Slashdot Mirror
BusinessWeek On XORP vs. Cisco
cornfed writes "BusinessWeek is running this article talking about how XORP will take on Cisco's dominance in the router market. The article speculates that XORP could represent the next 'open-source rebellion.' One can only imagine the fallout within the telecommunications industry if an open-source project like this gained traction-- Cisco would not be the only giant to be slain."
Because XORP is more fun to say.
The result of XORP & similar technology will be a decentralization of networks. If you look at a typical enterprise network, the backbone of that network will be a single "enterprise" (ie. expensive) Layer-3 switch from a company like Extreme, Foundry, Cisco or whatever.
Those switches are cost-effective because of the needlessly high cost of low-end equipment.
If supported, flexible & cheap routing becomes a reality, you'll see clouds of cheap-commodity level hardware replace big networking iron... just as Linux displaced Solaris, HP-UX and AIX.
Conformity is the jailer of freedom and enemy of growth. -JFK
Go after the big guy first and the others will be afraid to fight. That worked so well in gradeschool
Here is more about XORP (the Extensible Open Router Platform), for those that don't know.
Cisco is the only company with an employment policy that is worse than the one at Intel. Cisco does quarterly performance reviews; they are strictly by the bell (i.e. gaussian) curve. The bottom 10% are automatically fired without a second chance.
Worse, Cisco has also demanded that it be allowed to hire foreign engineers from India and China. According to Cisco management, it absolutely needs H-1B engineers in order to be competitive and has continued to hire H-1B engineers, never minding that 80,000 Americans were unemployed in Silicon Valley during the 2001-2003 recession.
AnimeNEXT anime convention
XORP's first version was released in July, and heavier-duty versions are due in coming years. While it's hardly the first effort to make routing software in an open-source format, it may be the most promising, due to $3 million in funding from high-powered backers such as Intel, Microsoft (MSFT ), and the National Science Foundation.
Sounds a little odd to me..
I am the maverick of Slashdot
While it's hardly the first effort to make routing software in an open-source format, it may be the most promising, due to $3 million in funding from high-powered backers such as Intel, Microsoft (MSFT ), and the National Science Foundation.
Okay... anyone else here wondering why and how that came about? Why would MS be involved in such a project? Is the licensing such that MS could siphon the code off for its own use? I'd suspect as much... not that it's a bad thing -- on the contrary, it's quite good -- just not the sort of thing I'd expect from them.
That a bunch of general purpose commodity hardware is going to replace their highly engineered, specialized hardware. Because, you know, I'm sure that businesses of all sizes are *very* anxious to rely on general purpose PC's for their high-performance routing needs.
Don't get me wrong, I think XORP could be usefull in certain applications. I'm currently running Linux on an old Pentium for sharing internet access on my home network, so I understand that for small networks with relatively slow internet connections, general purpose hardware, running routing software, can be usefull.
But I doubt it's going to 'slay the giant'. So much hyperbole in tech journalism these days (oh well, how else are you going to get people to read the article?)
...Timewarp 1997...
You're absolutely correct! What major reasearch lab would ditch their multi-million dollar SGI Origin supercomputing clusters for low cost Lintel hardware?
I can stake my entire enterprise on proven software that costs $15,000+ for a workstation and $300,000+ for a server, or Linux... being a systems programmer for a large company I can say it will never happen.
Conformity is the jailer of freedom and enemy of growth. -JFK
Production networks can't tolerate down time, or waiting for few admins to hack some code and fix some buggy router. So that XORP might be open source, but it has to be commercialized as well.
"Evil thrives when good men do nothing"
It's not surprising that a Berkeley CS researcher thinks his open source project can "slay Cisco", though Ghosh never says anything like that in the article. It might not even be surprising when a Business Week reporter says something so naive, but it is disappointing. Even Linux isn't slaying anyone - it's apple and oranges (or maybe apples and ciscos): XORP might be comparable to Cisco's IOS router operating system, but XORP is hardly comparable to Cisco itself. If XORP works out, and becomes an effective competitor with IOS at any level, Cisco and its actual competitors will just start selling it, bundled with the support, marketing and corporate accountability that people buy when they buy "Cisco". Now if only the BizWeek reporter, Alex Salkever, had realized the compelling story here is Microsoft's funding a million-dollar routing project, and releasing the source as its central development strategy. That would make the Slashdot front page, too, without making Salkever famous for spreading Fearless Certainty, Undoubtedly (FC-U, (TM)).
--
make install -not war
You mean the stuff they got when they bought Linksys? That hardware is completely irrelevant to this discussion, because XORP is intended to replace the high-end cisco equipment, and the stuff they bought from linksys didn't even compete with their own products, with one or two limited exceptions like cisco's DOCSIS cable modem. I don't even know if the linksys cable modem runs linux.
It does seem highly likely that we will see commoditization of the router market. It makes more sense to provide a chassis that takes full-length PCI cards than to require special cards which use a PCI interface anyway. PCI-E is the logical choice since it provides (potentially) more bandwidth than even PCI-X and you could use a wonky form factor if you wanted to, for example blade-type cards that have their connector on the back instead of the bottom. Even using an ordinary rackmount PC form factor, with just 66MHz/64 bit PCI, you could equal or surpass the performance of a cisco router with COTS hardware, provided you had the right software to run it all. Using 64 bit processors over the 32 bit ones found in most networking gear means being able to process IPv6 addresses significantly faster, and most of those systems do not have much processing power because they are proprietary and it's expensive to implement. PC processors are cheap and reference designs are readily available. However, we will need new chipset designs to provide sufficient bus bandwidth.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
We all know about Soekris, and your alphabet soup paper credentials don't mean squat.
I want to delete my account but Slashdot doesn't allow it.
Yes this is horrible because all 80,000 of these Americans deeply wanted to work for Cisco and oddly enough all 80,000 of them were perfectly qualified to do so... Also what the parent forgot to mention is that all 80,000 of them had all available Cisco certs.. holy crap cisco boned america on this one...
Get a clue I'm tired of fools using stats like this to claim companies dont need H-1B engineers... You simply dont have any idea how complex the workforce actually is, why dont you come back to the real world, being in touch with reality results in making yourself look like less of an ass..
FTA: "I don't see open-source routing replacing high-end routers in enterprise or service provider networks," said Dave Passmore, an analyst at Burton Group. "But in the real low end, like in the D-Link and Linksys category of product, free software could be very useful."
Useful, yes. But to how many? I'm not sure that Joe Sixpack could configure a router through a command line. In order to compete with Linksys, Netgear, and D-Link, they will also have to include a real stateful firewall and DynDNS support (which is something that is being included in most retail firewalls now).
Also, if you have to setup a dedicated PC to run this, your average small business or home user isn't going to be interested when they can go to the local superstore and pickup a $59 Linksys that's ready to go, quiet, and small. Unfortunately, this software will not make it to the point where it would be a threat to any appliance-based router builder.
in other words a project like say... Asterisk?
We already have 5+ HUGE (100k+ DIDs) companies running it and raving about it... what more do you need?
Telcos have alot of dark fibre in the States. Most people assume that's optical fibre...but it's actually moral fibre.
Put your routing infrastructure on cheap commodity embedded hardware. The unreliable parts of cheap hardware are disks, fans and the like. So you use embedded components without moving parts and redundancy, you have the reliability of Cisco for 1/10th of the price.
4 50
Hell, even without redundancy, cheap equipment is often reliable... We have $29 netgear access points that have uptimes in excess of 18 months.
Read the Google filesystem paper:
http://portal.acm.org/citation.cfm?id=945
Google designed a massive enterprise storage solution for their needs based on crap hardware that is not only more likely to fail, but <i>expected</i> to fail.
The same can and will be done for networks.
Conformity is the jailer of freedom and enemy of growth. -JFK
Xorp may be fine for low-end applications, where the cost of hardware is more important than the cost of support and uptime.
But, for any relatively complex network, the tech support offerings of a big player like Cisco becomes very important. And, if they have high performance requirements, the custom hardware in a Cisco or Juniper box is pretty tough to compete with on a general purpose platform.
Even at the low end, it's tough to compete with a Linksys/Cisco box doing basic routing functions. In terms of size, power usage, and noise, a small embedded router box is a much better option than a clunky x86 box running xorp.
Last time I looked, none of the open hardware project had done well. When you think about it, any company that is going to build a high quality 96 port ethernet adapter for a PC with hardware to accelerate security, qos and forwarding is going to end up charging a lot of money for it. Then layer in software customization and support and you look just like any other Cisco competitor.
the moral of the story is... OPEN SOURCE OR DIE, CAPTIALIST PIG-DOGS!!!! if you get my drift... ;)
Working in a Cisco based shop, I can certainly appreciate the need for such a product. I look forward to it.
The only problem I have with the article however is its definition of a switch.
The article states: "Switches determine the most efficient path for everything from streaming videos to e-mails to instant messages." It is not correct, switches are not designed to make such determinations.
The Webopedia says:
(swich) (n.) (1) In networks, a device that filters and forwards packets between LAN segments. Switches operate at the data link layer (layer 2) and sometimes the network layer (layer 3) of the OSI Reference Model and therefore support any packet protocol. LANs that use switches to join segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet LANs.
While a router:
(rowter) (n.) A device that forwards data packets along networks. A router is connected to at least two networks, commonly two LANs or WANs or a LAN and its ISPs network. Routers are located at gateways, the places where two or more networks connect. Routers use headers and forwarding tables to determine the best path for forwarding the packets, and they use protocols such as ICMP to communicate with each other and configure the best route between any two hosts.
Such a misuse of terms, particularly from such a respected national magazine, certainly does not help those of us who have to communicate with the non-technical on a regular basis.
"The way you think it is may not be the way it is at all." St. Oran
I too work for a Fortune 500 corporation and I can say with complete certainity that it would take at least 10+ years of proven success by Xorp before we would even consider using it out on the edge of our network, let alone the core. Cisco's IOS is cheap compared to its hardware, and I doubt that Xorp is going to build the chassis and cards to power their OSS routing platform. Plus, are they going to give me 356x24x4 hardware and software support almost anywhere on the face of the planet? I think not.
Routers used by large companies are very specialized pieces of equipmnet (Cisco 7200, 7500, 12000GSR, etc.) and can not be replicated using cheap off the shelf parts. I doubt that Cisco or Juniper is going to let you replace their bootloaders and operating systems and still provide you with a service contract. And service contracts are the life blood for Enterprise networking customers. Unless Cisco or Juniper come out and embrace Xorp like IBM did Linux, then Xorp will not find any Enterprise customers for their router software.
Of those 80,000 Americans I'd bet a good number of them cared less where they'd work after endless months of unemployment and cared more about having a job in the field, period. As for Cisco certs.. which makes more sense: bringing an Engineer in from overseas or training one that's already living here?
I think both of you raise some valid points but I think the truth of the matter is somewhere in the middle.
XORP has a great idea, but they are several years late to the party. Apparently, NSF, Intel and its other backers have failed to learn from the dot-bomb era: you can't build a successful business on the backs of a product you're giving away at no charge. Do they plan to make it up on volume? :-)
Linux enthusiasts ought to look toward more commercial companies, such as ImageStream (http://www.imagestream.com/) who has been in business 10 years, and building Linux routers for 7. Their corporate profile says they have 30K units in the field.
MontaVista (http://www.montavista.com/) has an embedded OS for PPC and ARM that would provide something more extensible and functional than XORP.
Heck, even Technologic Systems (http://www.embeddedarm.com/) has more mature, embedded products than XORP.
XORP is a great idea--but you're better off going with companies that have already proven themselves in the market and have mature products.
