Consilidating your Routing Infrastructure via Virtualization
Recent blog posts
- Google doc Drupal blog managment update
- Happy Memorial Day!
- Configure Twitter alerts from Zenoss
- Iron Man 2 Review
- 2 weeks with Dropbox
- Blackberry Desktop Manager error 4238 while running a intellisync operation
- Virustotal.com scan any file with 20+ antivirus engines for free
- Using Google Docs to write Drupal Content and Blogs
- RedHat Enterprise Linux 6 in Virtualbox woes
- Fixing a broken Active Directory DNS Server Walkthrough
Submitted by Eric Fouarge on Fri, 05/15/2009 - 15:21
As many of us know our edge routing can get complex quickly. Worst of all, it can get downright expensive when working with "high-end" propietary hardware such as Cisco, Juniper, Foundry, etc. What this article is going to cover is a few ways to reduce your total cost of operations (TCO), streamline edge routing managability, and reduce your carbon footprint. I for one work with a very complex Cisco environment which consists of WAN aggregation, load balanced and high availability firewalls, multiple subnets, and of course roadwarrior vpns. The solutions presented in this article are all open source and provide all the needs that one would need to consilidate your Cisco equipment and feel better about yourself. The major requirement of this peice is everything should configure and work properly in Vmware ESXi. This article can be extended for Datacenter, Service Provider, Home Use, SMB use. What I'm going to focus on is Home Use first, then a later date focus on full-on datacenter edge routing consolidation via Vyatta.
To start this article off, I'm going to start with a very solid and proven solution that I have leveraged in past projects that required multiple network layers, Endian UTM focuses on easy of use, stability, and feature sets. One thing that I love about Endian is from start to finish you can have a edge-based router/firewall with VPN and Port Forwarding setup in under 30 minutes. A project based off of a linux kernel, the development team exclusively uses only open source networking utilities to piece together their project.
To view a complete feature set of the Endian UTM solution it can be viewed here. http://www.endian.com/en/community/comparison/
Here is the link to the development changelogs for those who are interested in these sorts of things. http://bugs.endian.it/changelog_page.php
All-in-all its a very feature complete all-in-one solution for home use and runs well on an ESXi environment.
Second in line which is my favorite for home use and for whenever you have a situation where you have some weird networking configuration that you don't have a whole
lot of time to configure or just need something that you can hand off to someone and say here is your router/firewall/vpn/loadbalancer -- PfSense, a FreeBSD based solution just freaking works and is painless to setup. It has a full CLI, and Web interface for configuration. Most people get scared when they see FreeBSD, but I'm dead serious you don't need to be a BSD whore to install/configure/manage this appliance. The live CD is one of the smaller footprints of the three that I'm mentioning today but small comes with a huge feature set. There isn't really anything that you could want to do that PfSense will not do.
Here is the link to the feature set for PfSense -- http://www.pfsense.org/index.php?option=com_content&task=view&id=40&Item...
EDIT - Here is the link to the changelog -- https://rcs.pfsense.org/projects/pfsense -- Thanks to the first comment :)
Here is the link to the User Forums -- http://forum.pfsense.org/
IF you are looking for edge-router for your home this is what I would use in my virtualized environment for home use or SOHO use.
Lastly, the solution I have been avoiding in the past as I really didn't think much of it before working in a complex datacenter network environment Vyatta comes very highly reccommended for people that are looking for Cisco-like uses with Cisco like functionality. This solution is not an UTM solution such as Endian and PfSense, but is strictly used in routing, VPN, and complex configurations. It is a linux based solution, aside from that I'm pretty green with its functionality right now as I'm just starting to work with it and gain some comfort level with it to be able to confidently say this is a very promising solution for the avid-hardcore computing person out there that likes to tinker and have fun things to work with. Primarily a commerical company they do release their software in a community fashion much like Endian does.
Here is the link to the download - http://www.vyatta.com/downloads/index.php
Here is the link to the documentation that you will certainly need to read through - http://www.vyatta.com/downloads/documentation.php
And the link to the forums that you'll find all the missing information that the documentation doesn't mention or touches lightly on -- http://www.vyatta.org/forum/
Vyatta is a very promising solution, but is definitely not for the lay person and is not ment for the lay person. If you want to learn something new, and want HIGH performance cisco-like functionality this is the solution for you
-
- Eric Fouarge's blog
- Login or register to post comments
