The Linux Router
The Linux router is very stable in its operation. We have run it for long periods, and it showed a very stable performance over the entire length of time. The graphs in Figures 5 and 6 show that the bandwidth of the Linux router is fairly constant with a great increase in the amount of data.
The write-protected medium for booting off the Linux router gives it increased security from crackers. Once booted, it runs exclusively off RAM. You may safely take your floppy out of the floppy drive and put it in a secure place until it's needed again. Also, a single floppy can be used to boot many identical Linux routers with a runtime change in configuration.
The Linux router is easy to handle and configure. It does not require any special care for its use other than that required for a normal PC. If there is a problem, configuring it only takes a few minutes. Moreover, it is basically software on a floppy disk; if your LRP box gets damaged because of power fluctuations (a common problem in the third world), you can instantly convert another available PC into your router by adding NICs from the corrupted LRP (if they are not corrupted) and boot it off the floppy disk. No configuration will be required for this router at all, except the runtime configuration. You can imagine what a great advantage this is—think of what would happen if your Cisco router were to be corrupted.
The following is a comparison of the Linux router with the Cisco 2620 router available in our laboratory.
The cost of building a good Linux router (based on a Pentium I, 200MHz MMX) with 1FDD, 32MB of RAM is less than $100 US. (It may be nearly free if you use the minimum required hardware, i.e., a 486DX with 16MB RAM.) A monitor is not necessarily required. You can use a borrowed monitor temporarily at configuration time or configure via a remote serial connection (if you include support for that through the serial.lrp package). On the other hand, the cost of the Cisco 2620 with a 50MHz Motorola Processor, 16MB Flash RAM and 40MB DRAM is more than $3,500 US.
Although power consumption here is not of great concern, in most applications it is notable that the Linux router (running on PI 200MHz, MMX) consumes less than 30W of power, while Cisco 2600 series routers consume 75W.
You can add as many NICs in the Linux router as you wish (limited by the number of slots on the main board). In Cisco 2600 there is only one Fast Ethernet card available.
The modularity of the Linux router is matchless. Its packaging system allows easy removal and addition of features. You can add/remove packages, even at runtime, using the lrpkg command. You need to shut down the Linux router to add a module only if it requires some additional hardware. However, the kernel module for the hardware can be installed at runtime using insmod. The design of the Cisco router is not as modular.
For the Linux router there are a large variety of hardware and software products available in the open market as it has the complete structure of the ordinary Linux operating system. You can use the product of any manufacturer that has support for the Linux router. Cisco routers, on the other hand, are limited in this respect. Usually only Cisco products are used with Cisco routers.
Having Linux as the operating system on your router gives you the extra advantage that you can build your own packages according to your needs using shell scripting. You also can get a lot of help from the available literature for Linux. Cisco routers have their own specific operating system called Internet Operating System. The Cisco 2620 uses IOS release 12.1. Although it is developed on a regular basis, you can use only those features that are available in the specific IOS release used on your specific router.
Like Cisco routers, the Linux router also supports the multiprotocol feature. It has support for RIP, BGP, OSPF and many more that are added through packages.
Services such as Ethernet router, firewall, DNS and ISDN may be initialized on a Linux router. However, initializing services like DNS (which is highly CPU-bound) will degrade its performance. It is better to use a separate machine as a DNS server. The Cisco router has multiservice integration of voice, data and video. As with Cisco routers, IP masquerading, port translation, load balancing, transparent proxy and interface alias may all be implemented on a Linux router.
Cisco routers support IPX, Token Ring, VLAN, VPN, Apple Talk and DDR for advance routing. The Linux router also can support these features through proper packages. Although to do so, some expertise in Linux and some additional hardware are required, which will increase the cost of Linux router, but it still will be much less than that of a Cisco router.
Depending upon the model and series of the Cisco router, it has a limited number of WAN slots. In the 2620 there are two WIC (WAN Interface Cards) slots, one network module and one advance integrated mode slot. The two-port serial WAN card has a asynchronous speed of 115.2Kbps, and synchronous speed equals 2.048Mbps. Port 1 supports only synchronous mode. The Linux router also has support for WAN interface cards. Sangoma WICs (www.sangoma.com), which have a synchronous data rate of 8Mbps, are quite popular among LRP users. With these cards you can combine many LRP boxes. However, the disadvantage is that the cost of the LRP box increases—this card costs about $400 US.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- New Container Image Standard Promises More Portable Apps
- The Humble Hacker?
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- The US Government and Open-Source Software
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide