Vyatta – Desert Deployment!

I have deployed Vyatta to a lot of different locations, however the deployment I did last week was a little different…

Yas Island is a naturual island on the coast of the United Arab Emirates of about 2,500 hectares or which 1,700 hectares is being developed. It is to be a $40 billion playground of marinas, shops, theme park, water park, hotels and villas not to mention a Formula 1 track.

At the minute though it is little more than a lot of sand, some mounds of earth, a few roads and a lot of cranes, and I get the pleasure on behalf of my client Benoy (architects), of extending their existing Vyatta network to cover both their Abu Dhabi city office and their Yas Island site office.

There were a number of challenges with the deployment:

  1. The connectivity; we had ordered a 2mbit/s leased line from Etisalat, the UAE telco, this was being delivered via a microwave link back to Abu Dhabi, at the point of landing in the country, we had no idea of the reliability, IP Scheme and weren’t even confident about the presentation!
  2. Disruption; the users were using a shared network provided by the client, which was painfully slow, but worked to give them email and basic web access, we had to minimise downtime.
  3. Reliability; we had to do everything we could to ensure reliability and remote maintainability of the network once we had left.

The Kit

Vyatta was the natural choice not only because we were using it across the rest of the Benoy network, but also because of the cost effectiveness of the hardware required to deploy a resilient configuration.

At each site we deployed 1U Dell 860s, with:

  • Dual core Xeon processors
  • 2GBs of Ram
  • Hardware mirrored Sata drives
  • Additional Intel Dual NIC card (giving 4 ethernet interfaces in total)
  • Vyatta 2.3.1

The Configuration

  • 4 Subnets: Workstations, Servers, Internet 1 (leased line), Internet 2 (ADSL)
  • All subnets clustered across the two routers
  • DHCP for workstation subnets (split across the two routers)
  • Masquerade NAT for internal subnets
  • Incoming NAT for email and video conferencing
  • IPSec VPN tunnels back to the UK network and the other Abu Dhabi site
  • Internal and external firewalling

The Microwave Link

The microwave link was a V35 serial presentation that we passed through a Cisco 1841 before passing onto the Vyattas, the resulting connection performed remarkably well giving us about 14ms round trip on pings back to the main Abu Dhabi office.

The Result

The end result is fantastic, speed and response of performance at both sites far exceeded expectations. At the main site we were replacing a Firebox VPN tunnel back to London, which had proved to be a little unreliable and extremely slow, we were putting this down to the quality of the Etisalat connection, however once we replaced it with the Vyatta VPN the network response and reliability was far in excess of expectations and performs as well as the MPLS circuits we have connecting other sites.

Martin Neal, IT Director of Benoy, said ‘I am really pleased with the speed and also the “feel” of the network.

Photos

The Yas Island site office…

Yas Island Construction office

The Benoy team at Yas Island…

Yas Island Benoy Office

Our Microwave Link…

Our microwave link.

Author: Ben King

My name is Ben King, I am a director of an Internet solutions company called bit10 ltd. My ultimate responsibility is to bring in the work that bit10 delivers. However I also do a myriad of other things, for example system design, and administration. Outside work I go out, I drink, I socialise, I cook, I have fun, oh and I play a little bit too much World of Warcraft!

Leave a Reply

Your email address will not be published. Required fields are marked *