So which "PC components" do I use to implement a modular all hot-swappable (including the supervisory modules) device that would provide me with 16 GE interface per blade, a crypto accelerator, an optional firewall module and whatever else cisco has up their sleeve for the 6500 series? IOS isn't what you pay for when you buy a router, Cisco is a hardware company.
There is NO way software routing can compare to processing packets in hardware. The Linux kernel wasn't designed for this and has problems when faced with a large number of packets. I'll reference the work done by Luca Deri at NTOP.org and his pfring mod. Unless we start seeing specialized open source hardware I don't think Cisco will feel threatened in the least.
Never ascribe to malice what can be adequately attributed to ignorance. -Napoleon
That a bunch of general purpose commodity hardware is going to replace their highly engineered, specialized hardware.
Yes, and SGI probably never thought that PC hardware would drive them out of business either.
Also, only a small core needs to be high performance; hardware vendors can take this kind of open platform, add a small piece of specialized hardware and custom software, and save themselves a boatload of development effort, and their customers a lot of training costs.
- hardware
- that is reliable
- hot-pluggable
- redundant (spare powersupplies, etc)
- and routing software (that's where XORP fits), and
- warranty
- support
- documentation and support materials
- training
- certification / qualifications
- network design / professional services consultancy
- brand recognition
- big reference sites, and a proven track record
- marketing assistance (powered by... kind of stuff)
- accountability
Some of these areas are a real opportunity for third parties, once XORP gets to be a solid product, but the image, brand, reputation, etc will be hard to overcome in the short to medium term. In the longer term, the Linux model shows it is possible (though it's hardly inevitable - it's not the only open router free cisco type project, after all).Still, the marketing side matters less in a tech-savvy small/medium enterprise, or in a consultancy operation. It might get a start there, or in a more cost-sensitive environment.
And open source can even be argued to confer security advantages. It could get interesting...
Paul "Say no to feeping creaturism"
Now admittedly, if they didn't get -any- competent applicants, it might be acceptable to hire an H1B here or there, but those are, by far, the exception rather than the rule, and should be limited to senior engineering positions and only in very small companies. Larger companies, upon failing to find someone qualified for a senior position, should be able to promote someone from within to a senior position and hire someone into a junior position---someone who doesn't require an H1B. There are plenty of new college graduates in the valley looking for work.
Sorry, but there are far too many tech employees unemployed in the valley for your argument to hold weight. Companies in the valley should be utterly fined into oblivion if they are hiring H1B engineers right now in any significant quantity. As to whether Cisco is or not, I have no idea.
Check out my sci-fi/humor trilogy at PatriotsBooks.
If you think that every division fires the bottom 10% every quarter you are insane. Yes divisions that are losing money generally fire slacker employees, and they justify it with the "it's company policy" line, but that doesn't mean that Cisco has a 40% annual turnover rate! Hell when the big round of layoffs happened they gave everyone 6 months severance and paid medical for 6 months! Cisco hires the best and the brightest from around the world, as well the should since they are a global company. I worked with people in Taiwan, Australia, Germany, etc while there, if they can't bring those workers here they'll just move the work to somewhere where they CAN get the talent to. Cisco pays better than competitive wages so it's not like they are bringing in sweatshop labor like some H-1B employers, they are using the program for exactly what it was designed for, to bring in talented people from around the world to work on specialized projects for a limited amount of time.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
H1B is close to servant status, IMO.
If cisco needs them so bad, they need to go open a branch in India.
-- dieman - Scott Dier
They support their stuff. On more than on occasion, I've seen them come out with a fix a real problem, after you tell them about it. They actually provide a service of substance to their customers. Try calling Msoft and complaining about explorer bugs.
The problem with the H-1B folks is that their visas are at the mercy of their employer. A resident alien is free to change employers, while the H-1B has 60 days to leave the country once he becauses unemployed.
