Slashdot Mirror

← Back to Stories (view on slashdot.org)

OS Router Challenges Proprietary Networking

Posted by ryuzaki0 on from the years-of-habit-to-overcome dept.

Jane Walker writes "Dave Roberts talks about Vyatta's open source router and how open source technology may soon alter the landscape of enterprise networking." From the article: "Initially, we believe that the x86 PC running Vyatta -- given the range of hardware that's available in the PC world -- can basically replace the midrange of the router market; to use Cisco terminology and model numbers, simply because it's convenient shorthand, basically from the 2800 series to the 7200 series. There's a whole host of equivalent products from Nortel and Alcatel -- but essentially in that range. I wouldn't describe it as Cisco model numbers so much as T1 branch office to gigabit LAN product categories."

18 of 238 comments (clear)

  1. No. You're not making a 1U into a $40K router by postbigbang · · Score: 4, Interesting

    Here's why:

    1) it takes an RTOS to make things work well. You can grind all the driver code you want, but an RTOS foundation is required with lots of cache
    2) only PCI-X bus gets close, and most 1Us don't have it. That gives you a real ceiling in terms of port-port throughput; don't kid yourself
    3) the algorithms needed to maintain cross-bar speed are gruesome. You don't find this kind of code in anything but sledge-hammered C and assembler, and code that only a mother (and an embedded systems engineer) could love. There is very little forgiveness here.

    Yes, a 1U can make a decent router. But don't kid yourself into believing that you can beat F5, Cisco, Alcatel, etc.

    You can certainly embarrass them, but on the high end, it doesn't work.

    --
    ---- Teach Peace. It's Cheaper Than War.
    1. Re:No. You're not making a 1U into a $40K router by twiddlingbits · · Score: 4, Interesting

      The RTOS doesn't use a lot of cache, It needs a fast CPU and tight code to handle the massive numbers of context switches. The code you mentioned isn't all running on a CPU either. A lot of it is on custom hardware to keep up those data rates. The PCI-X bus would work except very high end, and it IS available in current 1U servers from people like Sun and HP, but certainly not in that old 286 in the closet. You could turn an Opteron with the HyperChannel architecture into a pretty darn good router. But the Opterons cost quite a bit more than a 286 would (does any foundry still MAKE 286 chips?). It's a good project but I agree it's not ready for prime time in the corporate data center.

    2. Re:No. You're not making a 1U into a $40K router by Anonymous Coward · · Score: 1, Interesting

      context switches

      You're doing it wrong. Let's take linux: once the userspace applications configure netfilter (iptables/snort) or the routing table (quagga/zebra) or the rest of the protocol stack (iproute2), everything else is done in kernel. As for speeds, there are linux kernel patches (ok, for one driver so far) that allow the kernel to shovel data to userspace at gigabit speeds already, moving the data from one card to another should be no problem for a limited number of ports.

      Now thats where the system breaks down. Or one could say it breaks down, but has anyone looked at the specs for these routers? Take a look at Cisco's 7200 series page: this model has a throughput on the backplane of 1.8Gbps, for a rating of 2 megapackets per second. If it was connected to four GigE networks, and two of them tried to transmit to the other two networks, you'd hit its maximum. And this thing has up to 4 or 6 bays for network connections.

  2. The Dawn of Open Source Networking? wtf? by Anonymous Coward · · Score: 2, Interesting

    If you go to Vyatta's website they claim that they are bringing in the "Dawn" of Open Source Networking.
    Unfortunately these folks obviously were living under a ROCK for the past 8-10 years and never noticed
    things like oh.. IPTABLES, and there has been WAN support in Linux for a long time. Great companies like
    Sangoma offer T1 cards etc etc. This is just a bunch of folks trying to cash in on support contracts on
    the backs of great open source projects and developers. We shouldn't even be giving them the press! They
    are a bunch of HACKS!

  3. Re:Sigh.... by Svartalf · · Score: 5, Interesting

    All depends on what they provide in the way of PCI/PCI-X cards- or whatever the future buses might be...

    I'd say that odds are good you'd get about the same number of media interfaces and what you didn't
    have would very probably have a media adapter or bridge that's standalone to take care of the gaps.

