Slashdot Mirror
Linux Ported to Cisco Routers, BSD chosen by router manufacturers
calc writes "Linux has now been ported to the Cisco 2500/3000/4000 routers. Click here for more details." This seems like a fairly logical (albeit not so useful hack). I mean, one would assume that cisco's have some wacky hardware in them... but then again, using standard tools to config them seems allright by me. And you could use your router as a web server if you were on crack *grin*. [Update by nik]: Not the first time a free operating system is used like this. For example, routers from Juniper run a modified FreeBSD, while Effnet base many of their products on NetBSD.
Standard as in what is most familiar to yourself? -- As in non-cisco? By many Cisco peoples' standards, the Operating System and the configuration tools are the "standard" for cisco routers.
<request for clarification/>
Howdy all! I see some issues with this from a performance perspective: a. All of the hardware mentioned here uses software switching of packets vs hardware ASICS. Therefore, you are either "Fast Switching" or "Process Switching" the packets dependant upon router configuration. Naturally, Fast swithcing develops a cache for layer 2 MAC address information and routes. See Cisco's definition: Process Switcing: Operation that provides full route evaluation and per-packet load balancing across parallel WAN links. Involves the transmission of entire frames to the router CPU, where they are repackaged for delivery to or from a WAN interface, with the router making a route selection for each packet. Process switching is the most resource-intensive switching operation that the CPU can perform. Router has to evaluate each packet individually, look up next hop route, re-package dependant upon interface and next hop address for destination route and send to interface. Used with following; access-lists (requires packet evaluation vs. lists applied to an interface), load balancing - to use multiple routes versus first acquired cache route, wan links to prevent overrun of serial interfaces by wan interfaces, etc. Fast Switching: Cisco feature whereby a route cache is used to expedite packet switching through a router. Contrast with process switching. A route is looked up once, cache is formed for next-hop address and next hop address information can be switched into place witout having to evaluate every packet within the TCP session.... In higher end routers (7000 +), they went to developing RP/RSP or route switch processors to implement caching in hardware vs. software. With Cisco's newer Versatile Interface Processors (VIP), they actually run a microcode OS on the line card which permits line cards to switch directly between each other using what they call distributed CEF. Can achieve 1,000,000 packets per second via CEF.... Anyway, before I went off on my geek tangent. I'm damn sure that this Linux port does not have any fast caching algorithms...and at best would only meet process switching speeds implemented under IOS (if at best). You would then see a signifiant decrease in PPS using Linux over IOS and a hefty increase in CPU utilization (2500 is about the equiv of 386....4000 is not much better mayble 486 at best). 2500 pumps about 25k pps fast switched where 4000 is 40,000 fast switched. I would suspect these would plumet significantly. Additionally, you couldn't run linux and IOS concurrently on the same box. You have to re-boot it (no connectivity on any interface hence causing an outage) to boot between both OSs. You can't, as one user stated, obtain a tcp dump while routing under IOS. IOS has these features via off box logging, IP accounting, Logged access-lists, etc. With very small memory configurations available for true system type applications (Web servers...etc), what type of decent apps could you really run on a router that would make it feasible? Benifits of using Linux on a Cisco legacy router (2500 and 4000 are considered end-of-life). Size! A 2500 is extremely small. Alibeit, I'm not sure which intefaces and hardware the linux ios would support; Async, Ethernet, Ethernet Hubs internal to some 2500 series.... Cost What does IBM charge for the 2u height web servers? Although, one PIII class box could out crank a handful of 2500s... Oh well. In my travels I did find one product for linux that got me excited about affording an Cisco Interface and management to a linux system. It was at http://www.zebra.org. I installed it and thought it kicked some ass. Hope I could lend some insight as to the performance issues...... simple_in_seattle@hotmail.dontspamme.com
Exactly. Linux changes itself to fit on different platforms. Bill tries to change you to fit his solutions.
There's a huge difference there.
HAve your CISCO's spare cycles help this worthy cause! =grin=
-Sir Woody Hackswell, the Arch-Fool
In the older days, you were buying expensive hardware. The older models especially that are mentioned in this article are all Motorola 68k chips.
Newer models moved away from general purpose CPUs to proprietary chips designed for fast routing/switching.