Companies like Intel & Cisco love H-1B's, because they be completely and utterly exploited, and nobody gives a shit. They don't vote, can't quit and don't make alot of money.
Personally, I have no problem with Indian guest workers or Mexican illegals. My family came here from Ireland only two generations ago.
The problem that I have is that food & technology companies have prevent meaningful reform or enforcement of immigration laws to allow themselves to import a cheap & exploitable workforce.
Conformity is the jailer of freedom and enemy of growth. -JFK
I would like to point out that most Cisco Kit is actually running IOS off an embedded PPC CPU.
There was even a project to run Linux on most Cisco routers and switches at one time.
Currently you will see a large majority of Cisco's high end equipment moving to commodity hardware running linux.
Examples of this are the Cisco Content Engine line are embeded linux machines. They are effectively a linux box running a proxy server (isn't squid, but has much of the same functionality).
http://www.mcvax.org/~koen/uClinux-cisco2500/
Only company that I know of right now to actually impliment routing and switching in an ASIC is Nortel. Cisco is all general CPU running IOS which is how you get new features in same old hardware with IOS upgrades.
The program isn't debugged until the last user is dead.
We could go back and forth all day without convincing eachother but personally I think we shouldn't limit the number of foreign workers and immigrants and we should make naturalization much much easier. (I was born in America by the way before I get accused of anything) Getting Americans hired over foreigners starts in schools, if we want Americans to be hired lets at least make there education and oppurtunities better to give them an advantage instead of this artificial advantage of limiting immigrants which does nothing but make it harder for companies to find acceptable candidates.
Lets face it, the reason why Americans are unemployed isnt because companies are hiring more foreigners. Its because Americans are becoming less marketable to said companies. Why is that, a number of reasons but mainly the piss poor quality of our education system.
Um...MikroTik also violates the GPL.
:(
I repeatedly requested the kernel sources so I could rebuild for an old cobalt box I had laying around, and they repeatedly refused, saying that they wouldn't support running microtik on anything but their hardware, despite the fact that the kernel sources are protected under GPL.
I reported them, but apparently the only one who can enforce the GPL on the linux kernel is Linus himself, and he isn't interested in enforcing it.
Karma: Chameleon (mostly due to the fact that you come and go).
Today, however, the story is different. In particular, using an inexpensive small form-factory PC (especially one with no moving parts, even a fan), you can have a router for $500 that outperforms a Cisco router costing ten times as much -- and has more features!
MikroTik RouterOS has replaced Cisco as the routing core for my network here in Honduras, where price is much more important than it was back in the States. It handles peer-to-peer throttling, per-IP bandwidth management, MRTG support, nice GUI and command-line interfaces, cool scripting language, and includes all the cool stuff that Cisco does -- policy-based routing, OSPF, various queueing strategies, etc.
The point being we really don't use routers anymore. We use switches because they can keep pace with the price performance we need to maintain. Routers work ok but up to a point, then the economics and complexity of managing ever increasing bandwidth, endpoints and whatnot makes routers, even free routers not cost effective.
Remember people YOU are the most expensive element, not the machine. YOU are.
I worked at Cisco too. I was a contractor, I was paid and treated VERY well. Cisco DOES cut the bottom 10% (saw it happen) but not in every group, and the DO bring H1B's over in droves. They pay the H1Bs well (better than most) and most of them are talented, but the still are paying below standard wages. Cisco will make a penny scream for mercy if it affects production costs. They got guys/gals working there that put in 90 hour weeks in the hopes their stock options will ever get above water. I don't know how many times I heard if the stock hits $XX I'm cashing in and leaving. So, in many cases the rank and file employees are OK with the H1Bs if it saves money, as long as they are not replaced by them!
The above is also absolutely true for Juniper, Foundy, Extreme and Force10 - and, as you point out, Nortel. Switching packets in software hasn't been a standard practice (outside of bugs) in most modern platforms for many years.
