Powerful Linux ISP Router Distribution? 268
fibrewire writes "I'm building a Wireless ISP using commercial grade, low cost equipment. My main stumbling block is that I cannot find a decent open source ISP class routing distribution. Closest thing to even a decent tool is Ubiquiti's AIRControl — but even it doesn't play well with other network monitoring software. I've used Mikrotik's RouterOS for five years, but it just isn't built for what I need. I don't mind paying licensing fees, but $300K for a Cisco Universal Broadband Router is out of my budget. Has anyone seen any good open-source/cheap hardware/software systems that will scale to several thousand users?"
Just use any Linux distro (Score:5, Interesting)
Just pick up your favorite Linux distribution and get back to me with your requirements. I think Linux can easily do what you need almost out of the box. It is only a matter of configuring it. I bet some would recommend looking at OpenBSD or FreeBSD as well.
Either way, you would definitely have a more flexible solution that any canned product will provide you with.
Re:Just use any Linux distro (Score:1, Interesting)
PFsense. BSD, though.
Be more specific! (Score:3, Interesting)
Without more performance and cost requirements, it's really hard to figure out what would work for you.
Are your users all in one building? Over a large area? Are you talking about a dozen access points or hundreds?
Without some more specific information, only advice I can give is:
Soekris boxes with FreeBSD.
Good luck.
Cisco uBR7111 Universal Broadband Router (Score:1, Interesting)
http://www.provantage.com/cisco-systems-ubr7111~7CSCR275.htm
up to 2000 users for $8942.32
just buy a couple of them with a bunch of linksys wrt54gl's running tomato or tomatovpn and you will be all set.
Re:m0n0wall is a great BSD distro (Score:4, Interesting)
I have to agree, although I registered a vote for PFSense above. PFS is based on m0n0wall and both are excellent routers filling slightly different niches. I currently use PFS at home for its packages (freeswitch, squid), but I recently worked for a growing WISP and got them onto m0n0wall, now serving something in the neighbourhood of a thousand customers.
If you want pure simplicity, go m0n0wall. Otherwise, I strongly recommend looking at PFSense for the squid caching and adjust-on-the-fly connection table size.
Mesh technology (Score:1, Interesting)
If your seriously looking at going the ISP level, you shouldn't be messing around with second-hand or non-isp class hardware.
<slashvertisment>
You could always try contacting a company that actually does this for themselves and provides hardware/software for others to do the same thing. I'd -highly- recommend going with a mesh-based technology to add redundancy to your infrastructure. Cambridge Matrix [cambridgematrix.co.uk] has some pretty good kit.
</slashvertisment>
Re:Are you serious, or just killing time? (Score:3, Interesting)
When someone is giving away exceedingly powerful, linux-equipped servers for free, let me know where and when. Until then, software (as in Microsoft vs. Linux) is *not* equal to software/hardware (as in Cisco). Plain and simple.
So you've never heard of the FrankenPix [packetattack.com], I take it?
I'd buy a claim of 'more stable', 'customized', or something similar, but 'exceedingly powerful' probably just isn't true. Barring some evidence to the contrary, I see a given Cisco device as about on par with an extremely weak desktop computer, in terms of pure 'power'.
I'm not undervaluing the total package. I just think you may have gone a tad too far with the Kool Aid.
Further, I don't think the question was asking about hardware anyway, so I'm not certain why you'd be muddying the waters with that part of it. Software to software to software, the comparison remains valid.
Re:Hire someone who knows what they are doing. (Score:5, Interesting)
The proper question is: How do I find someone qualified to do this for me?
You mean because he's humble enough to realize he doesn't know every thing, you believe he's unqualified anything. I suggest you look hard in the mirror and read what you just wrote to yourself.
been there done that bought the tee shirt (Score:5, Interesting)
I founded and operate a wireless ISP serving about 1000 wireless subscribers, and have my own embedded linux distro inside just about everything. It would be a fair statement to say that linux literally saved our business on more than one occasion, by giving us the tools to overcome manufacturer software bugs, by establishing 'known good' systems of various types, by enabling read-only compact flash based systems running on solar power, by bringing a high level of utility and reliability into the critical parts of the network, by allowing us to make it anything it needed to be.
