating its a losing venture, you fail to see that not all countries have the same availability as we do so it may be a winning venture there.

EOF

It'd be hard to find someone to sell you IP address blocks nowadays, (I know class A's are close to impossible) so that will be a big factor thats for sure.

Well I would say for the mail and DNS servers you wouldn't need anything fancy since they're not processing scientific stuff or crack rc5 or so. So for mail servers even a couple of pIII's would be good.

Routing equipment... Having tinkered with only BayNetworks, Cisco, and Juniper, I would say stick with Juniper Networks (possible an M160) for large BGP networking (OSPF is a pain), for internal you could use like a BayNetworks Centillion. Cisco is overrated to me. Or if you really want to cut corners then get a Sun Ultra10 and slap on Zebra (but thats rather ghetto)

If your going to be doing VoIP stuff, PBX's are rather expensive, but I would look into the Merlin's from Lucent which was a fairly good experience for an older company I worked at, and it was the cheapest. However timeframes to get PBX's involved out here suck so if your local telco is in the same market as a vendor your looking at, prepare for a wait.

I don't know the prices of everything entirely (since my co is partnered with many we see discount prices on all this crap) but it can go into low-mid 6 figure digits.

Nice little chunk of money saved by using Linux virtual servers over Arrowpoint, however I would like to know how a high content site would hold up with a lot of those perl scripts running to cache, one of the possible problems you won't find with Arrowpoint, Alteon Ad Directors, Netapps, not to say they're better, but the article did mention "Big Budget", aside from that some information on traffic handling would have been nice to show, e.g. amount of data passed into the network would give insight as to why they may have chosen to go via certain routes (not routers, or routing protocols.. choices) versus others.

I remember some of the guys where I'm at did some overhauling, and when we were doing the firewalls, instead of ordering 4-5 Nokia's or looking into other fw's, we ended up getting one Nokia 650, and since we were running FreeBSD we threw on ipf on all the boxes and created rules to eliminate the load of ACL's, and the FW load which was actually cheaper than buying x amount of new firewalls, and since we jumpstarted most of the machines, we had a slew of tightened security scripts for Sun, and BSD's to have an auto locked down network no matter how much shit was upgraded.

One of the things I wonder about though is the "dual processor" factors, which has many people going gah-gah over. Dual 700mhz's may sound nice, but to only serve up web content I wonder how is that better than just 1 700mhz chip or a 1ghz Athlon for that matter (anyone care to comment?)

As for switching from Oracle to SQL7, sounds like a good move, however again there's no mention of how much data goes into their database, so while it may suit them, what about mega sites like Yahoo, I wonder how they would stand up to SQL over BSd's, Linux versus a nice Sun E10k running Oracle?

Well they certainly have a pretty cool network, I wish they would have included actual network information as well such as router info, traffic stats, etc., now they would have blew my mind had they said, they're running strictly Zebra on a Nix box versus a Cisco or Juniper ;) but then again this was a semi "Big Budget" article, not a Poor Man's Network which in my case would be my Cisco 1xxx series running Zebra and GBGP (what you know about that.. Ghettotized BGP werd), 400mhz i386 running OpenBSD for the website, my spanking U1 for db stuff, ghettotized rj45's I found, with stolen bandwidth running out "Moving Day to Day Networks" run from my garage, and a C64 for DNS (fear)

Blackbox Themes

Zebra ( is still beta, last I looked) but is a full implementation of rip/ospf/bgp/etc... and the configuration interface is nearly identical to IOS.

The benifit here is that it's real, so you can setup 2 (or more) boxes and actually *make something work* rather than paste commands blindly into an emulator. And, of course, it's GPL'd. Better than Merit's gated implementation of the above protocols, and easier to configure.

The Code is Speeh Corporation is an organization that is totally dedicated to ensuring that code is treated as speechand that software regarded as such remain totally free.

GNU Zebra.

• zebra
• gated
• VRRP (the IETF equivalent of HSRP)

I don't like GateD's license. It is absolutely on the verge of being totally unusable. It is well known that the GateD consortium is pretty liberal on its definition of "research" work, so it would not actually be unusable in my case.

