Peering Router
Over recent years, ‘cloud-native’ service providers have developed ways to build and run massive data centers with a high degree of automation, to reduce operational overheads and deliver levels of service agility beyond traditional carrier infrastructure. RtBrick’s open disaggregated Peering Router brings these same benefits to ISP networks, by using agile methodologies and the same battle-hardened DevOps cloud automation tools that have been adopted by the world’s biggest cloud providers.
The RtBrick Peering Router is delivered as a software container, packaged out-of-the-box with the Open Network Linux (ONL) provided by the hardware SKU manufacturers, which handles peripherals such as LEDs, temperature sensors, and so on. The RtBrick Peering Router software runs on a choice of low-cost but powerful bare-metal switches.
Benefits
RtBrick’s disaggregated Peering Router delivers some significant benefits compared to traditional monolithic systems:
- · Greater agility – you can add new services in weeks rather than years
- · Reduced risk – no more vendor lock-in and a simpler automated operating environment
- · Cloud cost-levels – leverage low-cost merchant silicon and automate your operations like a ‘cloud-native’
Agility
ZTP (Zero-Touch-Provisioning) ensures that each switch is booted, provisioned and operational without requiring manual intervention. This means that you can add capacity, or roll-out new service features, in a matter of minutes instead of days or weeks. The software itself is developed using Agile methodologies so that features are rapidly prototyped and implemented, reducing the time-to-market for new services.
Reduced risk
RtBrick’s Peering Router software is compiled for your specific use-case, using only the features you need. With an order of magnitude fewer lines of code, and a single state database rather than hundreds, the whole system is less complex, less prone to bugs and has much faster restart times. It also allows you to pick and mix between the latest silicon and the best available software. It also includes a number of critical security features detailed below.
Cloud cost-levels
Now you can take advantage of the low cost-points of merchant silicon on your choice of bare-metal switches, significantly reducing your capex bill. And opex costs can be reduced by automating your operations, using ZTP and the same Web2.0 operational tools that the ‘cloud-natives’ use to run their infrastructure.
Deployment Options
The Peering router's capacity can be scaled down to a single RU bare-metal switch or a more powerful 2RU switch with interfaces up to 400Gbps.
Single RU bare metal switch example
Management and Operations
Along with a traditional CLI, more ‘cloud-native’ means of interactions are also supported, such as RESTCONF. RtBrick’s Management System, RBMS, takes this a step further, by providing network level workflows such as Image Lifecycle Management, Network Upgrades and Event and Log Management. RBMS actions are available through REST APIs making them easy to integrate into existing OSS systems. RBMS provides a single point of interaction for operations staff – from provisioning and management to monitoring and debugging. The result is a Peering Router that can be managed using the latest Web2.0 tools through a ‘single pane of glass’, with Zero-Touch-Provisioning.
Security
- BGP Flowspec is a powerful tool used to help protect networks from DDoS (Distributed Denial of Service) attacks.
- Resource Public Key Infrastructure (RPKI) is a mechanism that allows network owners to validate and secure the critical route updates, or Border Gateway Protocol (BGP) announcements, and prevent route hijacking or misconfiguration.
- TCP Authentication Option (TCP-AO) enhances the security and authenticity of TCP segments exchanged during BGP and LDP sessions. It adds support for the most current security mechanisms, and is stronger than legacy mechanisms such as TCP MD5.
- sFlow, or "sampled flow", samples packets from routers and sends them to a central collector for analysis, to identify abnormal traffic patterns and potential attacks.
- Generalized TTL Security Mechanism (GTSM) prevents a remote intruder from hijacking a route using a mechanism that also protects it from CPU-utilization based attacks.
Features
The features supported by RtBrick FullStack are expanding all the time, because it's much faster for us to add and test new features than it is using a traditional monolithic code base. Currently supported features include:
| Features * | Peering Router |
| General | |
| Routing Policy | ✔ |
| LDP | ✔ |
| L2X | ✔ |
| BGP | |
| IPv4 | ✔ |
| IPv6 | ✔ |
| LU-v4 | ✔ |
| LU-v6 | ✔ |
| VPNv4 | ✔ |
| VPNv6 | ✔ |
| Add-path | ✔ |
| Multi-path | ✔ |
| Multi-hop | ✔ |
| Segment Routing | ✔ |
| 4-Byte AS | ✔ |
| ISIS | |
| IPv4 | ✔ |
| IPv6 | ✔ |
| Segment Routing | ✔ |
| OSPF | |
| IPv4 | ✔ |
| IPv6 | |
| Segment Routing | ✔ |
| SECURITY | |
| TCP-AO (BGP and LDP) | ✔ |
| BGP Flowspec | ✔ |
| RPKI | ✔ |
| sFlow | ✔ |
| GTSM | ✔ |
| Forwarding Plane | |
| VPP | ✔ |
| ACLs (IPv4/6, L2) | ✔ |
| QoS (policing, scheduling, queuing, hierarchical) | ✔ |
| Operations | |
| ResmondD (RtBrick resource monitoring application) | ✔ |
| CLI | ✔ |
| Inband Management | ✔ |
| ZTP Provisioning | ✔ |
| RBMS (RtBrick Management System) | |
| Rules Engine | ✔ |
| Topology Discovery & Inventory | ✔ |
| REST API | ✔ |
| Microservice | ✔ |
| Dynamic Service Selection | ✔ |
* may include some road-map features
Compatible Hardware
RtBrick's Full Stack routing software can operate on many bare metal switches, depending on your performance and port count requirements. You can find details of compatible hardware here.