HTTP server is a standard feature in IOS... But it's only used to administer the router and run some commands through a web browser. However, it shouldn't too be hard to extend the built-in server a bit further, to host your domain and serve your pages :-)
I've played a bit with getting ucLinux running on older Bay/Wellfleet AN routers. They are basically a system on a chip (68EN360) with some RAM and flash. It's a project for another day, though.
Go Slackware!
-- Give him Head? Be a Beacon?
-- Give him Head? Be a Beacon? :P)
(If you can't figure out how to E-Mail me, Don't.
You could think its kind of futle to just port linux to everything imaginable... but you can look at it as a kind of basic research not so much praticle use. You have to do the basic research... to get high quality products out the door.
yippy skippy, now we can have cisco linux-distro' flame wars!
"MY cisco runs redhat!"
"oh yeah? my cisco runs slackware!"
"hah! amateurs! mine runs turbo!"
-- MrMud
There has been HTTP over routers for a long time. I know for a fact that CISCO has optional (you have to turn it on) HTTP interfaces for configuring their routers. I don't see any reason why that couldn't be used to serve other static pages.
Brad Johnson
And you could use your router as a web server if you were on crack *grin*.
If we can use IP over DNS, http over routers seems reasonable.
I'm holding out for SSH over my toaster.
-Waldo
-------------------
SO you take a great general purpose OS, Linux, and then stick it on expensive propietary hardware, a CISCO router, to replace the router-optimized OS already there.
Of course, a 486 running Freesco, a Linux derived firewall router, would probably have better performance and be far cheaper, but it's not as hackworthy.
Next week, a Linux router/firewall on a wristwatch, but you can't move your arm or your network will go down.
>so i guess it's standard x86?
Depends on the model, many Cisco routers use Motorola 680x0 chips, some MIPS...
I can't recall any off the top of my head that used x86 family chips.
-LjM
Cisco IOS can run on a couple unices (BSD and Solaris I believe) as well as Cisco hardware. As far as I know, Cisco folks develop on Unix and then use a cross compiler to build for their router hardware when required.
The world is neither black nor white nor good nor evil, only many shades of CowboyNeal.
Although this is definetely a cool hack/experiment/learning experience....
...
yes, even 2.4 boys and girls...
It has no use....
The Linux tcp/ip stack is not up to the job of high end routing ( even for these low end routers )
If you want an os that can handle high loads of routing, why not use what the best performing router uses... ( juniper networks M series )...
WHat is that you ask? well, FreeBSD of course....
Yeah, i know, this will get marked as flamebait, but, does it look like i care?
Seems useless to me. Why break the security of a Cisco router by putting Linux on it?
Security? What does anyone really know about the security of Cisco routers? Are you sure that there are no back doors imbedded in the IOS? Can you prove it?
At least with Linux, you can.
Don't even try to weasal out and say you weren't implying that D-Link built million-dollar Cisco routers and all Cisco did was slap their name on them in order to jack the price up.
Again, don't put words in my mouth. I said D-Link "builds a lot of the hardware for Cisco." Had I wanted to imply that Cisco re-sells D-Link routers, I would have said, "D-Link builds Cisco routers, and Cisco sells them."
PMC-Sierra also builds hardware for Cisco, as well as other companies. Obviously if D-Link was able to actually manufacture an entire router themselves, they would not be selling them to Cisco, they'd be selling them direct to companies.
Talk about a feeb... sheesh.
-thomas
"Extraordinary claims require extraordinary evidence."
"And like that
Didn't see anything about this in the comments. Imagine a cracker takes over a Cisco router, downloads Linux onto it and starts running more advanced attack tools that Cisco can't natively do. Since the cracker is potentially operating from a position of trust (depending on where the router is). You could do some interesting things. Not the lest of which would be a custom sniffer to grab passwords.
"Any sufficiently advanced technology is indistiguishable from magic." - Arthur C. Clarke
The USB provides control for the tuning - it's much nicer than adding Yet Another Interrupt-Wasting Serial Port Frob. I've got mixed feelings about whether it should do audio over the USB (which is what I'd expected also) - it's actually connecting analog audio to the sound card, rather than digitizing it itself, which would have added to the cost of the device. I have noticed a major quality difference between playing the audio directly from my sound card into the speakers and using the radio software to digitize it as a WAV file - not sure if this is because I've got an El Cheapo $5 sound card, or because the PC software doesn't use the best possible settings for the card, but there's typically lots of hiss and distortion in the saved version (bad enough it's not worth degrading it further by MP3ifying the WAV.) It might be interesting to try it with a better soundcard, so I may move it the radio to the office and see if it works better here - I'm certainly not going to spend $50 on a new sound card and $100 on more disk space just to make the $29 radio work better :-)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Cisco designs its own hardware and software, but it's common knowledge that it outsources quite a lot of its manufacturing, like many other high tech companies.
