Open source router tempts company to bid Cisco firewall farewell

As open source router start-up Vyatta formally launches its first appliance this week, one early adopter is using the Linux-based gear to replace Cisco technologies.

Vyatta is offering its Open Flexible Router (OFR) software preinstalled on Dell server appliances. One of these devices is scheduled to come online this week on the network of Adify, a small San Bruno, Calif., company that provides advertising services for Web publishers and advertisers.

"We're taking several measured steps with the Vyatta product" to replace some pieces of Cisco infrastructure, says Charles Stewart, vice president of operations for Adify.

The first step took place this summer, when the company moved its Asterisk VoIP system — which serves 35 internal users and 10 remote users — to a Vyatta box on a separate network segment. Adify was running VoIP and data traffic through its Cisco PIX firewall and a 2600 access router, but decided to segregate the networks for better voice quality.

The company's next step, which is set to take place this week, involves deactivating its Cisco PIX and replacing it with a Vyatta OFR appliance, which includes stateful packet inspection firewall features. The company's network manager, Thor Myhrstad, built its first Vyatta box from scratch, but says, "We wanted to move quickly on (removing the PIX), which is why we chose to get Vyatta as an appliance this time."

The new Vyatta appliances are based on Dell PowerEdge 850 servers — a single-rack-unit box with a 2.8GHz Intel Celeron processor, 256MB of memory and dual Gigabit Ethernet ports. A single PCI-X slot is available for the various WAN interface cards that can be preinstalled on the router. (Vyatta uses PCI-X-based T-1 and T-3 cards from Sangoma). The $1,800 package includes a one-year support subscription for OFR, which is based on the eXtensible Open Router Platform, an open source routing stack, and a hardened Linux operating system.

Adify also plans to build a backup WAN based on an OFR router and DSL links. This network will be used in the event of a failure on the dual T-1 lines it rents from provider XO Communications, Myhrstad says. Because Vyatta supports the Virtual Router Redundancy Protocol, the backup network can take over immediately in case of an outage, Myhrstad says. For now, the Cisco 2600 router will stay, connecting dual-T-1 links, because that box is provided and maintained by XO.

Down the road, the company is considering Vyatta/Dell products as a possible replacement for the Foundry Networks load balancers it uses in its co-location facility, where the company's revenue-generating ad servers and billing systems operate. Adify's Stewart says he is talking with Vyatta developers about a load-balancing module for OFR for some time in the future. If such a module were available now, the company would be using it, he says.

While small firms such as Adify can often move more aggressively than larger organizations into open source network technology, Vyatta executives acknowledge the technology is not ready to take over the networked world yet.