On Thu, 26 Dec 2013, Andrew D Kirch wrote:
If he can afford a 10G link... he should be buying real gear... I mean,
look, I've got plenty of infrastructure horror stories, but lets not cobble
together our own 10gbit solutions, please? At least get one of the new
microtik CCR's with a 10gig sfp+? They're only a kilobuck... If you can't
afford that I suggest you can't afford to be an ISP.
+1
Build-your-own routers are perfectly OK for a lab environment if you want
to tinker with something, but I absolutely would not put an all-in-one box
that I built myself in production. You end up combining some of the
downsides of a hardware-based router with some of the downsides of a
server (new attack vectors, another device that needs to be backed up,
patched, and monitored, possibly getting a new collection of devices and
drivers to play nicely with each other, etc).
Doing this also requires all of the people in your on-call rotation to be
experienced sysadmins / server ops, in addition to being experiences
network engineers / NOC ops. There are a lot of occasions with a server
where 'just reboot it' can make a problem much worse.
Route servers running Linux or *BSD are another story. There are many
situations where they can be extremely useful, but they are not all-in-one
route server/RADIUS/VPN termination/web server/user shell boxes.
jms