By contrast, when you buy a Cisco router, you're mainly buying IOS and the design of the hardware - manufacturing's less important.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
The 7200VXR is a very nice box - I have tested this with 38 Mbps of traffic going through it (from one fast ethernet interface to another), including half a page of access lists and route maps to mark IP Precedence. The CPU load was only 30% or so.
More realistically, it can run custom queuing with minimal CPU loads (very nice for allocating bandwidth to high priority applications, i.e. class of service/QoS), unlike some older high-end routers.
It has some backplane improvements over the older 7200s, so it's not just a matter of CPU speed and cache.
Nice to know, but the 700 series routers don't run IOS.
The cheapest routers to run IOS are the 800 series, I believe (but watch out for exactly which features are implemented, some low end feature packs are missing surprising stuff).
Of course the port is mostly for hack value. But Cisco 2500s on EBay are rumored to cost ~US$500-1000, so it's not much more expensive than a much faster low-end PC. :-) The question is whether you can run Linux Router Project or equivalent router software on them with enough drivers for the various interface cards.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
How much do you think it costs to hook a T1 (or E1 for the Europeans) to your Linux box. Hint, check out http://www.sangoma.com. You can get cisco routers this old pretty cheap now.
As I am in the process of porting linux to a Performance Technology "Instant Internet" router, I can explain why this is desirable.
1) Cisco hardware is extremely trustworthy, much more so than the generic PC. Good telecommunications equipment (routers, muxes, DSUs)will run for decades in poorly ventilated dusty closets without any hardware maintenance at all.
2) Router hardware boots fast. WAY fast. Iff it has a decent operating system. This is important in real life because even UPSes are really uninteruptable.
3) Routers (though not the 2500) typically have ridiculously fast RAM for packet buffering. If linux can get Cisco-7000 class throughput on Pentium III hardware, think what it could do on a real router!
4) All software can become obsolete, due to lack of compatability with the real world (what do you mean we need NAT? We didn't need it yesterday!) or penetration (huh? our version of IOS is vulnerable to a script that's all over the net?) or various other reasons. Router software updates are EXPENSIVE!!! Trust me, I have "SmartNet Maintenance" from Cisco not because the hardware ever fails (it doesn't) but because it gives me access to the IOS download site for a single yearly fee. Linux updates are FREE.
The last reason is the most compelling, obviously. Money talks, linux walks, er, runs.
--Charlie
but its for certain that dlink is NOT a build shop. that was my only point.
--
--
"It is now safe to switch off your computer."
The fact is.. Modern Linux kernels (2.2 and ESP pre2.4) make a better router then IOS. I've seen a Linux router box (PIII 600) with 6x100TX/FDX sustaining 600mbit/sec of IP traffic with packet filtering and CBQ.
The 5xxx series falls down above 200mbit/sec in the fastest forward-only mode.
I've seen alot of truely, ahhh, stunning, ports of Linux over the last couple of years. Wristwatches, toasters, etc. all seem to attract the attention and adoration of linux porters.
Now, what I'm seeing here is I think a conflict between two fundamental hacker tenants:
What I guess I'm worried about is that I tend to see the over-emphasis on the first (especially amongst the younger of us), and the slighting of the second.
Yeah, there might be good, personal reasons for the above people to have ported Linux to Cisco. However, I'm not particularly happy that people tend to glorify these hackers and look down on the ones who might be (for instance) writing neat ASP scripts to talk to MS SQL servers from IIS.
Fundamentally, I'm worried that in our zeal to promote Linux and Free Software, we run into the "Round Peg, Square Hole" syndrome (or, the "If all you have is a hammer, everything starts to look like a nail" problem).
I guess what I'd like to see us as a community do is to place more value on doing the job right, which means using the appropriate tools (or, if there truely aren't good ones available, writing the correct thing), rather than spend time on things that in the end, are almost useless (other than perhaps educational use).
