Slashdot Mirror

← Back to Stories (view on slashdot.org)

XORP 1.0 Released

Posted by michael on from the bit-bucket dept.

Mark Handley writes "XORP is the eXtensible Open Router Platform - an open-source router software stack for FreeBSD and Linux. It's designed from scratch to be extensible, so you can write your own router applications that play nicely with the existing routing protocols. We just released XORP 1.0! There's also a Live CD if you want to try it out without reinstalling your machine. More details in this CNET article."

21 of 76 comments (clear)

  1. License vs Proprietary forks by Gopal.V · · Score: 4, Insightful
    For the time I've looked at routers (briefly) , I've already noticed the BusyBox Hall Of Shame - where router vendors have refused to comply to the license. But I sincerely fear that all this work might get "embrace and extend and sell" by a company - like what happened for the BSD TCP/IP stacks (ok, do an nmap -O on your favourite MS box).

    But this is good for colleges and other places where the concentration of "guys who can stop by and fix the router" is high. Also not to mention the tinfoil factor of a readonly-livecd router (but does it have remote logging).

    --
    Quidquid latine dictum sit, altum videtur
    1. Re:License vs Proprietary forks by ffsnjb · · Score: 4, Insightful

      But I sincerely fear that all this work might get "embrace and extend and sell" by a company - like what happened for the BSD TCP/IP stacks (ok, do an nmap -O on your favourite MS box).

      The BSD folks look at this differently than you do. As long as Microsoft complies with the license for the BSD tools they use in Windows (tcp/ip stack, ftp.exe, etc.), and they have, everything is just peachy. BSD folks just love to see their code used (superiority complex?), and generally don't care as long as the copyright remains; even if every penguin-worshipping-codemonkey's most hated evil empire uses it.

      --
      "Why do you consent to live in ignorance and fear?" - Bad Religion
    2. Re:License vs Proprietary forks by Ded+Bob · · Score: 2, Interesting

      But I sincerely fear that all this work might get "embrace and extend and sell" by a company - like what happened for the BSD TCP/IP stacks (ok, do an nmap -O on your favourite MS box).

      I doubt anyone could "embrace and extend" it without trying to force the major players (i.e., Cisco) to accept the changes in standard protocols (i.e., SNMP, BGP). That will not happen. That is the beauty of standards.

      BTW, you sound as if you have fallen into the FUD about BSD licenses. The source is always open even when a company copies it.

  2. No mention of Quagga/Zebra? by Anonymous Coward · · Score: 2, Interesting

    Ironic that there is no mention of Quagga or Zebra (that I can see) in either the XORP website, or the CNET article.
    Zebra has been around for a long time now, and is pretty good. Due to the slow release cycle, Quagga forked the codebase, and so there are updated releases. Unfortunately neither project has seen fit to hit the magic 1.0 release.

    - Ivan

    1. Re:No mention of Quagga/Zebra? by dleifelohcs · · Score: 2, Interesting

      Not to mention Quagga/Zebra are darn good routers. See the UNH links? Yeah.

      First hand experience beating the crap out of them. :P

    2. Re:No mention of Quagga/Zebra? by hugesmile · · Score: 3, Funny
      Considering the release numbering scheme is arbitrary, it's amazing how people underestimate the marketing benefit of calling your first beta release "Release 3.0"

      Consider Windows...
      Release 1.0
      Release 2.0
      Release 3.0
      Release 3.1 (must be slowing down)
      Release 3.11 (really slowing down)
      Release 95 (wow, skipped 91.89 versions!)
      Release 2000 (skipped 1905 versions)
      Release NT and XP (some sort of Advanced Roman Numeral system??)

    3. Re:No mention of Quagga/Zebra? by bheer · · Score: 3, Informative
      I know you were being funny, but whatever the marketing tag, Windows versioning has been pretty consistent.
      Windows 95 4.00.950
      Windows 98 4.10.1998
      MS then shifted into a real build numbering system for Win9x (something NT has always had):
      Windows 98 SE 4.10.2222
      Windows ME 4.11.3000

      Windows NT 3.1 3.10.497
      Windows NT 4.0 4.00.1381
      Windows 2000 5.00.2195
      Windows XP 5.1.2600
      Windows 2003 5.2.3763
      Note these version strings are for initially released OSes, service packs and localized releases may have different minor numbers.
      --
      Go somewhere random
  3. Too top heavy? by fostware · · Score: 2, Interesting

    The code/API does not seem to be designed to close to the ucLinux style of coding. While it's a commendable idea to reuse lowend hardware, it's a little heavy on the resources for a "real" device-based router project. Do the XORP web admins know when the code has been downloaded by half the Taiwanese broadband router companies yet? :P

    --
    "We know what happens to people who stay in the middle of the road. They get run over." - Aneurin Bevan
  4. A welcome development by Tandoori+Haggis · · Score: 4, Informative

    The cost of traditional routers has been a problem for commercial and non commercial organisations with tight budgets. Even in larger organisations with considerable routing investment there can be a real lack of routers for spares and training.

