Slashdot Mirror
OpenBSD Project Announces OpenBGPD
44BSD writes "As noted at undeadly, the OpenBSD Project has announced an BSD-licensed implementation of the Border Gateway Protocol, BGP. Project details, design goals, documentation, and more are at the project web site. BGP is documented in RFC 1771.
Lucky for Cisco, BSD is dying..."
---
How does this stack up with Zebra?
- Education
- Experimentation
- Small ISPs that cannot afford cisco
- Competition is good
- etc. etc.
Right now, you're absolutely right: doing this in a PC would cost as much as or more than a dedicated solution, especially when you factor in the infamous TCO. And as you say later, small networks have no need for this sort of thing. But again, in a few years it may be affordable to do this on commodity hardware. Once the enormous cost of big iron from Cisco et al. comes down, I think a lot of those small networks might just find needs. Especially if we get into the much-touted Internet of the Future where everything has an IP address.
OpenNTPD, a network time protocol daemon and server, recently released.
.
From what I can gather from various NTP mailing lists, this is an SNTP-implementation, not an NTP-implementation. SNTP is just a subset of NTP, and not a fully functional NTP daemon.
If I'm not entirely mistaken, you're not allowed to join into the pool.ntp.org -pool if you're running OpenNTPD
Hope the OpenNTPD developers will address this and make the service fully compliant.
"Rune Kristian Viken" - http://www.nwo.no - arca
I agree with you on throughput limitations. But lets look at some facts. The second biggest router company manages there rotuers with a BSD kernel (Juniper) and runs the routing bits in that kernel (with hooks to move everything into hardware once the desision is made) PC's make good general purpose routing procs they make poor packet shufflers if you take a felable platform with a lot of headroom you can make a great administrative box and if it's coupled with a good hardware asic to push packets it can scale.
Now small networks need BGP as well. It's the best way to have multiple redundant links to providers while running servers beyond mail. I have a small pile of clients some as small as a couple T1's running BGP between two providers.
No sir I dont like it.
Too bad that the BGP part of Quagga is actually working well and the OSPF part is dieing like hell. So personally I hope for an OpenOSPF too.
But since nobody is mentioning it... I thought GateD was a BGP routing thingie too, but I am not sure of that....
Support Eachother, Copy Dutch Property!
Pretty much. It's the same there too. Everyone wants their project to do better.
:)). I like Linux, it performs really well. But I don't like that it's pretty dirty and hackish, which is certainly enough to put me off it. I get the same technical advantages with NetBSD but cleaner and with less maintainance (Good Thing).
The truth is, Linux and BSD are meant to coexist, but not for the same purposes. BSDs are meant as code bases that serve purposes really very well, cleanly and with dedication. They won't just accept "any patch that compiles" as has happened in Linux a lot. They're mostly there for the developers' ideas and needs, and usually users end up with the same needs.
On the other hand, Linux is meant to be the kernel for everyone, and this seems to be the case. It runs on just about everything (even if not in the mainline kernel) and it runs pretty well for the most part. The code base is not clean, but it is functional, which is what matters scientifically. It gets contribution from unspeakable numbers of developers and research and this shows - it has something it does much better than every other system (but yes, every other system has at least one thing it does much better than Linux).
Right now I run NetBSD because I wanted production machines I could stake my life on (still living). I use Linux on my laptop mostly because it has an NVidia card for which NetBSD drivers don't exist (or at least aren't easily downloadable
Matter of opinion though. These things change. Hell I dropped FreeBSD (see tag) after a long time of worshipping it, just because 5.3 has too many regressions to appeal to me.
Sam ty sig.
So this really couldn't be used for core Internet routers.
Well, I believe that core Internet routers are about 1% of global router market, the rest of them rarely sees more than 100Mbit combined throughput on all WAN ports.
So, several good managed switches and couple of redundant routers on OpenBGPD would serve well over 90% of the market.
Robert
Bastard Operator From 193.219.28.162
It wasn't that long ago that you would have to spend $100,000 to get a SWITCH (not a router, just a switch) that could sustain a gigabit of traffic. Now you can do it for a couple thousand on generic PC hardware. Not bad if you ask me. Outside of academia and large corporate networks, there aren't many folks pushing 8gigabits of traffic around anyway so I don't see that as a limiting factor for many individuals and small-mid sized companies.
Cheers,
Lucky for Cisco, BSD is dying...
I case you really are stuck in 1987, Cisco does a couple more things than routing these days.
Why just a few weeks ago, I setup a multi-site network using Cisco switches and multiple VLAN's and I typed in the appropriate commands (yes, cryptic until you bother to learn) and it worked. No fuss, no troubleshooting, free documentation - this is why people buy Cisco..
Yes, they're market-dominant, yes, they're expensive (hint: buy refurb) and yes, they're into certifications and the like, but that doesn't make them Microsoft. Imagine if Microsoft made rock-solid products and wasn't always trying to screw the rest of the world.
Now, start setting up VOIP networks, dynamic VLAN's and fully-meshed WAN networks, stuff a dozen or more pieces in a rack, and you'll start to see that a PC with a FOSS OS isn't always the right answer.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
> From what I can gather from various NTP
> mailing lists, this is an SNTP-implementation,
> not an NTP-implementation.
This is FUD spread by an idiot who completely fails to understand the protocol and, more importantly, completely misses why the majority of machines these days still have unsynchronized clocks...