Feeling a bit crotchity today...
-Erik
There are always four sides to every story: your side, their side, the truth, and what really happened.
Cish, config shell for linux routers that mimics a Cisco. Hey, it's a start.
Fuck Slashdot
Ever since they forgot to ask for the old one back when they upgraded me, I've been wondering what I could do with it. Heck, too bad I don't have a bunch of them, I could make them into a Beowulf cluster!
Will in Seattle
INSTALL is 13164 bytes
README is 254 bytes
linux.bin is 1071900 bytes
uClinux-c2500-uClinux-2_0_38_1pre7.diff is 4351814 bytes
Wristwatches, Routers and what next?
Personally I like the idea of being able to hack anything you want into the router....let it be FREE, but I wonder at the potential havoc that could be caused by bugs in these if it ever adopted in volume (what's cisco's record like at security and bug fixing and will any GPL/OS solution be any better)? I also agree with a previous poster that Cisco are not going to be happy with this if it is viable for production systems. I can forsee the DoJ anti-trust case where Cisco are taken to task for hacking their routers and engaging in anti-competitive practices to maintain their monopoly.....oh dear, somethings never change.
Never underestimate the dark side of the Source
Many network-statistics gathering programs require support from routers. The most notable of these is NetFlow, which is a very compute-intensive traffic aggregation tool run on Cisco routers. The router has to keep track of every packet stream pasing through it, and routinely send information to a collector. This is a pretty powerful feature; Combine NetFlow with cflowd (www.caida.org), write a short little program to parse cflowd's output, and you know instantly how much network traffic you have, where it's coming from, where it's going, when it happened, what ports it crossed, total stream size, total packets sent, hop count and propagation delay. You can even expand this: With intelligent use of NetFlow and a little hacking, you can find out what protocols are running across your network, detect some types of malicious intrusion, and even throttle-back (or shutdown entirely) the network usage of some applications. Yes, there is a way to fix the network saturation problems around the widespread use of Napster - A way that doesn't involve legislation.
All this is made possible /because/ routers have an operating system. Throw linux on them, and now you have a 'standard' platform, instead of CiscoOS or AIX, depending on the router.
Intelligent routers are a very good thing - Think about the crazy caching schemes you could run if you could simply write a little C, rather than fabbing some new hardware.
cisco 3640 (R4700) processor (revision 0x00) with 73728K/24576K bytes of memory.
Not to be obnoxious, but the 3640 isn't a totally low-end router (four slots) and its running an IDT-licensed version of the MIPS R4000 processor. From the datasheet at IDT it appears to be just another general purpose CPU, not one dedicated to routing functions. I'm well aware that the really high-end products (like the 75xx series) have much more specialized route interface processors that handle routing, fast switching, and so on that PC architecture would be hard to handle. But I'd still like to see how many packets IOS running as the sole process on a 1Ghz PIII with a dozen 100Mbit full duplex interfaces (on 64 bit PCI cards @ 66Mhz) could forward. The biggest advantage wouldn't be for situations where you needed specific functions or capbilities, like load balancing across interfaces or aggregating interfaces -- best to buy the right hardware. Where I see the advantage is cheap, fast CPUs and cheap RAM.
Well, at least WRT ipnat, OpenBSD has the ability to have the internet side be a range, rather than a single address, and ports will be matched up if possible. Also, ipnat allows you to redirect things to other machines, instead of merely to the localhost. Ipnat also allows host mapping, where all packets meeting a certain criterion are rewritten to a specific host. IOS dosen't NAT at all.
I'm currently employed in moving all the IPs in a class B, and OpenBSD's NAT capability has been invaluable in moving DNS servers and the like.
In terms of ipfilter, ipf can keep state. That's the biggest thing. I think linux allows you to firewall based on any part of the packet, but ipfilter allows you to implement rules than consider multiple packets: e.g. ipfilter was able to filter the recent stream.c DoS, by blocking ACKs that didn't belong to a session in progress. You could also, for example, block all ICMP above a certain rate. AFAIK IOS' ability to filter is limited to port and ip address.
Now, the Cisco PIX does have a NAT capability and probably has more thorough filtering capacity. But I don't know too much about it.