    Add to this the fact that some old but worthy routers may not run the latest IOS and hence may have some unpatched vulnerability, which will not be addressed by the manufacturer, who understandably wants you to buy their latest kit.

    As the CNET article points out the perceived disadvantage of this open source router software is the performance of the physical platform.

    Perhaps it is the hardware implimentation that made people unsure of the Open Router project?

    Perhaps a respectable router can be built more easily and for less outlay now than 5 years ago?

    --
    My hyperlinks aren't worth the paper they're printed on.
  5. Where are the screenshots? by Anonymous Coward · · Score: 2, Funny

    How am I supposed to know if it's any good if there are no screenshots?

  6. Gated skirted over by Anonymous Coward · · Score: 5, Informative

    Gated got a mention in the CNET article. It was actually a very good alternative to the commercial vendor hardware - argueably many ISPs (that are around today, eg Demon Internet in the UK) would never have been able to start up if it were not for the existance of Gated.

    Unfortunately this was an example of a kinda BSD-style licence causing problems. The Gated community (which cost a couple of thousand pounds per year to join, providing access to all code/updates) added a great deal of functionality to the code, and benefited from this.

    The whole code was subsequently taken and "owned" by NextHop, meaning most/all of these code benefits were lost. Take a look at the gated.org website to see what happened :(

    - Ivan

  7. important project by e**(i+pi)-1 · · Score: 3, Insightful
    This is an important project:
    • keeps vendors like Cisco on their toes evenso it can not compete with their products.
    • could allow developing countries to build a better and cheaper internet infrastructure
    • could prevent the development of more great firewalls or find ways around it.
    • pushes research and will in the long term also improve commercial products.
  8. Quagga by Paul+Jakma · · Score: 3, Insightful

    There's also Quagga, a fork of the GNU Zebra (thanks Kunihiro), which is further along, more mature, in much wider use than XORP (I've not heard of anyone actually using XORP in production, while GNU Zebra and Quagga most definitely are) and, most importantly, not written in C++ ;).

    NB: I'm biased.

    --
    I use Friend/Foe + mod-point modifiers as a karma/reputation system.
  9. Performance is pretty reasonable by Fzz · · Score: 5, Informative
    I don't have results for a new machine with PCI-Express, but a regular 1GHz-class x86 PCs with 32 bit PCI tops out at about 400K minimum-size packets per second. This is limited by PCI saturation - you get fairly low PCI utilization with small packets. But even so, a $300 PC compares favourably with something like a Cisco 7206VXR (which cost ~$30K about 3-4 years ago). This is assuming you are smart about using interface polling rather that being interrupt-driven. Otherwise you die from interrupt livelock.

    This is plenty fast enough for most edge routers, but clearly not going to compete with a Cisco CRS-1 or Juniper core router.

    But most of the software in a router is control-plane (routing protocols and the like) and this is what XORP has focussed on to-date. As more people get involved with the project, we'll be able to do more things.

    A decade ago no-one thought we'd be running Linux on a supercomputer. But we are. If we can get to the point where XORP is stable enough and fully featured enough for carrier-grade routers, who knows what hardware people will run it on in a few years time.

    We are however very committed to keeping XORP as an open-source platform. No matter who uses it commercially, in the long run the only way to open up the router software market is for many boxes from many vendors to run a common open base software platform. With luck and with a lot of help, maybe that can be XORP.

    - Mark Handley, XORP Project

    1. Re:Performance is pretty reasonable by Fzz · · Score: 3, Informative
      Take a look at figures 17 and 18 of this paper:
      Eddie Kohler et al, "The Click modular router". ACM Transactions on Computer Systems 18(3), August 2000, pages 263-297.

      These experiments are a few years old now, but 32-bit PCI hasn't changed in that time, so they should still be valid on non-server-class PCs. Vanilla Linux topped out at around 80Kpps, whereas polling gets you over 300Kpps, and the Click optimizations get you nearer 400Kpps.

      Similar experiments on FreeBSD with device polling give results in the same ballpark.

      - Mark

    2. Re:Performance is pretty reasonable by !ramirez · · Score: 4, Interesting

      The problem, IMHO, is that ALL high end routers use HARDWARE routing (see: flow/fast switching in 7500/12000s) instead of software routing. Unless you 're building ASICs to handle stuff in the data plane (VIPs or whatever the 12ks use for dCEF and the like), you're not really in any danger of becoming used by the higher end routing equipment manufacturers.

      Also, software can be written all day long to run on a general purpose PC - but when was the last time you saw a multimode ATM DS3 interface, or a multichannel T3 interface for a PC?