    --
    I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
  4. True... by jd · · Score: 4, Interesting

    ...they buy "world-class support", but having tried to use said support on occasion, I can say that I feel sorry for the world. Sure, it's better than a kick in the head, but not so much that it's worth the cost. I believe the record for longest repair ever was at the University of Manchester, in England, where a Cisco router corrupted the 1518th byte in every packet (thus only corrupting packets with a 1500 byte payload or 1496 bytes over 802.1q). Took them NINE MONTHS to fix. The first three of those, they denied there was even a problem.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    1. Re:True... by l0ki · · Score: 2, Interesting

      system mtu 1504

      THEY didn't currupt your data- .1q adds extra bits onto a packet so that it can "tunnel" data from source to destination- with- you VLAN info etc intact... thus it has to add data to the packet- which can make it bigger (jumbo) than intermediate devices expect/allow... it's normal bevahior and you just need to tell those intermediate devices to allow bigger MTU size without dropping the frame as being too big... Maybe this was a while back or something.

      You can't blame Cisco for a missing config line...

      --
      "You never truly understand a thing until you can explain it to your grandmother" -Albert Einstein
  5. Re:Sigh.... by ChaoticChowder · · Score: 4, Interesting

    This software would have to offer much more that just WIC modules to even have me consider using it. Cisco routers may have low clockspeeds on the core chip, but its the ASICs that give them value. Also, take the 6509 for instance, slap in a SUP720B and you now have a 720 GBps back plane. No PC could ever hope to do that. Also, configuring a Cisco router is pretty much the easiest thing ever. I haven't checked out the software yet, but it better be much easier. Maybe they should network with the Open Source chipset guys and design some ASICs and all the other niceties.

  6. This reminds me this... by dark-br · · Score: 2, Interesting

    ... interesting article on TechWorld: A reality check for open source routing.

  7. Re:Sigh.... by Thundersnatch · · Score: 5, Interesting
    Also, configuring a Cisco router is pretty much the easiest thing ever.

    Trolling for a +1 funny mod, are we?

    I don't remember who said it, but this is my favorite quote about Cisco software: "Cisco makes easy things difficult, but difficult things possible."

  8. Re:Hardware Components by burne · · Score: 4, Interesting
    There aren't many PCI (full or half height) cards that can do ATM with OC3, etc....
    I've been able to live in ISP-land for over ten years without ever coming close to ATM. Big exchanges like the AMS-IX (biggest public IX worldwide) have been pure ethernet since their inception. Getting ethernet in some form from a transit-provider is just a checkbox in the right place. Current commodity hardware will do linespeed GigE over PCI-X. Current high-end PC's have sufficient bandwidth available. 66MHz 64bits PCI-X might sound like 266MB/s, but keep in mind that equates to well over 2.5Gbit/s. The right hardware has 3 independant PCI busses and busmasters, so should be able to move 7.5Gbit/s of data via busmastering DMA, and thus with low CPU load. Keeping a full routing table and a bgp-daemon running doesn't require odd hardware. Juniper has been doing that on a Pentium MMX 333 with 768Mbyte since 2001, and a dual Xeon 2.4 will giggle at that 'workload'.

    Combining the above will give you a 3U box (smaller than a 7200) which will route (not switch) 4-5Gbit/s reliable. A 7600 is a lot bigger and a serious sh*tload more expensive. You could buy several identical boxes for redundancy and still keep some change left.

    Support is the only serious objection one could have in a FastEthernet-, GigE- or 10GE-world. Luckily I don't need support. I have been supporting stuff like above for ten years so I can manage. I can even support your Cisco and Juniper-platforms as well. I can handle my monthly exabyte by myself, thank you very much.
  9. Re:Good luck with that! by winkydink · · Score: 2, Interesting

    Look at Red Hat. Why do you think Oracle is considering doing their own distro? Not because there's gobs of money in the distro space, but because RH can't support them well enough now and they have a significant RH installed base. One large enterprise customer would kill a startup with pre & post sales support requirements alone. This is one of the many reasons that startups have problems cracking the enterprise space.