Finally, I should point out that I am very much a Linux fan. I run linux at home. But if you're looking for a powerful router, OpenBSD is where it's at. Secure and functional. But I wouldn't want to run it as a workstation, and mabye not even a server -- after all, it dosen't even come with emacs!
Oh my god, I have an old Gandalf ISDN modem sitting in my closet somewhere. I bought it for $3.00, and only because I like the LCD screen's diagnostics.
WHat's this thing worth?
-- Give him Head? Be a Beacon?
-- Give him Head? Be a Beacon? :P)
(If you can't figure out how to E-Mail me, Don't.
I also bought their USB radio... it sucks, plain and simple.
First of all, it should have come with AM support.
Second of all, why didn't they design it so that the audio is sent over the USB connection as well? There's plenty of bandwidth available. I mean, what exactly is the point of having a USB cable on the thing when you have to plug the other cable into "Line In" to get it to work???
Yeah, I found it hard to believe they make million dollar cisco router hardware once I bought that piece of crap...
-thomas
"Extraordinary claims require extraordinary evidence."
"And like that
CRISCO? The vegetable oil?
A deep unwavering belief is a sure sign you're missing something...
My father used to install cable modems for RoadRunner in Orlando, FL. He got to install for all kinds of interesting people (a manager for the band Creed, the lead programmer on the Madden football games, etc).
... the million-dollar ones.
One time he installed a cable modem for a suit from D-Link. He asked me dad what he thought of D-Link products. My dad stated that he honestly thought of them as "generic" or low-end hardware.
The guy laughed... then he told my dad that D-Link actually builds a lot of the hardware for Cisco. Not the cheap routers either
You are paying for the Cisco name.
-thomas
"Extraordinary claims require extraordinary evidence."
"And like that
I've always wanted the ability to run tcpdump on a Cisco, and this would allow that. Furthermore, linux has much better packet mangling facilities than IOS. Sure IOS is good for passing packets around, but if you want to do any kind of NAT, port mapping, redirection, logging, or replication, you have to go with a UNIX.
What would really be cool would be to see one of the BSDs (preferably OpenBSD) ported to these Ciscos. Then I could take advantage of the full functionality of ipnat and ipfilter, which are much more powerful than anything Cisco or Linux has to offer.
Hmm, OpenBSD runs on an m68k. I wonder how much effort it would take to make this work....
Every night, I kneel down at the foot of my bed and pray, "God bless Mommy, and Daddy, and can I please run Fortune on my Cisco router." Prayers do get answered.
-B
Actually there's QNX in cisco router, so i guess it's standard x86? here's the press release on QNX web site. Maybe the visco router can be the next i-opener thinggy :)
--
"Science will win because it works." - Stephen Hawking
Well, think about this pragmatically. All these people porting Linux to silly platforms keeps them from making more GUI toolkits for X.
X toolkits. Bring 'em on. The more the better.
A deep unwavering belief is a sure sign you're missing something...
Leseee, Linux on a wristwatch, router, Iopener, the list goes on and on. Yet Bill's pictured as the borg here?
If Cisco routers ran Linux, then no one would have to waste their time getting Cisco certified and Cisco wouldn't be able to make a mint training them. Somehow I don't think Cisco is going to think Linux on their routers is such a good idea.
"I mean, one would assume that cisco's have some wacky hardware in them" they actually use a lot of standard stuff. 2500's, for example, use a Motorola 68030 (or one in that family) CPU, some NVRAM for permanent config stuff, some flash RAM as a sort of hard drive (permanent storage, the actual IOS image is stored there) and some DRAM for, well, DRAM stuff. (interface buffers, among other things), The higher end stuff uses RISC CPU's (MIPS for instance). Also, IOS is based on *nix, I believe, so I'd have thought this would be a fairly straight forward hack.
mas cerveza, por favor politically incorrect stu
There are ways to bring down Cisco Switches using simple SNMP --whether you have community strings or not. They are IOS specific bugs.
When brought to Cisco's attention, it was ignored. Then, all of a sudden, Cisco 1700/2900/5k/5500/6000 series switches don't support bridge tables anymore.
There are other issues as well that I have identified, such as ISL trunks leaking un-encapsulated packets into a trunk, and certain plain packet header patterns (for example netbios browsing) triggering the multicast ISL interface (multicast, all interfaces on the trunk process it)to trigger Spanning-Tree recaluclations, which causes the interface to go dead for: 2 * maxforward_delay + hello_time. Unless of course you have portfast/nodefast enabled (Which is Cisco's *extension* of 802.1d/q) whereby when this happens, all ports on Vlan1 (all designated bridges) flood while spanning-tree is recalculated.