You're responding to the implied criticism of OpenBSD instead of to the more direct and even more absurd criticism of open source in general. Allow me to cut to the chase: OpenZaurus is an amazing success story. Every Zaurus owner I know runs OpenZaurus instead of the Sharp software. The original poster is just a control freak who can't stand that people have the freedom to produce crap as well as gems. That's why Linux comes in commercial distributions: Crap filtering. Buy a nice OpenZaurus distribution if you want it crapfiltered.
-I like my women like I like my tea: green-
I would disagree with you on that one. I have worked on a project where we used a x86 board running the configuration plane for a router/switch and used Intel Based Network Processosr for the data path/switching function. Yeah it had the works -- Throughput, Expansion slots.
Now the catch is that we were running our tweaked version of NetBSD on the x86 control plane, which was running the routing daemons. So if there is a BSD licenced BGP out there, it is possible to deploy it on the above mentioned box.
So my point is that we actually have rather fancy boxes out there running *BSD.
You don't know much about BGP and its real world uses, don't you? First of all, there are a lot of relatively simple, relatively slow WANs using BGP both internally and on their borders. For example, just being dual-homed the right way (TM) with 2 ISPs for resiliency, even with slow T1 links, means that you're doing BGP. Second, even in ISPs and large companies you could have lots of situations where you could appreciate having a cheap, flexible PC doing BGP. Route reflectors, non-core routers (relatively slow customers/PoPs/remote offices), routers injecting BGP-learned routes into OSPF or other internal protocols (and vice-versa), etc.
Most probably, this:/ 2004/09/openntpd.html
http://bradknowles.typepad.com/considered_harmful
And yes, I consider it nonsense, but rather than name calling, I'll happily share it and let you decide how not matching every feature of another program is "harmful". If you agree, don't run OpenNTPD. That simple.
PCI will go away soon enough in PC-land. We'll be moving on to PCI-Express. You get to pick your bandwidth and it gets a lot faster than PCI in the top end. I figure Cisco will be moving to PCI-Express as well, to take advantage of preexisting designs.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
I guess you've never heard of Juniper Networks (http://www.juniper.net) . The routing and management engine all run in FreeBSD on an x86 platform, while the actual forwarding of the packets is done by their ASICs. It kicks the crap out of any piece of cisco gear out there for speed, high availability, and maintainability. Your bgp process dies? Simply restart it! Can't do that on a cisco, I guarantee it!
Well, OK, but I'd bet your life ;-)
Sorry, it's that time of year and I've got NMBC on my mind...If all this should have a reason, we would be the last to know.
I have some complaints about Cisco.
1) Cost. We could buy NEW HP layer 2 switches for the price of refurb/used Cisco l2 switches. And the HP kit comes with a product lifetime warranty.
2) Support cost. We're planning to replace our Cisco 12000 GSRs with Foundry or Juniper stuff. The maintenance contract cost alone justifies trashing the old equipment and buying new. WTF?
3) IOS/CatOS variety Ever read a nightmarish vulnerability alert and had to figure out if it applied to you? And if so, what you need to upgrade to? There are THOUSANDS of versions, most of which are described generically. And at least once I've been told that a fix was backported, so the version number didn't increment.
4) Usability - HP kicks their asses at the access switch level. It is much easier to set up a bunch of inter-tied VLANS. The syntax is clearer and cleaner. I think every config I've tried to do is easier on the HP family. We updated a bunch of equipment all at once, mostly one model (HP2524, with a few HP4108gl's). It may be that other members of the product line are lame.
I will grant that Cisco tech support is good, and their stuff is good. But there are definitely elements of "We're No. 1, so open your wallet"
That's the BSD Way, as far as I have seen. To do one thing and do it very well, and only add more functionality if people really want/need it.
Look at the BSD tools versus GNU tools. They do fundamentally the same things, but GNU tools are usually tens of times larger because they do lots of things only one or two people alive would want. This means those one or two people find GNU tools more convenient, while the rest of us like being able to compile the whole *BSD world in 1 hour on a slow machine, where a GNU-based system takes an hour to compile JUST glibc on the same hardware.
In the running system, GNU tools are handier, since they have more modern defaults, more convenient shortcuts to doing things (default of . for find(1), default output of stdout instead of the tape device for tar, and so on), etc. but the BSD tools are usually a load easier to know the full functionality of. Look at BSD indent versus GNU indent (which is a fork of BSD indent). The latter has every feature under the sun, many of which never will be used. The former hasn't changed much in years and still does what it always did well, nobody complains. The latter can be more convenient, but at the cost of code size, sometimes even cleanliness... no thanks.
But yeah, that's my point. The BSDs focus on the functionality something is meant for, and do it as cleanly as possible. The 'other' software doesn't have this focus. Which you consider 'better' is all about your priorities I suppose.
Sam ty sig.
henning = phk? Good work on devfs!
:)
But yeah, something like this does sound like a kernel task as much as user. But if Linux users now endorse udev, anything can happen. Personally I think it's a terrible idea but that's just me. Thank root Linux devs don't engineer security.
OpenBSD always seem to work out the Right Way for these things, they haven't failed at a project yet. Don't anybody bring up those flawed scalability benches, who really cares? If you want scalability, you know where to find it. OpenBSD brings practically flawless security and quality where they step, and they have pioneered a lot of development in security that has made modern unices what they are renowned for.
And yet, I've never run OpenBSD
Sam ty sig.