Hello everyone, I have need of your expertise. I am looking for a three very specific types of network appliance. Please help! The requirements are as below:
Item 1) Edge router
I have a 100Mbit symmetrical fibre connection and the router must be able to feed it at line speed. (I drink that fibre pipe through an Ethernet port provided by the ISP's media converter.)
It does NOT need to do NAT; instead, I need to be able to assign IPs from a subnet my ISP has provided.
Must be able to apply QoS based on packet type. (For example, VoIP top priority.)
Must do rate limiting by IP. (Currently use CentOS + HTB: http:/
Must do bandwidth monitoring. (See IPs are nomming bandwidth.)
Filter IPs by blacklist at the firewall level, not DNS level.
Item 2) NAT and subnet router
Need to handle 100Mbit of traffic from the WAN.
It needs to handle 4x Gig-E on the LAN. (Non blocking, no latency spikes.)
It needs to be able to act as a proper router and bridge local subnets (there are 4).
It needs to be able to do typical basic firewall things. (Port forwarding being the big one.)
Bonus if it could do VPN, and/or network access control.
Item 3) 10GbE NAT and subnet router
Need to handle 100Mbit of traffic from the WAN.
It needs to handle 6x Gig-E on the LAN. (Non blocking, no latency spikes.)
Needs to have at least 2x SFP ports (preferably 2x SFP+ ports)
It needs to be able to act as a proper router and bridge local subnets (there are 8).
It needs to be able to do typical basic firewall things. (Port forwarding being the big one.)
Bonus if it could do VPN, and/or network access control.
Purpose:
Now, there are about a million different ways to skin this cat. So bear with me while I detail the purpose behind all of this.
Right now, I am using single core Intel Atom boxes running CentOS 5.latest as my edge routers. They had done me well back when we had only 30Mbit worth of traffic to fling, but the time has come to replace them. The network has grown far beyond its original design capacity and I need something rock solid to put here.
I could quite possibly use a Netgear WNDR7200v2 with OpenWRT to be the "NAT and subnet router". If I can't find something else to use, that's what I'll do. I don't ultimately want to because A) it's consumer hardware and B) it's boring.
I have no idea where I would find the widget I need to bridge the RJ-45 and SFP+ networks I have. Everything I can find is in way too rich for my blood.
This networking will all front end my test lab. (http:/
If I am forced to, I could go dust off the pile of Cisco 2600s and press them into service. I really don't want to do that. What I want to do is try alternative vendors. I want to see "what's out there" in terms of novel networking companies; you can only write so many articles about "in order to configure NAT on a Cisco device you first type #enable."
I have been building my own routers using CentOS and FreeBSD for so long that I have lost touch with the alternative networking market. I have no contacts there, so the chances of scoring any swank demo gear for the router side of my lab are slim. Spiceworks is a community full of people who use alternative vendors all the time. I only have enough money to try one vendor for each section of the network. (*IF* I have that much!) So please, lay upon me your favourites.
This is the final piece to my testlab puzzle…please help!
Thanks in advance everyone.