As a CPE, my linux distro never lets me down and never puts customers of at risk of 'stone dead - lights on but nobody home', like linksys/netgear/etc always seem to. Never having to tell someone 'just pull the power and plug it back in' for their connectivity is a real saving grace. And when in a business situation, I can equip these customers with connectivity devices that _do not fail_ and make us look stupid, while at the same time giving them useful feature sets unavailable in higher end router manufacturer gear (cisco 2621 - excellent hardware with great stabillity, just weak on features I get with dnsmasq, openvpn, tcpdump and others.. trying to diagnose network connectivity issues without tcpdump is just dumb.). Its also never choked and zeroed out it's own flash config for no goddam rason, unlike the previously mentioned low-end consumer devices frequently do. Basically, that consumer stuff puts you at risk and is suicide.
As a network appliance, linux flings packets just fine and gives you great tools to filer, mangle and generally control how and what it does. The ebtables code is awesome, the iptables stuff is killer, openvpn rocks asses, dnsmasq kills, there's just too many useful and cool things just go right. I have a pppoe server running rp-pppoe + my patches and userspace tools, running for years now and hit with every kind of client side bug and malfunction imaginable, and just keeps trucking along. Freeradius backed up with mysql is sweet as can be, and quagga for distributing my routes internally is just a dream. I have it all on read-only compact flash, so they never write and basiclaly will run until there is a show stopper hardware problem, at which point I will more than likely be able to remove the flash and put it into another machine and away I go.
There is a lack of management interface, and there is a learning curve to this route, but the upside is very low dollar cost and an attainable level of flexibillity, reliabillity and stabillity you are unlikely to find in any commercial solution anywhere. Cisco IOS is awesome, but you won't power anything that runs it off a 12v battery and solar panel on the side of a mountain and flinging/filtering 20mbps of traffic.
Good luck.
Re:Are you serious, or just killing time? (Score:4, Interesting)
I don't believe in overselling customers. I believe customers appreciate the fact that I'm looking to milk them for extra money. Really, I can score one big scale, or I can build a relationship and continue with them as needed. I've had customers not call for years because they didn't need anything, but the minute they do, I'm there for them.
Growth is a funny thing. A lot of places I've seen have had 4 desks with the intention of growing, and years later they still have exactly 4 desks. One place had a dozen or so servers with high hopes for the future. Those high hopes were a serious understatement. Their partial T3 became multiple GigE circuits, and their dozen server became over 100. Even the first big growth spurt overgrew the agreed upon server naming convention and it had to be changed after two years.
One place I worked at, which was growing rapidly, they were set up with a bunch of hubs (I'll explain the hubs thing in a moment), and terrible links between the suites (multiple suites in a complex). It was terrible. Literally, it was normal to have >100ms pings between suites on a good day. I got 6 Cisco Catalyst 2924XL-EN's with 4 port 100baseFX cards, deployed one switch per suite, and ran fiber between all the suites. Total expense was about $600. Then the economy took a dump. They started downsizing, and I believe they were down to something like 5 desks and 3 servers (don't ask).
Ok, now the hubs thing. I say "hubs" for any low end consumer grade unmanaged "switch". For some manufacturers, it was a marketing ploy to say "switch", which just meant "auto speed switching", where it would handle 10baseT/100baseT/100baseTX, but was still a hub (you could see all traffic on all ports). Some really are switches, but usually not at the level of a real managed switch. If you can get 5 ports for $20, it's a hub. :) I have seen some recently that act like a hub, which is really sad. Well, not just act. They'll even have a single collision light on the front. Oh, there's a big hint. :)
Re:no DD WRT (Score:3, Interesting)
The dd-wrt shop does have more powerful CPUs/throughput-hardware than is afforded by common WRT-class home routers. HOW much more powerful, or more throughput I do not know. Maybe someone else can comment, given the hardware available.
The prices are reasonable; it seems for about $75 you can buy a outdoor-unit that will blanket an area better than a home router.
http://www.dd-wrt.com/shop/catalog/ [dd-wrt.com]