XORP 1.0 Released

Mark Handley writes "XORP is the eXtensible Open Router Platform - an open-source router software stack for FreeBSD and Linux. It's designed from scratch to be extensible, so you can write your own router applications that play nicely with the existing routing protocols. We just released XORP 1.0! There's also a Live CD if you want to try it out without reinstalling your machine. More details in this CNET article."

No mention of Quagga/Zebra?

Ironic that there is no mention of Quagga or Zebra (that I can see) in either the XORP website, or the CNET article.
Zebra has been around for a long time now, and is pretty good. Due to the slow release cycle, Quagga forked the codebase, and so there are updated releases. Unfortunately neither project has seen fit to hit the magic 1.0 release.

- Ivan

Re:No mention of Quagga/Zebra?

[dleifelohcs]

Not to mention Quagga/Zebra are darn good routers. See the UNH links? Yeah.

First hand experience beating the crap out of them. :P

Too top heavy?

[fostware]

The code/API does not seem to be designed to close to the ucLinux style of coding. While it's a commendable idea to reuse lowend hardware, it's a little heavy on the resources for a "real" device-based router project. Do the XORP web admins know when the code has been downloaded by half the Taiwanese broadband router companies yet? :P

Per-packet routing

Why cant linux do this? Is this not feasible on modern hardware? I find it amusing that I cant simply (for example) use multiple wifi-links in a dynamic way. And no, neither (T)EQL nor ECMP works, ECMP isnt per-packet and EQL isnt dynamic in any way.

Ive heard of no software that can do this, actually. I know it must exist though?

Re:License vs Proprietary forks

[Ded+Bob]

But I sincerely fear that all this work might get "embrace and extend and sell" by a company - like what happened for the BSD TCP/IP stacks (ok, do an nmap -O on your favourite MS box).

I doubt anyone could "embrace and extend" it without trying to force the major players (i.e., Cisco) to accept the changes in standard protocols (i.e., SNMP, BGP). That will not happen. That is the beauty of standards.

BTW, you sound as if you have fallen into the FUD about BSD licenses. The source is always open even when a company copies it.

Re:Performance is pretty reasonable

[!ramirez]

The problem, IMHO, is that ALL high end routers use HARDWARE routing (see: flow/fast switching in 7500/12000s) instead of software routing. Unless you 're building ASICs to handle stuff in the data plane (VIPs or whatever the 12ks use for dCEF and the like), you're not really in any danger of becoming used by the higher end routing equipment manufacturers.

Also, software can be written all day long to run on a general purpose PC - but when was the last time you saw a multimode ATM DS3 interface, or a multichannel T3 interface for a PC?

Finally, I'm not convinced that opening the router software market is a 'good thing' - Linux advocates continually talk about 'software monoculture' being a bad, bad thing, as evidenced by Microsoft, yet you speak in your last paragraph of wanting precisely this. Imagine a flaw in the way you handled PIM (a la Cisco about a year ago), which would effectively DoS the router. Cisco at least notified their large carriers before specific details leaked onto the net - I shudder to think of someone posting 0day exploit code for something like this on Full-Disclosure.

(incidentally, I find the project fairly interesting, with the noted lack of redistribution ability. :( Hopefully, this is something that will come along in the next version (maybe?).)

Re:Anatomy of a Slashdotting

[Fzz]

And here is a graph of the traffic on the primary link between www.xorp.org and the outside world. At least right now, the 30Mb/s peak there is pretty obvious.

Re:Performance is pretty reasonable

[Paul+Jakma]

The problem, IMHO, is that ALL high end routers use HARDWARE routing (see: flow/fast switching in 7500/12000s) instead of software routing. Unless you 're building ASICs to handle stuff in the data plane (VIPs or whatever the 12ks use for dCEF and the like), you're not really in any danger of becoming used by the higher end routing equipment manufacturers.

However, they still run their protocols, control "plane", etc. in software on a commodity general purpose CPU, which is what the likes of XORP, GNU Zebra and Quagga cover. Indeed, the Juniper routing engines are literally PC's running some flavour of BSD off of flash. There is nothing stopping one implementing off-board forwarding cards for a PC - you just end up with Juniper's architecture. Intel for example have ASICs targeted toward the building such boards, the Intel Network Processor range, customised Xscale CPUs with PCI interfaces designed for offloading packet-forwarding.

Still, a PC is *more* than capable of replacing any low-end Cisco, eg 26xx, which btw use software forwarding, not hardware, and even mid-range, provided one is careful to match the PC hardware to the requirements.

Cisco at least notified their large carriers before specific details leaked onto the net - I shudder to think of someone posting 0day exploit code for something like this on Full-Disclosure.

There was a Cisco BGP DoS vulnerability announced recently, GNU Zebra and Quagga were not vulnerable to the DoS. Also, why do you think white hats would leak a DoS for an open project but not for IOS? Or why do you think CERT, would not co-ordinate with an open project for vulnerabilities, when they already do so?