Category: Routers world

Many large IT operations are widely used open source technology – operating systems, applications, development tools and databases. Why not in the routers, too?

It is a question Sam Noble, senior network administrator for the judicial system of New Mexico Division of the Supreme Court of Information, thought while looking for a way to link the state courts for a new centralized system of case management.

Noble wanted an affordable and customizable ADSL router, but found that ISP-provided modems lacked the ability to remotely control the local link state, a key demand of the courts.

Alternatively, the addition of ADSL cards for 2600 series routers, Frame Relay, Cisco Systems Inc. used in some courts, as long as the key features, but the aging devices lacked the power to support the performance of firewall.

A third option, Juniper Networks Inc. ‘s SSG20 NetScreen Firewall / DSL router with a choice “, it lacked many of the features we wanted, as the command line with all the functions and interfaces unlimited tunnel,” said Noble.

Frustrated, Noble decided to investigate another possibility: open source routers. The technology is emerging, but still not a favorite among corporate IT managers.

<!–more–>

Noble first download open source software distributed router, with the support of Belmont, California, Vyatta Inc. in a laptop and made some preliminary tests. “I was especially interested in whether the administrative interfaces were incomplete and full of functions,” he said.

Impressed by the initial results, Noble has created a prototype site in Santa Fe to study the performance of the technology, profitability and ability to work with other technologies used in court. “We had to bring a DSL connection inspection and find the best configuration of our network without impacting production,” he said.

Tests Noble convinced that open source router could provide what he wanted. He noted that the VPN concentrator, support for the Border Gateway Protocol, and URL filtering and has the packet capture security “would have been nonexistent or expensive to add Cisco or NetScreen team.”

In April 2008, Noble began to deploy Vyatta router devices to an average of two sites each month. When completed the project during the next year or so, routers – 514 in total – will connect 40-50 sites throughout the state to the case system of centralized management.

Potential Problems

Analysts and users note that IT managers to explore the use of open source routers must be aware of potential support and compatibility issues that may arise with any open source product. “Care must be taken during the deployment,” said Mark Fabbi, an analyst at Gartner Inc. “Not ready to take over the world yet, but it is and it is an interesting basis for discussion.”

Trey Johnson, a member of IT staff at the University of Florida in Gainesville, said the choice of a technology business with a limited history at the enterprise level could pose problems for managers. “That’s a tough sell to get into a business model with it,” Johnson said.

The university uses an open source router from Vyatta support. “[The] router actually has a company backing it – you can buy support for it, making it more viable,” said Johnson.

Others say that the support of the community, a hallmark of open source, you can cut two ways in an enterprise environment. Communities do not usually respond as quickly as IT managers want and not give inexperienced users one-on-one instruction.

Noble and Johnson are two of a small but growing number of IT managers avoid property routers for open source alternatives for a variety of reasons.

Noble, for example, says customization without pain is the greatest benefit of technology. “The flexibility of having a stack of free software built into our routers will allow us to make a small change – a pinch – or a sum, and be able to continue with minimal impact on long-range plans.”

Barry Hassler, president of Hassler Communication Systems Technology Inc., a provider of Internet and network designer in Beavercreek, Ohio, said he uses iproute, one based on Linux open source routing technology Linux distributed by the Foundation for provide users with your company’s large enterprise level Internet access at an affordable price. “I am using the PC hardware, Linux, with integrated routing functionality,” he says. “What we’re doing with these boxes is routing between multiple interfaces, which is pretty standard routing, but beyond that, we are also able to make the management of bandwidth.”

Hassler believes that a comparable Cisco router would cost more than twice the iproute router based on Linux you chose. “This helps keep [costs] generally low,” he says.

CMIT Solutions IT consulting firm in Central Rhode Island has installed the open source firmware DD-WRT on both Linksys wireless routers for additional functions, said Adam Tucker, a network engineer in the company. “We wanted a robust wireless system that allows us to manage the quality of service to prioritize voice over IP [and] things like that, and add some of the most advanced filtering and firmware things [old] just do not support,” says.

Tucker said the routers have worked without problems for over a year.

Fabbi said he sees significant potential for open source routers, especially in food services and retail industries, where companies large and often must link thousands of sites without breaking the budget. “You think of a McDonald’s or Burger King [where] there are tens of thousands of local franchise type, but still want online,” he said.

In other industries, open source technology is well suited for application server-based routing, including virtualization, Fabbi said. He noted that the router virtualized applications are limited only by the imagination of developers. “Sometimes it’s something as simple as a distributed print server, sometimes it is caching video distribution.”

A router is an Intermediate System (IS) which operates at the network layer of the OSI reference model. Routers may be used to connect two or more IP networks, or an IP network to an internet connection.

A router consists of a computer with at least two network interface cards supporting the IP protocol. The router receives packets from each interface via a network interface and forwards the received packets to an appropriate output network interface. Received packets have all link layer protocol headers removed, and transmitted packets have a new link protocol header added prior to transmission.

The router uses the information held in the network layer header (i.e. IP header) to decide whether to forward each received packet, and which network interface to use to send the packet. Most packets are forwareded based on the packet’s IP destination address, along with routing information held within the router in a routing table. Before a packet is forwarded, the processor checks the Maximum Transfer Unit (MTU) of the specified interface. Packets larger than the interface’s MTU must be fragmented by the router into two or more smaller packets. If a packet is received which has the Don’t Fragment (DF) bit set in the packet header, the packet is not fragmented, but instead discarded. In this case, an ICMP error message is returned to the sender (i.e. to the original packet’s IP source address) informing it of the interface’s MTU size. This forms the basis for Path MTU discovery (PMTU).

The routing and filter tables resemble similar tables in link layer bridges and switches. Except, that instead of specifying link hardware addresses (MAC addresses), the router table sepcify network (IP addresses). The routing table lists known IP destination addresses with the appropraite network interface to be used to reach that destiantion. A default entry may be specified to be used for all addresses not explicitly defined in the table. A filter table may also be used to ensure that unwanted packets are discarded. The filter may be used to deny access to particular protocols or to prevent unauthorised access from remote computers by discarding packets to specified destination addresses.

A router forwards packets from one IP network to another IP network. Like other systems, it determines the IP network from the logical AND of an IP address with the associated subnetwork address mask. One execption to this rule is when a router receives an IP packet to a network broadcast address. In this case, the router discards the packet. Forwarding broadcast packet can lead to severe storms of packets, and if uncontrolled could lead to network overload.

A router introduces delay (latency) as it processes the packets it receives. The total delay observed is the sum of many components including:

Time taken to process the frame by the data link protocol
Time taken to select the correct output link (i.e. filtering and routing)
Queuing delay at the output link (when the link is busy)
Other activities which consume processor resources (computing routing tables, network management, generation of logging information)
The router queue of packets waiting to be sent also introduces a potential cause of packet loss. Since the router has a finite amount of buffer memory to hold the queue, a router which receives packets at too high a rate may experience a full queue. In this case, the router ahs no other option than to simply discard excess packets. If required, these may later be retransmitted by a transport protocol.

Architecture of a router
Routers are often used to connect together networks which use different types of links (for instance an HDLC link connecting a WAN to a local Ethernet LAN). The optimum (and maximum) packet lengths (i.e. the maximum transmission unit (MTU)) is different for different types of network. A router may therefore uses IP to provide segmentation of packets into a suitable size for transmission on a network.

Associated protocols perform network error reporting (ICMP), communication between routers (to determine appropriate routes to each destination) and remote monitoring of the router operation (network management).

via:erg.abdn.ac.uk