Enterprises cut costs with open-source routers

Computerworld - Open-source is everywhere -- operating systems, application software, development tools. So why not routers, too?

It's a question that Sam Noble, senior network system administrator for New Mexico Supreme Court's Judicial Information Division, pondered while looking for a way to connect courthouses statewide to a new centralized case management system. Noble sought a DSL router that would be affordable and customizable, but found that the ISP-supplied modem lacked remote monitoring of local link status. This was vital, in his opinion, so the division could monitor the status of the DSL connection at each of several layers lower than just the 'Can I pass traffic?' test that one is limited to using the ISP's modems, Noble explains.

Another alternative, adding ADSL cards to the legacy Cisco Systems' 2600 Series frame-relay routers used at some courthouses, provided the necessary visibility, but the elderly devices lacked enough power to support firewall performance. A third alternative, Juniper Networks' NetScreen SSG20 firewall/router with an ADSL option, "lacked many of the features we wanted, like full-featured command lines and unlimited tunnel interfaces," Noble says.

Frustrated, Noble decided to investigate yet another option: open-source routers. Aware of the open-source movement's impact on technologies ranging from server platforms to VoIP telephony, he decided that an open-source router ultimately could turn out to be a smart, flexible and cost-effective choice. Curious, he downloaded software from open-source router vendor Vyatta onto a laptop and ran some preliminary tests.

"I was especially interested in whether the administrative interfaces were complete and feature-full," Noble says.

Impressed by the initial results, Noble created a prototype site in Santa Fe to study performance, the Vyatta routers' ability to work with existing technologies and cost-effectiveness. "We needed somewhere to bring up a DSL connection for testing and to work out the best configuration without impacting our production network," he says.

Noble quickly decided the open-source router provided the exact capabilities he wanted. "Vyatta offered us functionality that would have been unavailable or very costly to add to Cisco or NetScreen equipment," he says. These functions include support for Border Gateway Protocol (BGP) -- the core Internet protocol that allows decentralized routing -- VPN concentrator for additional security, URL filtering -- again, for security -- and packet capture.

All told, Noble says, "It was a great fit."

In April 2008, Noble began deploying Vyatta 514 router appliances to an average of two sites each month. When the project is completed within the next year or so, 40 to 50 sites around New Mexico will be connected to the Santa Fe-based centralized case management system.

Niche performers

Noble is part of a small but growing number of IT managers eschewing proprietary routers in favor of open-source alternatives. (For a list of alternatives, see sidebar.)Seeking cost savings, better features and enhanced customization capabilities, these IT managers are on the front edge of a wave that's bringing open-source technologies and practices into network routing.

Open-source routers come in three basic forms: software that transforms a standard PC or server into a combination router and firewall, firmware that can be inserted into an existing router and appliances that come with open-source routing software pre-installed.