This basically turns your entire broadcast domain into one HUGE repeater. lol
There's more. Point is, statements like that, which are unfounded aren't much use to anyone.
Every OS has problems, and IOS is no exception.
Anonymous on purpose.
I used to work at a company called Gandalf, who used to do routers and bridges and switches and stuff. While I was there, most of the boxes used Intel i960 processors, and they cross compiled all the C code on Solaris boxes using a GCC cross compiler.
Since I was busy at the time writing an automated test tool that ran on a network of Linux computers (SLS 1.03, installed from 5.25" floppies), I thought it was cool that I was using a free operating system to test stuff that had been cross compiled on a free compiler.
--
The next Cmdr Taco duplicate will be ready soon, but subscribers can beat the rush and see it early!
Did you review every line of the linux source code for this router?
Of course not. That isn't my point.
My point is:
One is possible to verify.
One is impossible to verify.
OK. I've been waiting to post this for a few weeks.
0 2
We have one of the older, boxy Cisco PIX 50x firewalls. We have three ethernet ports on the box, and originally, 32 meg RAM. We had never opened the box for any reason before. Who knew what we could screw up on such an expensive piece of equipment? One day, we were messing around with the thing via telnet, and I discovered that the machine is actually an Intel P2-266 box! We immediately cracked the box open, to discover that there really was a full-size pentium II chip in the damn thing! What's even funnier is that the fan on the chip was Unplugged! The heatsink was burning hot to touch, since the machine had been running like this for approximately four months with no downtime. Needless to say, I reconnected the fan to the mobo.
Let's describe the interior. We have a standard Intel motherboard, cicso-labed RAM, no HD, a floppy plugged into the floppy controller, two NIC's, and the PIX card itself. All of the "special" pix IOS resides on this single ISA card. If this wasn't so damn expensive, I would have plugged the card into one of our older servers to see if what would happen. has anyone tried this? Also, there is the standard monitor port, etc. etc. on the mobo. I didn't try plugging in a display, because that would have involved dismounting the board from the box, and I don't think Cisco would have liked that. Anyway, the serial ports on the unit are actually routed into the COM ports on the mainboard via cables routed around the inside of the case.
Now, have any of you ever seen the price of a RAM upgrade for one of these? Cisco wanted $900 for an upgrade to 128. Taking a leap of faith, I grabbed two dimms out of a box I had lying around in the office, and stuck them in the PIX. These were, by the way, cheap kingston, run-of-the-mill dimms that cost maybe $60 each. We restarted the monster, and waited about a minute for a telnet connection. Nothing happened. We powered it down, and removed the new RAM and rebooted. We timed the startup, and added the new RAM in again. It turns out that the delay was due to the BIOS POSTing the new RAM! The machine came up with no problems at all, and identified its new total amount of RAM with no problems.
Has anyone tried anything more daring with a PIX?
Also, if anyone has a broken pix, please e-mail me! gunnar@midsouth.rr.com.nospam
--
Michael C. Hollinger
ePeople Mentor and Support Provider
Please see my certifications at http://www.brainbench.com/transcript.jsp?pid=7417
Michael C. Hollinger
Let's get the ISPs to run Quake Servers! That's the way to reduce latency; run it right at the router level!
--
Sometimes it's best to just let stupid people be stupid.
yes, there is something very useful about this...
you'll be able to ssh into the router.
Of course I remember something about Cisco starting to bundle ssh into IOS, but I don't know if its there yet.
Personally I'd like to see IOS running on x86 hardware more than Linux on Cisco hardware. I'd love to get the functionality of IOS for ethernet routing on a box that didn't cost $20k. Yes, I know IOS is specially tuned to unique Cisco hardware, but for vanilla routing between ethernet interfaces (not frame-relay, not ATM, not OC-3) it'd be kind of nice to be able to run IOS on a 1 or 2U PC with 2-3 dual or quad port ethernet adapters.
I'd be interested to see what kind of performance you could get out of IOS on x86, anyway -- are we really buying cool hardware with expensive routers, or just the Cisco name?