On 10/11/18, Conrad Rockenhaus conrad@rockenhaus.com wrote:
Hello,
I’m researching for a new colo, and in order to bring it online until I can consolidate some hardware, I would like to temporarily run a VyOS Router as the main router so I can start getting things online sooner than later. This VyOS Router will be running BGP with the upstream providers, IPv4, and IPv6, and basic filtering to protect the router and other essential hardware.
I’ve seen VyOS perform quite wonderfully on 4-6 gbps links with traffic coming primarily from a CDN. My question is does anyone here have any experience running VyOS with that much traffic with that traffic primarily consisting of Tor traffic? Are there any other suggestions for a basic non-hardware router based solution as a temporary implementation, perhaps even using FreeBSD?
Thanks, Conrad
FreeBSD can work fine in this application and would be a natural and complementary tool to your efforts in supporting relay diversity towards more BSD (FreeBSD) nodes. Further, Linux's older iptables, even its current nftables, will seem very different compared to the FreeBSD IPFW or PF with which you are surely familiar.
You'll probably find more answers as to some BGP, packet filter, and hardware solutions for this on the freebsd-net mailing list above.
And or on freebsd-questions , freebsd-isp , freebsd-ipfw , freebsd-pf , ... https://forums.freebsd.org/
See also (note: wikipedia often outdated / trivial)...
https://wikipedia.org/wiki/List_of_open-source_routing_platforms Mentioned but not yet linked in above list... https://frrouting.org/
https://wikipedia.org/wiki/List_of_router_and_firewall_distributions
https://forum.opnsense.org/index.php?topic=3534 Includes some bits from HardenedBSD, its onions are below... http://dxsj6ifxytlgq33k.onion/ http://3jkjhrvkdbdkqisnwhdpe4afh2j2g3suhsfcewiemsyk5ecd6gadmxyd.onion/