Hi
I’m hoping you may be able to offer some hardware advice?
I’m looking to purchase or build two VyOS routers that will act as core routers for a site with around 1700 users. The routers will be configured identically, and use VRRP for redundancy. They will route traffic between 20 internal VLANs, covering everything from clients, servers, telephony, CCTV, building management, wireless networks and so forth. Routing functions are currently handled by a mix of layer 3 switching, and virtual appliances. The virtual appliances can be sluggish, and there are few ACLs on the switches. Zone based firewalls will be set up between all VLANs once routing is moved over to the new devices, which will go a long way towards improving security. The site is part of a WAN, and the routers will share routes with the outside world using OSPF. WAN speed is 1Gbps/1Gbps, and comphenive QoS will be needed to prevent users/devices/applications monopolising the WAN bandwidth. Routing between internal VLANs will require some 10Gbps NICs to handle peak loads.
Based on the above, I’m guessing I’ll need two fairly beefy servers? I briefly considered a pair of EdgeRouter Infinitys, but it seems they are nowhere near capable of 1Gbps WAN throughout, once QoS is enabled? Quality NICs and supported hardware are a must, as I’d hate to find VyOS dropped support after a few years.
VyOS is top of the list at the moment, as Cisco and Juniper prices are in a different world, and handling everything using layer 3 switches and stateless ACLs would be a full time job!
Thanks in advance!