[GTALUG] Debian Linux as-a-router Guide
Mark Prosser
mark at zealnetworks.ca
Thu Sep 7 20:40:09 EDT 2023
Good discussion, everyone.
I think there's merit to *WRT & *Sense distributions.
Might I add a few other things to consider, if GUI isn't the concern.
If you want features & good stability/security:
*VyOS* (https://vyos.io/) -- it's fairly easy to build the image and
have the latest LTS release. I have a license from the Volunteer WISP I
help operate
If you want lightweight / more exposure to the system:
You could scratch that & just roll debian/ubuntu/suse/rhel and utilize
the daemon itself, *FRR* (VyOS is just Debian with a python wrapper for
FRR): https://frrouting.org/
With FRR, forget having a daemon "like the big vendors" , big vendors
commit code to / use FRR.
Finally, there's nothing wrong with the good ol' OpenBSD deployments --
https://www.openbsd.org/faq/pf/example1.html .. lots of IX's running on
them for decades. Probably the best security considering OpenBSD's
commitment to it. OpenBGPD is a a shining star.
If you want just BGP, roll with *BIRD* or *GoBGP*:
https://bird.network.cz/?get_doc&f=bird.html&v=20
https://github.com/osrg/gobgp
If GUI is a concern, I'd say *WRT or OPNSense are the way to go today.
In summary, there are /lots/ of great options; We're quite spoiled.
Personally, I'm VyOS all the way. The syntax is right at home for
Operators who are familiar with JunOS & similar platforms.
Wish I could discuss this more at the next meeting, but I'll be at a
book launch.
- Mark
On 2023-09-07 12:56, James Knott via talk wrote:
> On 2023-09-07 12:48, Scott Allen wrote:
>> On Thu, 7 Sept 2023 at 12:21, James Knott via talk<talk at gtalug.org> wrote:
>>> it supports routing protocols such as OSPF & BGP
>> https://www.linuxtechguy.com/2020/11/27/dynamic-routing-using-ospf-on-openwrt/
>> https://docs.daper.io/networking/bgp/openwrt/
>
> I don't doubt OpenWRT can do those things, but can they do them as
> well as pfSense? You even said you were considering pfSense because
> of all it's features.
>
>
> ---
> Post to this mailing listtalk at gtalug.org
> Unsubscribe from this mailing listhttps://gtalug.org/mailman/listinfo/talk
--
Mark Prosser
// E:mark at zealnetworks.ca
// W:https://zealnetworks.ca
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/talk/attachments/20230907/90895a5a/attachment.html>
More information about the talk
mailing list