Open source router start-up Vyatta this week is expected to launch Version 1.0 of its Open Flexible Router, a software package designed to run on commodity PC hardware, but match the WAN routing and security performance of commercial offerings from Cisco, Juniper and others.
The Open Flexible Router 1.0 could be used in place of commercial routing gear in small businesses and companies with thousands of users. The company says the open source nature of the router code also allows for open scrutiny and examination of potential bugs and weaknesses in the code, which could make it more secure than some other commercial offerings.
Open source routing Vyatta's Open Flexible Router (OFR) 1.0 is expected to launch this week. Components needed to build a WAN router based on the technology include: | |
|---|---|
| • | An Intel-based PC with a (minimum) 500MHz processor, at least 256MB of memory and 500MB of free disk space. |
| • | OFR Version 1.0 CD, which includes a Linux-based operating system and the OFR routing and firewall software stack. |
| • | A PCI-based T-1 WAN interface card (Sangoma is Vyatta's preferred partner) with device drivers included in the OFR 1.0 CD. |
The OFR software is available for download from the Vyatta Web site at vyatta.com. Vyatta charges for support and maintenance upgrades with a subscription format. The $500 OFR Professional Subscription includes unlimited software updates and online/e-mail access to Vyatta's technical support group for one year. The $650 Enterprise Subscription includes online and phone support.
Vyatta's software is based on code developed using the eXtensible Open Route Platform (XORP), begun in 2002 as an open source router software project. Vyatta's code combines a modified Linux operating system with XORP. Users can build a Vyatta router by downloading a CD image from the company's Web site and installing it on PC hardware. The company works with partners such as Sangoma, which makes T-1 and T-3 WAN interface cards for x86 PC systems, and plans to announce more hardware partners soon.
Lance Knox, a network administrator with a Pittsburgh-area building supply company, does part-time network and IT work for local nonprofit and church organizations. He recently deployed an OFR to route traffic between LANs in two buildings at a local nonprofit mental health facility.
"I'd normally use [virtual] LANs for this type of connection," Knox says. "But since this is a nonprofit, we couldn't afford to drop a couple grand on a VLAN-capable switch." He dug up an old PC, inserted a second network interface card, installed the Vyatta CD and configured the directly connected routes.
While Knox works mostly with Cisco network equipment in his day job, he thinks the open source OFR technology could someday have a future as a prime-time corporate product.
"The technology is definitely there, and I'd love to see it deployed as an embedded solution," he says. Having OFR preloaded on a hardened server or closed network appliance would make the technology easier to deploy in an enterprise setting, and more agreeable with company executives with reservations about open-source technology.
"You're less likely to convince a CFO or CIO that this old PC we've recycled is running our network," he says.
The release of the open source OFR comes almost a year after the issue of closed source routing technology and security were raised at the Black Hat security conference. At that show, Cisco sought legal action to stop a security researcher from making a presentation on how weaknesses in IOS software could be exploited. Cisco claimed the talk violated its trade secrets and copyrights
"That incident was kind of symptomatic of the closed source mentality," says Dave Roberts, vice president of strategy and marketing for Vyatta. "Cisco is heading into Black Hat this year kind of with its tail between its legs, being kind of apologetic about what happened last year. If anyone wants to study our router's source code and do a security analysis of it, we'll be more than happy to help. We're not into suing people that are trying to better our systems."