On Fri, Apr 02, 2010 at 10:15:24PM -0400, Tom DeReggi wrote: > What Vyatta does is pretty cool. And they have also been giving back to open > > <snip> > > But the bad is.... its priced wrong. They are going high end, targeting a > coporate user that might have one or two routers. > They make their money on support contracts and their fees are very > expensive. You pay per router, per processor, per year. And at $600-$900 > each./yr or something like that. Then there is the free community version,
pfSense was the same way. But, now they have support contracts based on resonable metrics, like hours, rather than boxes. I have had a pfSense box (Pentium III) acting as the corporate firewall with 5 interfaces for several years. No problems. For the past 4 or 5 months, I've had a pfSense box (1 Ghz C7) running as a NAT box for a network we purchased recently. It has been working great. I have recently added the OpenOSPFd package and it is working well talking to StarOS, Mikrotik, Cisco, and Imagestream boxes. The web GUI means I'm not the only guy who can figure out how to use them. Carp means I can set them up in redundant pairs. I'll be bringing up OpenBGPd talking to the upstream soon so that we can get rid of the NAT. Both boxes have been loafing with 20 and 10Mbps of traffic respectively. My favorite part of pfSense is the fact that I can ssh in and use the usual BSD commands to do things when I can't get to the web interface because I am coming from an unusual IP which is not normally allowed access to the web interface. I can also use tcpdump, mtr, nmap to look at any possible issues. I like the unix command line interfaces. ImageStream and pfSense are both pretty decent from that perspective. I hate how mikrotik and staros have gotten in my way. StarOS's shell with 6 commands really annoys me. They could at least have included busybox. Even just including less/more would have been an improvement. Having grep would make my day. Finding the route any particular StarOS box has to BFE in the midst of the other 300 routes is "fun". I think mikrotik should have tried to emulate the junos or cisco cli rather than inventing something new. The hierarchy of the command tree feels random to me. It probably makes sense to the developers though. But, I've been able to make them all work together. They all seem reaonably reliable. I've not used Vyatta. -- Scott Lambert KC5MLE Unix SysAdmin lamb...@lambertfam.org -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/