CPU's are fast now. Heck, memory speeds are getting very fast. An Opteron might even be able to switch packets between a couple of 10G interfaces at- or near- line rate. Now extend that to a box with 32 10G interfaces in it. You now not only need 320G to the physical interfaces via some number of bus connections, you've also got to be able to move packets in- and out- of memory, maintain routing adjacencies and any other miscellaneous network management tasks ... all in real time. PC's are not built to do this. Outside of real-time extensions Linux/BSD/et al are not built to do this.
Think of it this way - assume an average packet size of 300 bytes. On a one gigabit ethernet interface this represents something on the order of 40,000 packets per second ... in one direction. Multiply this by 10. Now by 32 interfaces. What does an OS and PC platform look like that can malloc() 25.6 million times per *second* above and beyond any other OS processes? Oh - and don't forget the fancy queues, packet re-writing, CRC calculation and such that would necessarily follow each one of these memory operations.
This is obviously an extreme example, but it illustrates the point that everyone in the industry pretty much figured out a bunch of years ago that distributed forwarding via dedicated hardware was the only realistic answer to this problem. This is why the CPU in just about any Cisco platform you'll see in common is less capable than a lot of PDA's out there and also why the architecture of basically all of the major players is moving toward a condition where forwarding and network control are handled by roughly autonomous units.
ASIC= Application Specific Integrated Circuit, and yea, Cisco's stuff is chock full of em.
Router# show mls asic
Cafe version: 2
Centauri version: 1
Perseus version: 0/0
Titan version: 1
Clip from Cisco.com
As technology and features mature, they often move from a software-based implementation to inclusion in hardware. At the core of Cisco's hardware integration is application-specific integrated circuit (ASIC) innovation. Cisco has developed more than one hundred ASICs for the Cisco Catalyst switching family over the past nine years, with each generation including more capabilities. For example, Cisco was the first vendor to integrate Layer 3 switching into hardware with the Cisco Catalyst 5500 NetFlow Feature Card. With the introduction of the Cisco Catalyst 6500 Series in 1999, Cisco included features such as quality of service (QoS) classification and queuing and security access control lists (ACLs), and provided them at data rates of millions of packets per second. These features are available, in hardware, across the Cisco Catalyst switching product line, including the Cisco Catalyst 4500, 3750, and 3560. Advanced hardware integration continues with the Cisco Catalyst 6500 Series Supervisor Engine 720, which integrates MPLS, IPv6, and generic routing encapsulation (GRE). This is the first time a LAN switch has offered this capability at data rates in the hundreds of millions of packets per second.
Never ascribe to malice what can be adequately attributed to ignorance. -Napoleon
Now, assuming that they are in fact violating the GPL, anyone who has copyrighted material in the work can in fact force their hand. So any kernel developer can deal with this.
Looking on their site, they have in fact given lipservice to sending you a CD (they claim it won't contain their propriatary software, but if they are following the letter of the law, they should have to give you the kernel source w/ any modifications they made). The offer is down near the bottom of this page:
http://demo.mt.lv/help/license.html
This appears to be in compliance with 3b of the GPL.
If you report this on the LKML list I'm fairly sure several people would help you pursue it if you can show they are in fact violating the GPL (if they didn't modify the kernel, they aren't). If they are violating the GPL, they sure are being quiet about it. Google turns up very little about it. I've seen several threads on the LKML where people outside of Linus Torvalds pursue GPL violations. Alan Cox being on of them. Any number of people pursued Linksys.
http://lkml.org/lkml/2003/6/7/164
and
http://linux.derkeiler.com/Mailing-Lists/Kernel/20 03-09/7435.html
are examples
Kirby
The original aim of the Liberouter project was the development of a multigigabit IPv6 and IPv4 PC-based router with an open design and software and firmware being completely open-source. In order to speed-up the forwarding and filtering functions, we developed a hardware accelerator card, COMBO6, which utilises the flexible technology of Field-Programmable Gate Arrays (FPGA). Thanks to its open-ended design, COMBO6 soon found other interesting applications, so far mainly in the networking area. :)