I whant to change ower router, with CCR1036-8G-2S+EM or CCR2116-12G-4S+ , but i dont know witch one
At this moment we have server poweredge 2 cpu x5650, 24gb ram with vyos, using 2.6gb ram. is ok working since 3y now but i whant sompting more powerfull and good, because with the curent router somptimes the speed is slow, like 100mbps till we reboot and after back again but not what i whant and after some time is like loosing the speed somehow, we even check network ports…etc
All ower servers have 10GB Network Local SFP+ using a Mikrotik switch the 40gb pors…etc
We have 2 ISP providers and a seprate vlan true one provider from Voxility.
Both providers provide us 2 bgp tables, national and global.
Ower ISP speed is 500mbps minimum guarantee with 1GB port, we whant to upgrade to 1GB Guarantee and 10GB Port.
Ower budget is 1500e, at the curent stage we dont affort like 15k routers
Any other recomandations ar allways welcome
Thank you.
It largely depends on what you value more stability or new platform/features
CCR1036 on 6.48.6 is going to be rock solid and can handle 10G + 2 full tables without issue - it just isn’t super-fast to converge. That said, Tilera chips are no longer being manufactured and there is a finite supply of this platform.
CCR2116 is a fantastic box and has far more capabilities but it’s largely going to depend on which protocols you want to run and if they are stable as of 7.6 stable. Don’t get me wrong, ROS7 has come a long way in the last year and can be put into prod for many use cases, but the more complicated the use case, the greater chance it’s not yet stable on ROSv7.
Once a long-term software version is released for ROSv7, this will balance will start to change.
I have one 1036 and seven 2116’s. My 1036 handles CGNAT for all my customers. The network 2116’s handle routing (full and partial BGP tables) and basic firewalling at the edge. The home and data center 2116’s handle firewall, NAT, and now containers.
The 1036 has more cores to handle a ton of networking. If you plan on doing lots of CPU-intensive work, such as firewalling, NAT, VPN tunnels, PPPoE, etc., the 1036 might be a better option, especially if you need it now and for some reason might need a feature from an older version of firmware or capability/stability that 7 doesn’t offer today. But that gap is narrowing by the week.
The 2116’s have Layer 3 offloading, so if you have a bunch of routes, it takes the load of routing off the CPU and frees it up for those other tasks mentioned above.
Given my 1:7 ratio, I personally see little-to-no reason to buy yesterday’s tech today.
Hello, I am from a small ISP in Argentina. I ask you two concerns.
What is the private IP to public IP ratio that you are using in CGNAT?
How much is the maximum volume you reached in CCR1036/CGNAT? Up to what volume of traffic do you consider it advisable to take it?
I’ve since sold the 1036 and have two 2116’s handling the CGNAT in an active/standby setup with VRRP. In other words, one does the work while the other is poised to take over if the first one fails.
It’s handling 600 subscribers and 3Gbps of peak traffic. I have around 16-24 IP’s doing NAT. If you estimate 500 TCP/UDP ports per subscriber, you can put roughly 130 subscribers behind one IP address. With 16 IP’s and 600 subs, I’m at about 1733 ports per customer (using 65000 ports for simpler math).
L3HW NAT offload works except for the fact that I have redundant connections to the router (both upstream and downstream) and it doesn’t load balance. Nonetheless, the CPU can handle that amount of traffic just fine, with the CPU ranging between 18% and 24%.
So in our case, we should correct the ratio we are currently using from 16 to 1 so as not to waste public IPv4 segments. In one of the CGNATs we are serving approximately 7,500 subscribers. In terms of traffic, on this equipment we have reached 14 Gbps with an average CPU of approximately 45.
We do not have massive complaints regarding the subscriber experience behind a connection that uses cgnat IP.
In addition to CPU usage and traffic, what other variable would you recommend we take into account?.
It really depends on how it’s connected to the rest of the network, but in theory you should be able to hit 40Gbps one-way, if it’s a “router-on-a-stick” with the four SFP+ ports in a LAG to a switch and L3HW offload is enabled.
In reality, I’d expect things to start feeling rough around 20Gbps if you’re not using hardware offload. 14Gbps @ 45% is encouraging.
Hi,
I expressed myself incorrectly, the CGNAT router that I mentioned previously is the CCR1036-8G-2S+, the questions were directed to that model that we still have in production.
We recently bought a CCR2116-12G4S+ also for CGNAT, I have time to improve the private IP to public IP ratio and apply the “Layer 3 Hardware Offloading” feature that you mentioned.
Just wondering, what kind of rule do you use for source nat? I’m having issues using srcnat action=src-nat and action=netmap when L3HW offloading is enabled. It only seem to work with masquerading otherwise traffic halts… So what are you using please? When i disable L3HW offloading, everything works fine with action=src-nat and netmap.
