ImageStream IS Gateway and Rebel Routers
Manufacturer: ImageStream Internet Solutions
Price: under $8,000 US
Reviewer: Jon Valesh
Gateway and Rebel Routers from ImageStream Internet Solutions: heavy-hitting performance, lightweight price.
Or, if not lightweight, at least inexpensive, compared to their mainstream competition. ImageStream's backbone routers spring from a simple premise: take GNU/Linux, with all of its proven networking abilities, and package it in an industrial-strength wrapper. Simple premise, perhaps, but far from a simple accomplishment. Fortunately, ImageStream has had plenty of practice. Founded in 1993, they have been building Linux-based servers and routers long enough to know what is important.
Packing support for a wide range of physical interfaces, up to T3 and beyond, and enough expansion room to cram over twenty T1s, multiple Ethernet and a couple of big WAN connections in a fully loaded system, ImageStream has taken their simple premise and made it into a useful reality. Dynamic routing with RIP1, RIP2, OSPF and BGP4, bandwidth management, firewall support and seamless interconnectivity with Cisco and other major name routers make the accomplishment even more impressive. A price point well below Cisco's makes their reality compelling.
In order to build their routers, ImageStream first created a Linux distribution: one that maximizes network functionality while minimizing hard-disk space requirements so it fits nicely on a solid-state flash hard disk and has easy-to-use administration tools. You don't need to be a Linux guru to set up or maintain the system. Then, they developed and released, under the GNU GPL, an open-source Linux kernel extension called SAND, Standard Architecture for Network Drivers, which allows binary distribution of WAN hardware and protocol drivers. SAND is a compromise between the open-source ideal of always having open source, and the closed binary-only drivers that have caused so much trouble in the computer industry. It is a necessary compromise for routers, because many WAN drivers need to contain code or protocols licensed from companies that don't support open source.
The most significant feature of SAND is its ability to mix and match binary protocol, WAN card and even external CSU/DSU drivers from different manufacturers. This means a protocol developer can release a driver and have it work with any WAN card that uses SAND drivers, and a WAN card producer can release a driver to support its hardware knowing the various protocols will be supported. SAND also provides a standard method for configuring and monitoring varied WAN interfaces, simplifying performance and bandwidth monitoring across multiple interface types.
ImageStream's compact and network-heavy Linux distribution, when married to an industrial-quality rack-mount PC, becomes a high-power router fully capable of meeting the backbone routing requirements of ISPs, schools, businesses and anyone who's ever considered the benefits of a private T3 Internet connection to their home. Despite their PC heritage, these routers give a first impression far removed from the usual desktop-PC chintz.
I looked at two of ImageStream's routers, the Gateway and the Rebel. The main difference is in the physical size and level of expansion. The Gateway has twelve available PCI slots for WAN or LAN cards; the Rebel has four. Which router is right for a particular network application will depend more on current need and projected expansion than on differences in core functionality. Though it was not tested, parts of this review also apply to the ImageStream Enterprise router, the biggest of the line with 18 card slots.
Both of the routers tested are based on a single-board computer with integrated 100MB Ethernet. Additional network interfaces are added using PCI WAN and LAN cards, which plug into a passive backplane. Interfaces range from V.35 ports to HSSI and ATM, and can be pre-installed or user-added. The chassis are standard industrial 2U and 4U rack-mount PC cases and are available with dual hot-swappable power supplies for an additional $500 US. Adding interface cards to the Rebel requires removing fifteen screws, which must be a record. A far more reasonable four screws grant access to the Gateway. In either case, once opened, access is excellent.
Included with the ImageStream router is a slender manual made up of a quick-start guide, a configuration guide and an appendix (the largest part of the manual) filled with handy information, such as cable-wiring diagrams, subnet-mask tables and troubleshooting information. At first glance, the manual seems downright sparse, and a second glance will confirm that impression. However, the manual does one thing beautifully—it tells you what you need to know. It assumes you know how to mount the chassis in your rack and which end of the cord plugs in the wall. It tells you how to access most of the unique features of the router and how to fix the things that are likely to go wrong. It is hard to complain about that, but compulsive manual collectors will be frustrated by how unimpressive the ImageStream manual looks next to a stack of Cisco books. The most noticeable hole was in the instructions for configuring dynamic routing—there were none. If you intend to use BGP, RIP or OSPF, a book on configuring GateD or a visit to http://www.gated.org/ will be essential.
Configuration can be done in one of three ways. By connecting a standard VGA monitor and PC (AT or PS/2) keyboard, you can treat the router just like the Linux PC it actually is and watch the BIOS POST, see kernel messages during boot and even switch virtual consoles. If you have a monitor and keyboard lying around, this is definitely the way to go; if you don't, you can log in using TELNET, ssh or an RS-232 terminal. Without a monitor, you can't watch the system boot messages, so if something is wrong with the hardware or kernel, you'll have a harder time fixing it.
A simple text-mode menu system provides the primary user interface. From the menu, you can view the system status, edit the configuration files, back up and restore the configuration, change passwords, access a bash shell and do most routine maintenance tasks. The menu options represent only a subset of the abilities of the router, but a useful subset. If you want to do anything fancy, including most troubleshooting, you will need to leave the menu.
Both routers have bandwidth-limiting and firewall capabilities. Configuring bandwidth limiting will require a brief trip outside the configuration menu; the process is well-documented. You can edit the firewall configuration file directly from the menu, but there is no documentation explaining why or how you would do so.
Most routers use one of three basic configuration schemes: interactive command-line interfaces, form or template interfaces and configuration files. There is no best way—each has its own strengths and weaknesses, and most people prefer whatever they've worked with the most.
