Thank you for the prompt response. Just to clarify my previous post, I was actually referring to Linux/Unix-based routers. We've been considering this solution because presently we don't have any budget for equipment acquisition this year.
To be honest, I came across Vyatta Core while searching for viable Linux/Unix-based solution that we can adopt and I'm currently reading its reference guides. Has anyone here used this software before? Thanks a lot. ----- Original Message ----- From: sth...@nethelp.no To: nccari...@stluke.com.ph Cc: nanog@nanog.org Sent: Sunday, September 26, 2010 5:59:21 PM Subject: Re: Software-based Border Router > Just want to ask if anyone here had experience deploying software-based > routers to serve as perimeter / border router? How does it gauge with > hardware-based routers? Any past experiences will be very much appreciated. Software based routers (e.g. Cisco 7200 series) have been used as border routers for many years - this is hardly anything new. The question you should ask is probably: Can such a router handle a full link's worth of DDoS using minimum sized packets? The answer, of course, depends on your link capacity, the router itself, features enabled (ACLs, QoS, ...) etc. There are quite a few people using Quagga based boxes running Linux or FreeBSD as border routers - this is a possible solution too, giving you more bang for the buck than a traditional software based router from the big vendors. Make sure you have enough expertise for the relevant OS and routing software available. Steinar Haug, Nethelp consulting, sth...@nethelp.no
