Slashdot Mirror
Open-Source Router to Take on Cisco?
ickypick writes to tell us that CNN is running an article about the emergence of an OpenSource Router product, currently in Beta, that targets mid-size enterprise customers for about one-fifth the cost of current enterprise networking giants' hardware. From the article: "The machine runs on two Intel chips, but far more noteworthy is its software, known as XORP, or extensible open router platform. The versatile open-source application can direct data traffic for a giant corporation as easily as it can manage a home Wi-Fi network." The current release is available for download from Vyatta's web site."
Seems like everything is Open Source now. (No, I am not complaining, i am backing it)
.... You name it.
We have Routers, Firewalls, IDS/IPS's, OS's, Word Processors, Spreadsheets, Presenting software. Hell. I would love to see an experiment where an entire corporate network was made, entirely of Open Source products (except for the hardware of course). From Routers to firewalls to
That would be an interesting, and totally free network.
Also very complicated
For a router, its mostly in the hardware, if it can keep up with real-life data rates.
Software is secondary..
---- Booth was a patriot ----
This is good since I always wonder how many back doors are in Cisco routers for Law Inforcement purposes.
Make money? This better be good hardware running good software, because otherwise people are just going to say "fsck it, nobody was ever fired for buying Cisco". Why? Because Cisco actually works.
Yes, OSS community, your adversary actually works this time. Beware.
Dont you mean FreeSCO?
and that runs on pc hardware, this appears to be on custom hardware that can actually do the job. Using pc hardware only works for a small business.. the bandwidth isnt there.
---- Booth was a patriot ----
It can turn my old AMD K5 machine into a top-end Cisco machine. Does anyone have a spare ISA network card?
If you can't fix it yourself, you call someone who will charge you to fix it for you. Such support is available for nearly all medium-scale open-source projects. Asterisk is a perfect example, Digium saw the opportunity to not only sell the hardware to make it work, but to make money off of software support as well.
Oh, you're not stuck, you're just unable to let go of the onion rings.
So who do you call when the thing breaks?
The A-Team.
Grep. Gimp. Kugar. Krita. Kexi. LaTex. Tcl. And now, the piece de resistance - xorp.
Why route when you can XORP!
This could be a hit, if the costs keep down, for the small-medium business and home broadband markets. But I have trouble seeing how this will take significant market share in the Enterprise except for perhaps edge or LAN devices. For one thing, you pay Cisco, Juniper, Foundry, whomever for wire-speed implementations (among other issues) that rely largely on the ASICs and the overarching hardware architecture, beyond just the OS.
6 2391 for more info.
For the home market, there are already open-source software solutions such as for the Linksys WRT54-series wireless router, which is itself based on the GPL. See http://www.wi-fiplanet.com/tutorials/print.php/35
Until someone funds an open-source chip foundry, these won't replace the core.
This is all assuming I'm willing to go unsupported, of course.
1) By far the most important is what kind of interfaces can I get for it. Of course I can get ethernet but what about T1, DSL, SONET, etc. If all this does is route packets over ethernet, which I then need to plug in to another router to get to my WAN, that's not so useful. I'd say over 90% of the Cisco routers I see in business are for WAN connections. If you are going to have to buy those anyhow, then what's the point?
2) What kind of load can it handle? Having something that can do a gig is all well and good, but can it still do a gig with 20,000 clients generating 50,000+ connections? That's where many budget routers and firewalls fall flat. They do everything in software so they can do the traffic no problem, but it's the concurrency that kills them.
3) Does it support layer-3 switching? That's where you in effect route the first packet of a flow and switch the rest. Leads to much lower impact on the router, and lower pings. Can't do it going from one media to another, but for internal routing it's the way to go.
This is, as mentioned, not considering support. I mean it's all well and good to slap some NICs in a system, load an OS that can route traffic, and call it a router/firewall/whatever, but it's something else entirely to see that survive under a real load. We see that all the time on campus when we test new potential devices. They promise gig throughput, something I have no doubt they deliver, and less than we use, but they instantly crash when exposed to our network. Why? Well we have like 30,000-40,000 comptuers or so that generate hundreds of thousands of concurrent connections. They just aren't equipped to process that kind of load and they stop passing traffic. The Ciscos, however, that compose the entire core, edge, and distribution parts of the network, operate without problems.