Conventional Linux network configuration is an example of an interactive command-line interface; commands like ifconfig and route change the state of the kernel networking subsystem while it runs. With Linux, the commands must be executed each time the system boots in order to set up the network. Router manufacturers often take things a step further by using commands to set up the active state of the router, then directly saving a snapshot of the active configuration into flash so that when the router reboots, the commands do not need to be re-run. Interactive command interfaces can be disconcerting if you don't plan properly or are a slow typist. Changes go into effect as you enter them, so complex configuration changes can leave the router non-functional while you enter your new configuration line by line. Mistakes and typos are usually easier to track down, though, since the error is usually in the last line you entered, and you will immediately see any error messages.
Template interfaces are most often used when only a limited number of possible configurations exist. They are usually the easiest to set up, but if the interface designer didn't anticipate your needs, you can be left hanging.
ImageStream departs from the Linux norm by using a configuration file for the LAN and WAN interfaces, which goes beyond the startup scripts common to all Linux distributions. A single configuration file contains information on all physical and logical interfaces, including both interface-specific parameters and IP configuration. The router, after a brief sanity check to make sure you didn't tell it to do anything too silly, puts the configuration into effect. The advantage is that you can spend as much time as you like modifying the configuration and activate it in just a couple of keystrokes—or not, if you chicken out. The ImageStream routers end up with a mix of interactive command-line and configuration-file interfaces, because the standard Linux networking tools and some of the ImageStream-specific features, such as bandwidth limiting, are still command-driven.
The file format ImageStream uses to set up the network interfaces is unique but very easy to follow and well-documented. Each interface has its own subsection with information such as IP address, netmask, static routing information, baud rate and port-type specific parameters, and the file provides a logical framework for maintaining the interface configurations. Each interface type has its own quirks and limitations, although ImageStream has standardized the configuration format and does its best to hide the differences, making configuration of WAN interfaces easier. A SAND reference guide, also part of the manual, provides all information you need to set up each interface type.
Other than setting up the WAN interfaces, configuring the routers is just like configuring any other Linux box with similar features. Dynamic routing is handled by GateD, which has its own set of configuration files. Setting up GateD is fairly easy, and complete instructions and sample configuration files can be found at the GateD web site.
If, once everything is up and running, you expect to make only infrequent, major changes to the router configuration, files win hands down; they provide a complete view of the changes you are making, and they minimize down time. Unfortunately, each time a file is changed, there is a chance that a typo or minor error will take down everything until you find and correct the problem. Interactive-command interfaces shine when you are working with large, complex setups that need frequent minor changes, e.g., routers with numerous frame-relay permanent virtual circuits. The effect of configuration changes is usually more local, reconfiguring only one circuit or feature, and likewise, typos and bad configurations have a more local effect.
The solid-state hard disk imparts some quirks to the system and will seem a bit strange at first. The system boots from the “hard disk” (which is actually a 40MB SanDisk flash ROM device) but loads the active files into a 16MB RAM disk and runs from there. This imposes limitations similar to systems that boot from a CD-ROM drive: you can make changes to the system, create files, etc., but your changes are temporary. A menu option allows you to save all of your changes after you have verified they actually work. This means bad configuration changes can be undone by rebooting. It also guarantees that, unless you reboot while saving the configuration, the system will never corrupt its file system due to an improper shutdown. But, it can catch those unaware and cause frustrating, too-late realizations that “now was not the time” to reboot. The frustration of helplessly watching the router boot up with no memory of the elaborate configuration you just spent the last hour working on can be acute.
Testing the operation of a high-end router without having a high-end use for it can be a serious challenge. Fortunately, ImageStream was kind enough to provide a pair of routers so I could get a feel for setting up high-speed circuits. In all of my testing, I was never able to heavily load either router noticeably. In fact, both routers took everything I could throw at them and didn't blink once.
Regular configuration file backups will be easy for people with physical access to the routers. The menu-based backup option will use the floppy drive only to save or restore. An administrator could perform his own network backups, of course, but an option to generate an archive file and store it using FTP would be nice. If you do not expect to do a lot of reconfiguring, you won't need to do a lot of backups, and the biggest maintenance hassle will be keeping the air filters clean—a hassle I could live with quite easily.
Tracking down problems when something does go wrong may be a bit of a headache. You will need to exit the menu in order to diagnose all but the simplest problems, but unlike mainstream routers, knowledge of Linux networking will actually help. The system and network interface status can be read and viewed using standard commands such as ps, uptime and ifconfig and exploring the /proc file system, but some of the most important information is unavailable. For example, you can read the current active route tables using the route command, but the router cannot tell you where the routes came from. Tracking down a BGP or OSPF configuration problem is going to be like dancing blindfolded—possible, but best done without an audience. ImageStream includes 24/7 tech support with their routers, so you'll always have a dance partner available and that should be a real help. The latest release of GateD includes new routing status monitoring tools, and when ImageStream updates their system later this year, the diagnostic capabilities will take a quantum leap forward. As it is, the limited diagnostic information available is the worst feature of these routers.
The Gateway and Rebel routers, as tested, performed every task set before them flawlessly. While there is room for improvement, especially in the area of feature documentation and diagnostic information, their functionality and features cannot be denied. If you know Linux and are looking for a high-end backbone router, the ImageStream routers should be on your list—or in your rack.
Born at the beginning of the microcomputer age, Jon Valesh (firstname.lastname@example.org) has pushed and been pushed by computers his entire life. Having run the gamut from games programmer to ISP system/network administrator, he now occupies himself by providing technical assistance to ISPs and small businesses whenever his day job doesn't get in the way.