Back in 2004, I deployed a 8Mbps ATM circuit that connected an airline company hub site. Traffic growth increased amazingly since then! In 2020, what does SOHO (Small Office, Home Office) mean nowadays? In our use case we will consider a SOHO connected at 1GE link. This is for example:
- Primary schools, Secondary schools
- Small R&E institution spoke sites
- Home office (especially considering the COVID context)
- Small company spoke agencies
In this article we will describe how to build a carrier grade SOHO router (aka CPE) from an actual real platform. In this example let me share with you my personal story and introduce you my SOHO hardware that I'm using at home. It is compliant with the requirements implied by the use cases listed above:
- requirement #0: n×1GE capable, ISP uplink is 1GE
- requirement #1: completely silent, the box can be moved to crowded room
- requirement #2: small power consumption, as it is meant to run 24x7. (I'm paying the bill ! )
- requirement #3: Run 64-bit linux
- requirement #4: native support of DPDK
[ #001 ] - Cookbook
- 6× Intel 211AT Gigabit Ethernet, support wake up on LAN
- Support 1× mSATA SSD, 1x DDR3L 1.35V memory 1333/1600MHz, max to 8GB;
- 1× VGA max resolution 1920x1080P
- 1× COM RJ45 console
- Support add WiFi module ( Mini PCI-E half height size )
- Support automatically power on after power restore.
- Ultra compact measured at 180×175×34mm;
- Low power requirements save money and be more eco-friendly.
- Fanless, passive cooling, noise-less
- CPU identifier: J1900
of cores: 4
# of Threads: 4
Processor Base Frequency: 2.00 GHz
Burst Frequency: 2.42 GHz
Cache: 2 MB L2 Cache
TDP: 10 W
freeRouter is heavily multithreaded, so for 4 cores is appreciated, as a budget SOHO router, VPN hardware NIC assistance is not required. If VPN concentrator is needed, we can deploy in a SOHO environment a dedicated box that has a CPU with AES-NI support. freeRouter won't run as a VM, so VT-x nor VT-d and VT-c is not required.
- home office work
- regular 720p/1080p/4K (and more) on-line VC via RENATER RENDEZ-VOUS or ZOOM
- (intensive grown up kids) online gaming (2–3 persons can play an online game at the same time)
- these kids+wife can multitask and watch 480p/780p Youtube video at the same times (This is the digital natives ...)
- streaming video from MyCanal (French Netflix competitor)
Operating system/school educational materialparallel downloads
- Intensive social network usage via native mobile client having integrated video in the apps ...
So all the above usage require a high amount of connectivity as all of the action above can occur in parallel. This is Speedtest test result during crowded working hours:
So my ISP was not totally lying after all, though I could not reach the theoretical 1GE that the ISP advertisement boasts.
Please note that this hardware has no optical/SFP port. There are indeed similar configuration with 1 optical uplink port in case you are also the service provider in your environment. This hardware is specific to FTTH environment currently deployed in France.
Operating system specification
- Debian 10 (aka Buster)
- netinstall is used
- minimal vanilla installation
- requirement #0: LTS operating system
- requirement #1: Benefit from LTS security patches
- requirement #2: Must be able to run dpdk
- requirement #3: (personal requirement) Must be familiar to me
- requirement #4: Able to run java software as freeRouter is written in Java
- requirement #5: small operating system software footprint
- requirement #6: Support for IPv4/IPv6
Additional nice to have features (but not used here as we are not using VM nor require high VPN traffic load)
- Virtualisation support: Check CPU support for VT-x (intel) AMD-V (AMD)
- I/O MMU virtualisation (Kernel bypass mechanism): Check CPU support for VT-d AMD-Vi (AMD) needed by dpdk with VFIO driver in order to ensure hardware NIC packet forwarding
- Network virtualisation: Check CPU support for VT-c (SR-IOV)
- Hardware Encryption: Check CPU support for AES-NI (Tunnel mechanism using AES such as OpenVPN, however this is useless for other tunnel type such as Wireguard
Though the traffic distribution is totally different from a school or SOHO site traffic patterns, we can consider this hardware platform as a viable choice.
- each 1GE port is wired to an Intel 211AT chipset. DPDK will take advantage of these chipset packet processing power burnt into the silicon in order to relieved the CPU load.
- WIFI is not mandatory and the hardware included is not bleeding edge but considering the uplink bandwidth 802.11ax is not necessary. At least for Northbound traffic we are safe for the moment. At some points if East-West traffic such as NAS to wifi client require 10G traffic rate it will be the moment to buy a new appliance. If WIFI improvement is needed, 802.11ac card can be purchased with a 15€ budget. For WIFI client to WIFI client traffic 10GE traffic you can still purchase a 802.11ax mini PCIe card for around the same budget.
freeRouter is supported on:
- linux based system
- android → yes, you can install freeRouter on your mobile phone and wander around your house, IPv4/IPv6 WIFI roaming will occur automagically!
- freeRouter has a DPDK dataplane as well as a libpcap dataplane for older hardware
- in this example I selected an appliance for convenient reasons but nothing prevents you from recycling an old laptop/desktop PC with multiple DPDK NICs. We can run a small PE (provider edge) router with multiple 1GE/10GE NICs. Note that the appliance can act as a 6x1GE provider edge router. This is the edge of the MPLS Seamless architecture.
Operating system future considerations:
- In SP environment, the ideal situation is to have a custom Operating System (We are studying the Yocto project in order to create this custom OS)
- This custom OS will encompasses the strict minimum software thus reducing the software footprint at its minimum
- A very promising and unique features is also provided by: NixOS/Nix package manager : This will enable atomic commit/rollback at the package management level
The combination of Yocto + Nix can help develop your own specific DIY hardware (or for your company/organisation/institution) based on the popular concept that French ISPs love: "INTERNET BOX"
In this 1st article you:
- had a brief description hardware platform suitable for SOHO
- had a description of the SOHO use case in 2020
- get a rationale on why this platform has been chosen
- had a brief description of the selected Operating System
- get a rationale on why this OS has been chosen
RARE validated design: [ SOHO #001 ] - key take-away
- RARE/FreeRouter is a strong candidate for SOHO with multiple dataplane support solution.
If you are a company you run RARE/freeRouter with a versatile P4 switch such as APS Networks® BF2556X-1T or WEDGE, but as a SOHO with a small budget you can run it with a DPDK dataplane and for older hardware you still have the possibility run it with a pure software dataplane
- RARE/freeRouter is the first element at the very edge of the MPLS seamless architecture
End to end MPLS is now possible for the Service provider at an affordable price
- RARE/freeRouter design can coexist with Virtualisation technology
CPU extension such as VT-x/AMD-V, VT-D/AMD-Vi, VT-c can provide coexistence between RARE/freeRouter and a small amount of storage and compute node. (Such as micro-K8/docker)
In the next article we will start our journey in creating a carrier grade CPE using the platform above.