The kind of Open Source license that I see as being acceptable is the Netscape Public License. It retains ownership, without limiting what I do with the stuff for my own devious uses, and in that sense has no strings attached.

I feel it is important that companies have a safe license to use to release stuff without relinquishing control. I'll pick the software with the least restrictive license when I have a choice, but in some cases the best software isn't as free. I'm overjoyed I can get the quality in exchange for relinquishing some of the options (like being able to publish a derivative work), if that's what it take them to release the software at all. A lot of company executives have cold feet and would like to retain control. That's fine by me as long as my ass is covered.

GateD is evil, because if you ever get in a conflict with them, it'll be hard to assert your research use in court.

I agree fully. The Internet needs to be accessible to the masses, and countries like Costa Rica implementing projects like this is a good sign that they "get it" with regard to Internet communications. In the future, people will rely heavily on information to get things done, speed of information will dictate the effectiveness of businesses and individuals.

More CCIE's are the solution, some people would say, but the fact is that the CCIE qualification, while good, ties people down to one vendor - Cisco, which will create a kind of Microsoftian situation, except with networking equipment and protocols (ever hear of the Cisco Properietry protocols? Ayup.)

The ZIE (Zebra Internetworking Expert) course will also be amied at educating more people, even though it will be fairly expensive at first, it will be priced reasonably once it reaches a certain level of acceptance by the business community. Their will be 3 exams. 2 written, and one lab. The 2 written will consist of Linux basics and Networking, (which will include both Networking basics, in the Linux module, intermediate Networking and advanced Networking in the Networking module). In the lab, the candidates will be asked to simulate a real working eviroment and interface with other hardware and software, using the GNU/Zebra technology.

Availability: These exams will be available through various LUGs around the world, eventually. At first they will probably only be available through a few centers in major areas in the US and Europe.

It's the hope of the organizers of this qualification that it will encourage the use of non-propreitry solutions for networking in mainstream organizations, and promote the use of Open Source technology in general. It's believed by them that the Open Source methodology will not only lead to technical benefits, but will allow communications to go to the next level by bringing back the cooperation of old that started the internet and allowed it to grow, in short: the hacker and scientest and military cooperation of the 60s, 70s and 80s., without which such innovation would have been impossible. Thanks,

Charles Balthazar Rotherwood

Two Unix based 'routing' daemons are:

• Gated - www.gated.org
• Zebra - www.zebra.org

Alternatively, assuming you've eliminated another single point of failure by running two routers, is to run HSRP ( since you mentioned Cisco ) on the routers. You could set up the network in such a way that you can dual home each server to a separate switch, without needing link failover or even a routing protocol.

There are several ways to kill this "problem", but the way your *ahem* consultant is recommending sounds like the most overly complex solution. Your consultant may know their systems/lan configuration, but shows little knowledge of routing.

My 2 cents is get a new consultant.
------

As already mentioned, cable modems are typically setup on a shared network. The cable companies usually have 500+ houses/connections hooked up to one node. These connections all share the same bandwidth. Different cable modems have different capabilities, but to keep users from hogging up bandwidth the cable companies use various technologies to control the bandwidth to each user on the system (packet shaping) You may just want to ask if you get purchase a higher quality of service. Having said that... I use to work at an ISP with multiple T1s. Through the life of the ISP, there were multiple ways we load balanced. One way is to use the OSPF and select equal preference for the different interfaces out (the cable modems) and it will round robin packets through them. I suppose you could try to setup OSPF on a linux box using Zebra. You could look into the packet shaping abilities of Linux. Search for packet shaper on freshmeat. Or you could buy a commercial product like the Packeteer.

Has anyone opened up a PIX? We had one at work once and opened the sucker up.. It's essentially a PC.. I think it had 4 PCI slots, with normal Intel NICs in them.. There was a flash card in place of a hard drive..

You can accomplish the same thing (better, baby!) with a PC, OpenBSD, and Zebra.

You can also check out:

• MRT
• Zebra
• GateD

These are routers with support for IPv6 routing protocols, such as RIPng, OSPFv6 and BGP4+. (For GateD, you want the GateD 3.6-ipv6 snapshot.)

Last, but by no means least, there's a wealth of information at the "principle" IPv6 sites:

• 6bone.net
• IPv6.com