    --

    "I'd rather be a lightning rod than a seismometer." -Ken Kesey

  10. niche by Neuropol · · Score: 2, Interesting

    It's very parallel in it's nature in that a small networking company could present this as a cost effective option. I see how a small networking consultant company could actually push this towards the small business level. But I'm doubtful it could ever be presented at the public/community level for use in schools or public wi-fi rest areas when the state lays out stipulations regarding only accepting bids from Cisco based numbers and Cisco certified installers? More or less, mandating that tax payer investment for this massive scalability be present. Often times, in these areas, that is ten-fold overkill. So there is the need, but I'm afraid that Cisco's name is so far embedded in corporate and state america, it's going to be a tall order to ever penetrate that market. Bringing this comment back to the small business. If a consultant can convince the client that this is a viable router to placing thier 20-something client station network on, then, yes, it has a niche.

  11. WideBand beats the crap out of Cisco by Rabid+Cougar · · Score: 5, Interesting

    Wideband makes Layer-3 switches that beat comparable Cisco routers hands down. With their nMU (pronounced "NetMU") it makes easy things easy and difficult things easy too. With their 28-port switches, you can get full-duplex, non-blocking Gigabit transfers on all ports simultaneously. And did I mention that they can even do Gigabit over CAT-3 and barbed wire? Also, if you use the nMU control your switches, none of them even need IP addresses. Good luck trying to hax0r a switch with no IP address. Throw in the fact that all their stuff is made in the USA (no off-shore customer support) and costs much less than comparable Cisco gear that doesn't perform nearly as well, and you have yourself a superior product. If you are expanding or replacing your network infrastructure, consider WideBand over Cisco. You'll be glad you did.

    ***Disclaimer***

    I do not now, nor have I ever worked for WideBand, but we use their gear where I work. BTW, there were some guys who ran a Cisco shop in the training class I was in that WideBand offered. Last I heard, they were replacing all their switches with WideBand gear. IMNSHO, WideBand is the best kept secret in networking

    --
    This isn't the sig you're looking for...
  12. Re:Good luck with that! by Jason+Earl · · Score: 2, Interesting

    Yes, but there is a large market of folks that either A) have dealt with Cisco's so-called support and aren't impressed or B) would rather simply have a preconfigured spare box for less price than a single Cisco.

    If there is one thing that Linux has proved it is that you can't underestimate inexpensive and "good enough." You may not be interested in what Vyatta is selling right now, but I would bet that enough people are interested that the next gen Vyatta is even more competitive. In the long run, the low end of the technology spectrum tends to improve and gobble up marketshare from the guys asking for big margins.

  13. Re:Good luck with that! by vsavkin · · Score: 2, Interesting
    Whether or not it sucks, this is the thing that keeps people cozily asleep at night, knowing that if they have a problem, they have an unchallengeable defense of having bought the best in class support solution


    Here in Moscow, Russia most ISPs buy Cisco gear w/o any kind of support. Not even usual warranty period on hardware is there (Cisco gives 2 or 3 months only). Not having their asses covered by that kind of paper works fine for them.

    Also, when talking about hardware, off-the-shelf PC router can do 100..400 kpps, it is more than enough for small provider's core router, not even considering branches.
  14. Re:Sigh.... by hal9000(jr) · · Score: 2, Interesting

    That's interesting. I know alot of people, myself included, that like the IOS command line not becuase it is intuitive (I haven't met a CLI that is "intuitive"), but because it is pretty easy to navigate once you learn a few tricks. Alot of other networking gear have IOS-like interfaces in some cases replicating the IOS structure, but none are exact.

    Maybe the only other CLI that is easier to use is Junipers JunOS, but I haven't spent alot of time with it.

    Oh, and the docs have gotten much, much better from say 6 years ago.

  15. Re:Sigh.... by Cramer · · Score: 2, Interesting

    It would've taken 3 minutes on the Cisco too if Cisco hadn't dropped QDM (QoS Device Manager) several years ago. QoS is never simple. On anything.

    (Obviously, there are alot of people doing that on a SonicWall or there wouldn't be simple "click here" interfaces to set it up.)

    BTW: you're issues with the 2800 could also simply be BUGS in IOS.