      Finally, I'm not convinced that opening the router software market is a 'good thing' - Linux advocates continually talk about 'software monoculture' being a bad, bad thing, as evidenced by Microsoft, yet you speak in your last paragraph of wanting precisely this. Imagine a flaw in the way you handled PIM (a la Cisco about a year ago), which would effectively DoS the router. Cisco at least notified their large carriers before specific details leaked onto the net - I shudder to think of someone posting 0day exploit code for something like this on Full-Disclosure.

      (incidentally, I find the project fairly interesting, with the noted lack of redistribution ability. :( Hopefully, this is something that will come along in the next version (maybe?).)

    3. Re:Performance is pretty reasonable by Paul+Jakma · · Score: 2, Interesting

      The problem, IMHO, is that ALL high end routers use HARDWARE routing (see: flow/fast switching in 7500/12000s) instead of software routing. Unless you 're building ASICs to handle stuff in the data plane (VIPs or whatever the 12ks use for dCEF and the like), you're not really in any danger of becoming used by the higher end routing equipment manufacturers.

      However, they still run their protocols, control "plane", etc. in software on a commodity general purpose CPU, which is what the likes of XORP, GNU Zebra and Quagga cover. Indeed, the Juniper routing engines are literally PC's running some flavour of BSD off of flash. There is nothing stopping one implementing off-board forwarding cards for a PC - you just end up with Juniper's architecture. Intel for example have ASICs targeted toward the building such boards, the Intel Network Processor range, customised Xscale CPUs with PCI interfaces designed for offloading packet-forwarding.

      Still, a PC is *more* than capable of replacing any low-end Cisco, eg 26xx, which btw use software forwarding, not hardware, and even mid-range, provided one is careful to match the PC hardware to the requirements.

      Cisco at least notified their large carriers before specific details leaked onto the net - I shudder to think of someone posting 0day exploit code for something like this on Full-Disclosure.

      There was a Cisco BGP DoS vulnerability announced recently, GNU Zebra and Quagga were not vulnerable to the DoS. Also, why do you think white hats would leak a DoS for an open project but not for IOS? Or why do you think CERT, would not co-ordinate with an open project for vulnerabilities, when they already do so?

      --
      I use Friend/Foe + mod-point modifiers as a karma/reputation system.
    4. Re:Performance is pretty reasonable by !ramirez · · Score: 2, Insightful

      Uhm. Not everyone lives in a carrier hotel, and not everyone has easy/simple/cheap access to Metro Ethernet, or UDF, or anything closely resembling a RJ45 connection. I work for an ISP - Bellsouth delivers our PTP DS3s via RG58 coaxial DS3 out of a fiber shelf they installed - asking for a DS3 interface isn't really that exotic, or outdated. You assume that everyone who would want to use routers has access to MANs/Metro Ethernet/RPR/whathaveyou - this is extraordinarily shortsighted.

      If you have a campus (large business, research, or education) network with existing ATM, it's now cheaper for you to rip out everything you have and replace it with switched or routed gigabit ethernet than it is to maintain your existing kit.

      How is ripping out your existing infrastructure cheaper than continuing to use it?

      No offense, I don't see a Linux router manufacturer stepping up to help me troubleshoot why my BGP sessions keep dying mysteriously, or why not all of my IGP routes that I've designated in a specific prefix-list are being injected into BGP - something that I'm more than willing to pay Cisco for, because their stuff just plain works.

  10. Anatomy of a Slashdotting by Fzz · · Score: 4, Informative
    In case you wondered about the wisdom of linking to an ISO, here are our traffic stats.

    www.xorp.org is in California, www2.xorp.org is in London. Both are 6-year old dual 450MHz Xeon machines with 768MBytes of RAM and SCSI disks, running FreeBSD and Apache 1.3.x. Both machines have 100Mb/s access to the Internet.

    In 5 hours:

    www.xorp.org: transfered ~30 GBytes peaked at around 175 simultaneous httpd processes 15 min load average peaked at 0.7. www2.xorp.org: transfered ~20 GBytes peaked at around 75 simultaneous httpd processes 15 min load average peaked at 0.4. Aggregate bandwidth was ~25Mbit/sec average. I won't know the peak bandwidth without some more analysis, but it's obviously quite a bit more than 25Mb/s. I didn't notice any obvious slowdown on either machine.

    I've no idea how typical this is, but I'm always curious about how easily sites seem to die due to slashdotting.

    - Mark

    1. Re:Anatomy of a Slashdotting by Fzz · · Score: 3, Interesting

      And here is a graph of the traffic on the primary link between www.xorp.org and the outside world. At least right now, the 30Mb/s peak there is pretty obvious.

  11. Can't have been a BSD license... by argent · · Score: 2, Insightful

    If it was a BSD license it couldn't have been taken over. A BSD license can get a commercial fork, but the original code remains freely redistributable.