[AusNOG] multi customer self manageable virtual router

Andrew Cox andrew.cox at bigair.net.au
Sun Apr 28 12:29:57 EST 2013


The MikroTik winbox UI webbox UI are already very user-friendly imo, webbox
looks like this: http://i.imgur.com/e2vRhJ2.png
You can also modify the skin to remove items you don't want the user to
have vision of, like so: http://i.imgur.com/48LM4mq.png

I would warn against metarouter in general as they have used a couple of
different virtualisation options with limited success, however if you're
happy to go with your alternative and setup an x86 box you can easily run
multiple RouterOS vm's and clamp down the CPU cycles/RAM allocations given
the router needs very little for the most part anyway. This gives you the
best of both worlds as you can happily run RouterOS on top of ESX which
gives you the added administration/maintenance layer and makes it a walk in
the park if you wanted to back up your customer routers (not just config)
periodically too.

- Andrew


On 28 April 2013 11:21, David George <davidg at oztix.com.au> wrote:

>  I’ll certainly be looking at simplifying the requirement if possible,
> was just reaching out to see if anyone had a silver bullet handy J ****
>
> ** **
>
> I’ll have a look at metarouter, but I think we’d still need to wrap that
> in a ui of some sort to make it user manageable. I think the answer here is
> to reduce the requirements or something like Skeeve’s approach.****
>
> ** **
>
> ** **
>
> ** **
>
> ** **
>
> *From:* ausnog-bounces at lists.ausnog.net [mailto:
> ausnog-bounces at lists.ausnog.net] *On Behalf Of *Greg McLennan
> *Sent:* Sunday, 28 April 2013 10:55 AM
> *To:* AusNOG at lists.ausnog.net
> *Subject:* Re: [AusNOG] multi customer self manageable virtual router****
>
> ** **
>
> Dave, thats a very tough ask( you sure you cant re-engineer the
> requirement). The closest I can think of off hand is something like using a
> Mikrotik router that has its MetaRouter option enabled. (http://wiki.mikrotik.com/wiki/Manual:Metarouter).
> ****
>
> *
> Quote for metarouter:
> **Where it can be used? *
> *The MetaRouter function is useful for allowing clients or
> lower-privilege users access to their own 'router' and config to configure
> as they like, without the need for a complete second router, or giving them
> access to the main router configuration. *
> *For example; a WISP can create a virtual router for the clients ethernet
> port allowing them to define their own firewall settings, while leaving the
> WISP's wireless settings untouched. *
>
>
> -------------------------------------------------------------------------------------------------------------------
>
> On 28/04/2013 10:31 AM, David George wrote:****
>
> Morning all,****
>
>                 Does anyone know if a product exists that can allow me to
> act as a gateway for a bunch of different private l3/l2 networks with
> overlapping ips… so it’ll have to understand multiple route tables or vrf
> at some level (still need each customer isolated, although each customer
> can have multiple sites)…  and give the customers the ability to manage
> their own ipsec tunnels, port forwards and anything else they’re likely to
> want via a friendly web ui ?  The alternative is running up one vm per
> customer of one of the many good all-in-one router distros..  Currently
> each customer is handed off via a dot1q vlan. ****
>
>                 Or am I looking at this the wrong way, and should I move
> all of this onto some decent cisco kit and work on finding a friendly web
> ui that can manage rules relevant to the client on that device? ****
>
>  ****
>
> Thanks in advance****
>
> -dave.****
>
>
>
>
> ****
>
> _______________________________________________****
>
> AusNOG mailing list****
>
> AusNOG at lists.ausnog.net****
>
> http://lists.ausnog.net/mailman/listinfo/ausnog****
>
>  ** **
>
> ** **
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130428/856f0865/attachment.html>


More information about the AusNOG mailing list