routers, gateways, firewalls, dns etc...

Digital Wokan wokan@home.com
Sun, 20 Feb 2000 00:08:28 -0700 

Believe me, I don't deny that for dedicated tasks and relatively extreme
availability, the pure router is going to win hands-down over a Linux
box.
But in a small business environment, where the router is likely to just
sit in one of the offices, the flexibility and inexpensive upgrades of a
Linux box will go very far.  When I can buy a 64MB box from
thelinuxstore.com for $400 compared to a $1000 Cisco 2620 which requires
an 8MB RAM upgrade and $2400 (MSRP) IOS upgrade just to do VPN or IPSec
out of the box...
FYI:  It's too late.  The boss bought the 2620.  I couldn't dedicate
enough time to finding a Linux based solution with the other projects
that were more vital to the business.  Of course, the boss isn't too
happy that he now has to blow another couple grand on the kernel (and I
don't know jack about a Cisco and its capabilities to tell him if
Cisco's blowing smoke).

Maybe I should look into Linux VPN stuff again.  Someone said they were
doing it.  Maybe if they sent some very detailed instructions on
combining IP Masq with VPN or PPTP...  (PPTP server being an NT4 box.)

Bob George wrote:
> 
> "Digital Wokan" <wokan@home.com> wrote:
> 
> > [...]
> > graphical setup is nice, it doesn't appear to be nearly as flexible as
> > using the Cisco's CLI or Linux's CLI.  The basic 2620 IOS comes with the
> > Masq'ing ability, and minor firewall capabilities.  For the real deal
> > (IPSec, VPN, IP-GRE), Cisco wants another $800-$2400 (for what amounts
> > to the Linux equivalent of a recompiled kernel).
> 
> When a comparison between router OS and Linux is made, it's always going to
> depend on which router, what protocols, and *what* hardware.
> 
> When comparing Linux on a PC versus dedicated router hardware, it depends on
> criticality of the link. Most routers are stuck in hot, dusty closets for
> years with minimal direct handling, and aren't expected to go down when a
> drive fails or other bad things happen to mechanical devices. They can also
> be provided redundant features for (comparably) reasonable prices.
> 
> If you're specifically comparing Cisco IOS to Linux, then the choice (to me
> at least) has to do with whether or not you need any of the additional
> features Cisco provides. Not to say that these things can't necessarily be
> done with Linux, but Cisco has one hell of a feature set for handling odd
> requirements (ie. route between these two when using TCP/IP or IPX, bridge
> if DLC) that are especially important in mixed (non-TCP/IP) environments.
> There's also an impressive feature set that includes compression, hot
> standby capabilities, and bandwidth aggregation. Also, the features all all
> "there" -- no scrambling around for a module. If you bought the right
> feature set (that can be fun to figure out) then everything should just
> work -- no if's.
> 
> > And don't forget the
> > almost impossible to avoid $300+ RAM upgrade to fit your new IOS image
> > into (from the basic package).
> 
> Our lil' 1605-R's costs only about $40 to upgrade. More than a desktop, but
> they're bulletproof! Higher end memory does get expensive.
> 
> > I really wish Linux VPN and PPTP clients were easier to configure and
> > also tie into IPMasq (we only have ISDN, but T-1's coming).  That $400
> > Linux box would have beat the Cisco router into the ground in
> > price/performance ratio (IMHO, of course).
> 
> Don't forget scalability. The same Cisco IOS is used in anything from their
> smallest access routers to the Enterprise-class routers and switches. I had
> the pleasure of working with (near) a 5500 with an ATM WAN interface, a
> handful of T1 interfaces, and redundant fiber links to each of 14 high-end
> switches. The same IOS I learned on the 1605 worked on all of those devices
> (where features made sense anyhow!)
> 
> There IS at least one router manufacturing using Linux. Take a look at
> http://www.nbase-xyplex.com/press/1999/0510.cfm. But then, we're hardly
> talking leftover 486 desktop prices anymore.
> 
> Linux can make a GREAT router, and is probably well suited to any
> organization with support on hand (skills) and that can make a good
> compromise between cost and reliability trade-offs. Much as I like Linux
> though, I can't bring myself to advocate it in most router environments ...
> yet. I think Cisco still rules that roost.
> 
> - Bob
> 
> _______________________________________________
> Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

-- 
Digital Wokan
Tribal mage of the electronics age
Guerilla Linux Warrior