[AusNOG] Fwd: NBN FTTP router recommendations 200MBps+

Dave Taht dave.taht at gmail.com
Thu May 5 08:57:32 AEST 2022 

On Wed, May 4, 2022 at 3:21 PM Ben Johns <bjohns at naturalnetworks.net> wrote:
>
> Hey Dave,
>
> Using a white/bright box x86/ARM platform on the branch/edge is becoming trendy in the enterprise space too with the uCPE (universal customer premises equipment) and virtualised firewalls, WAN op, SD-WAN, etc.

I'd like to be trendy, but even more I want to push a gbit in both
directions with sqm. I have other strange requirements, wireguard
(tailscale) has become my go-to vpn, and I am caring a lot more about
IDS facilities and route 666 - if you want to see the scope and scale
I might be caring about in the future,
feel free to add requirements to
https://forum.openwrt.org/t/cerowrt-ii-would-anyone-care/110554

I am not sure, no matter how containerized or vm'd, what extra
services belong on the edge gateway, I just want a box there that can
push packets fast,
that I can trust not to be compromised. Things that give me the
willies are how lame the "wireless management controllers" seem to be.
It was only a matter of time before folk attacked those:
https://arstechnica.com/information-technology/2022/05/how-hackers-used-smarts-and-a-novel-iot-botnet-to-plunder-email-for-months/

future iot devices are going on their own subnet, and dpi'd.

> For those interested look for the Dell VEP uCPE platform and the ADVA hypervisor as an example.

I briefly looked over ADVA. Doesn't seem to be open source (?) SOME
abstractions are useful. So long as I can get near-zero queuing delay
out of 'em and can trust 'em. I'm having severe trust issues this
month on other SDN stuff I cannot yet talk about.

>It starts making sense when scaling out SD-WAN across many locations.

Thx for the steer. Very nice looking boxes. I didn't see a price ?,
nor an arm version? My last experience with the denverton cpus was
that they were too slow to push a gbit both ways without (as per the
examples) reverting to dpdk, sd-wan and a bunch of other proprietary
stuff. Sure they ran fanless but I have grown severe trust issues with
anything that wasn't pure FOSS underneath. All those SD-wan layers and
abstractions aren't a value add to me, but a increasingly major
value-subtract.

This home/branch oriented oriented box
https://evenroute.com/iqrouter-pro has the oomph I like, but not
enough real ethernets. I liked and trusted the apu2 (also fanless) but
it's run out of steam.

> On Thu, 5 May 2022, 1:19 am Dave Taht, <dave.taht at gmail.com> wrote:
>>
>> Heh. Now that we are getting opinionated, I gave up on all vendors and their proprietary offloads, and tend to use small x86 nuc-like boxes with openwrt. I turn on the gui long enough to configure them, then turn it off. I get perfect uptime til power failures of my last deployment of the apu2s (which proved a little weak to run cake at a gbit, but were fine to 500Mbit). i3 or higher boxes push a gbit both ways easily.
>>
>> Upgrading is sometimes a PITA. I've been looking over  https://openwisp.org/
>>
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at ausnog.net
>> https://lists.ausnog.net/mailman/listinfo/ausnog



-- 
FQ World Domination pending: https://blog.cerowrt.org/post/state_of_fq_codel/
Dave Täht CEO, TekLibre, LLC

More information about the AusNOG mailing list