[Xorp-users] SNMP & xorp 1.8.2-CT
Ben Greear
greearb at candelatech.com
Mon Aug 23 09:38:59 PDT 2010
On 08/22/2010 06:23 AM, Mike Weaver wrote:
> I'm much more versed in Linux than BSD anyway, just curious. We're a
> research organization and trying to scale back both our network
> infrastructure as well as the use of commercial/proprietary products.
> We're currently running a Cisco 7206 VXR router, multiple IDS systems
> (commercial & research) and Websense for content monitoring/blocking.
>
> Our lead read about Vyatta providing similar/better performance than
> Cisco without the hardware & maintenance costs, while also providing
> firewall (iptables) and content filtering (squidGuard) support.
> Unfortunately, Quagga doesn't support multicast and I don't have time to
> see if I make it work with things like pimd.
>
> Anyway, xorp looked like a good choice to evaluate and we're generally
> pretty impressed. When we discuss my evaluation results, we may end up
> deciding to go with another box or 2 behind the router to handle
> firewalling & content filtering. It would have been nice to get it all
> in one box from a complexity & cost standpoint (we're a small
> organization w/ limited resources).
Even if xorp can't do the firewalling you want (and maybe it can
with the patch I posted a few days ago), you could run third-party
firewall scripts, or write your own iptables
scripts and have that run beside xorp. I don't think either would
interfere with the other as long as your firewall rules let
appropriate router traffic flow properly.
Thanks,
Ben
--
Ben Greear <greearb at candelatech.com>
Candela Technologies Inc http://www.candelatech.com
More information about the Xorp-users
mailing list