I remember a time when one bunch of people would sell products and another bunch of people would repair them when they break. Now when I buy a washing machine, no-one can fix it except the manufacturer. If I had the choice, I'd buy a washing machine that anyone can fix, but these days I don't have that choice. It's the same with my car. Same with my DVD player. Same with my television.
Thankfully if my computer screws up I can take it to any one of many repair shops. If it's a hardware issue I'll probably call the manufacturer and see what my warrentee covers me for, but if it's a software issue, blah, as if I'd call Microsoft. Of course, if it's a laptop and I don't have a warrentee, who can I call? The manufacturer, that's it.
So who do I call if my Linux box is on the fritz? Believe it or not, there's lots of people you can call. Because the software is open there's a whole lot of people who understand it and can fix it. Just like when the hardware is open.
How we know is more important than what we know.
Eddie Kohler, whose PhD thesis at MIT was the Click modular router (which from what I understand turned into the "engine" behind XORP), is one of the principal designers and developers of XORP. They published a paper at NSDI last year, which you can read here (Warning: PDF). It states very clearly what the goal of XORP is, and how well it performs. Quite interesting.
OpenBSD ships with its own RIP, BGP and OSPF daemons. Its BGP daemon is BY FAR better than xorp and quagga, and its BSD licensed of course. OpenBSD is already a fantastic software router, maybe you should try using it instead of ignorantly telling us what it "could be"?
To a point, I agree with you. I like hardware; it just works. Flash back to several years ago when WinModems were first introduced... Remember what a disaster they were, especially for anyone who didn't fit the anticipated M$-using profile? They were cheaper yes, but also lower quality, more proprietary, and OS-dependent when compared to hardware modems. It was not very long until anyone buying a modem had to shop around very carefully to avoid being stuck with this type of shit. Because I do not use any Microsoft software (but they make decent mice), this was my experience before broadband became available in my area.
I don't want to see this happen to routers. With the reliability/availability that is usually demanded of a router, and the fact that routers are typically only implemented by either a knowledgable user or a hired technician, I do not anticipate this will actually be a problem.
However, I have encountered your "oh well they usually learn" arrogance before. Hell, from time to time I might display this myself. You know, the idea that anyone who disagrees with you or who wants to use a different solution for their needs than what you would use could only be suffering from a lack of education and must not have any valid point. It's just a dismissal. Dismissal is a favorite tactic of otherwise logical, composed people who do not care to truly examine a particular issue and are not honest about this unwillingness upfront.
The main question your post raises for me is that there is an unstated assumption there that Cisco is absolutely dominating this market (which I do not dispute) and is therefore THE sensible choice (this is the part I find questionable). Support contracts, features, performance, blah blah blah... To me these are not the central issue because you can get your desired balance of these by shopping around. So, just explain this one thing to me - how is a majority Cisco marketshare good for anyone other than Cisco?
FYI, I agree that software routers cannot match the raw performance of dedicated specialty hardware, but I also agree that fire is hot and liquid water is wet. I get the impression that neither Xorp nor any other software router is going to be marketed to Fortune 100 companies in an attempt to directly compete with Cisco, but rather is intended for small to medium sized networks. How many mom-n-pop setups and local businesses ever turn into multimillion dollar enterprises? For this reason I do not consider the "they all migrate one day" statement to be the showstopper that you seem to believe it is.
It is a miracle that curiosity survives formal education. - Einstein
Switches and routing are different things, you can't really compare the two. And again, in their router module, if you implement any sort of ACL, are you still avoiding process-switching?
This used to be the case waaaayyyy long time ago (ok we're talking years not decades) but starting in Cisco's Cat5500 series they've started pushing the FIB (Forwarding Information Base) into hardware as much as possible... Update an ACL and the assocated FIB gets updated. It started off with the first packet of a flow gets processed switch (i.e. routed) and then the rest of the flow after that gets switched after that, now with Cat6500s with a current supervisor card and fabric enabled host cards it's not even that. ACLs (now VACLs) modify the FIBs directly and everything is directly switched, TTLs decremented as they pass through, counters incremented etc (aren't ASICs nice)... allowing the processor lazely handle the hum-drum work of responding to SNMP requests that dump information tables that would chock a small horse.
-- Ed Bugg --You have freedom of choice, but not of consequences.--