Slashdot Mirror
Cisco To Develop Third-Party APIs For IOS
MT628496 tips a Computerworld article on Cisco's announcement that it plans to build IOS on a UNIX kernel, in modules, and allow third-party developers to access certain parts of it. IOS has traditionally been a closely guarded piece of software without any way for anyone to add functionality. No timetable was given for when APIs will be available. A Forrester analyst said, "...the network is one of the least programmable pieces of the infrastructure. The automation and orchestration market is far more oriented towards servers, storage and desktop environments. The ability to dynamically change the network is a missing component." The article mentions that Juniper Networks had announced on Monday its own developer platform for Juniper routers, and it's available now.
IOS is universally accepted. The model of its tiered, context-determined command structure has been emulated by many. This is including Microsoft, with it's cascaded netsh and other command utilities.
That said, this kind of command navigation sucks. You are trapped in a maze of twisty, little prompts, all alike.
The structure of these commands were determined in antiquity, when embedded networking devices were resource starved for storage and memory. That's pretty clearly not the case today.
Screw IOS, its resistance to simple scripting, and its defiance to be committed easily to memory.
"Flyin' in just a sweet place,
Never been known to fail..."
Wouldn't this make the networking equipment more prone to attacks?
I wonder if they'll license something like QNX, or port one of the BSD kernels over. I can't imagine they'd use anything with the GPL, this being proprietary-out-the-ass Cisco after all.
Here's to the crazy ones
Ever seen a commodity router under a FULL 100Mbit/s load, let alone gigabit? They drop packets, mangle packets, route wrong packets... That is, until they hit a buffer overrun, overheat or just reboot repeatedly for no clear reason. They're not meant for serious use. They're designed to be actually capable of handling whatever Joe Average can do with his home network and nothing more. Because they're commodity hardware. Cheap crap, that is. Period.
People buy those expensive, rackable switches and routers because they want something *reliable* for *serious* use that absolutely requires reliability.
This is Slashdot. Common sense is futile. You will be modded down.
Soory, but I must feed this troll.
Most people do not buy 800 series routers, but if they do, it is typically because of managability and security. When it comes to being able to manage a remote network device and use a central authentication system, Cisco beats the pants off of ANY comsumer grade device.
Once you get to 1800 devices and above (even 1600 and 1700, but they are EOL) you have features that far exceed any consumer device.
Real routing capabilities (RIP, OSPF, EIGRP, ISIS, BRP, etc).
Modular interface cards. You have Modem, ISDN, xDSL, Cable, 56k, DS1, ATM, DS3, SONET, etc.)
QoS. Should be self explanitory
Various security functionality. VPN, tunnles, RADIUS, TACACS+, etc. (I am not a security guy)
Voice Terminate voice, act as a phone system (2800 and 3800) run VXML, etc
These are just the routers. Switches are just as much above the consumer grade as the routers are. QoS, port density, VLANs, true Layer 3, etc.
Both have their place and in some cases, a consumer grade equipment has its place in the corp environment. I have used them many times. T
To say Cisco is a rip-off is pure ignorance. (Do not use the list price to justify yourself either. NO ONE pays list for Cisco gear. As a general rule 35% - 50% is the rule.) Sure Cisco is not the cheapest or the best, but they provide a complete end-to-end solution and everyone knows Cisco. Heck, even Nortel switches and Extreme (I think) made their interfaces to emulate IOS.
The three laws of network hardware:
1) Quality network hardware is expensive. Often frighteningly so.
2) If reliability is even remotely important to you, the expense is easily worth it.
3) Failure to comprehend #2 will almost inevitably cost you your job.
-- If you try to fail and succeed, which have you done? - Uli's moose
...even we're not sure. Different parts of the company have experimented with all of the above options.
Does linksys or d-link support ssh? (I'd really like to know). Does linksys support T1, frame relay, and DS3? What about E1 and E3 support?
If you reflash a Linksys with DD-WRT, it DOES support BGP and ssh. It's going to be fast ethernet only, and no support for automatic failover.
Cisco IOS has already been running in house (for development purposes) on Unix for years. They call it IOU (IOS on Unix). It is a closely guarded secret. Supposedly it is fully featured and can emulate as many routers with as many interfaces as you want, all on one Solaris system. Supposedly Cisco employees get in trouble (fired??) for even mentioning its existence and certainly if they ever gave access to somebody, and only a very small number of Cisco employees even have access to it. It wouldn't be very difficult for them to take this development version that is apparently rock solid since it's been around for a number of years and roll it into a production product. Obviously this is all hearsay since I've never even seen it, but from what I'm reading, it sounds like they've been holding this trump card for a long time just waiting to unleash it if a competitor seemed like they were gaining too much ground.
Right, but the OP sounded as if he wanted to use consumer devices for everything - which certainly isn't the brightest idea. Anyway, cheap routers and switches can as well fail under their normal working conditions, been there, seen that, always keeping a spare just in case. I'm currently in charge of an improvised dorm network (about 80 computers, 30Mbit/s connection to the outside world, almost saturated all the time), with a 30-port industrial-grade Cisco switch just by the router and dozens of crappy consumer switches acting as repeaters scattered troughout the rooms, as the building is too large to lay cables directly. Long story short, there is a failure about every two weeks somewhere. Usually a switch just dies, I throw it away and put a new one in there, but sometimes those little bastards look just fine, blink their lights happily - and wreak havoc in the network, sending half a packet here, half a packet there and even more random crap somewhere else, clogging other switches that are just too dumb to ignore a broken packet, so they reboot every couple of seconds. Not much fun, trust me.
This is Slashdot. Common sense is futile. You will be modded down.
"This is a nice sense of direction statement - it says that Cisco understands that SOA and Web 2.0 are fundamentally changing how applications are built"
"According to our router's logfile, your port on the switch has been modded down below the switch's current threshold."
router#show int eth0/0
adds by google:
Get a Juniper router today!
Best deals on Cisco routers: www.cisco4less.com
Sid : 5
Traffic Priority : 0
Maximum Sustained Rate : 64000
Maximum Burst : 0
Minimum Reserved Rate : 0
Minimum Packet Size : 0
Maximum Concatenated Burst : 1522
Scheduling Type : Best Effort
Nominal Grant Interval : 0
Tolerated Grant Jitter : 0
Nominal Polling Interval : 0
Tolerated Polling Jitter : 0
Unsolicited Grant Size : 0
Grants per Interval : 0
Request/Transmission Policy : 0x0
IP ToS Overwrite [AND-mask, OR-mask] : 0x0, 0x0
Current Throughput : 0 bits/sec, 0 packets/sec
"Well, good luck finding a judge that doesn't run a bestiality site."
That's not an OS issue. It's a command interface issue. Much of it is built into bash.
The user interface people writing IOS need to read Eric Raymond's document on user interface, at http://www.catb.org/~esr/writings/cups-horror.html. It applies to closed source interfaces as well.
At the moment, IOX only runs on CRS-1 or [propoerly upgraded] GSRs, which pretty much excludes anything in their "enterpise" product portfolio.
Fact is, Cisco has been trying to be all things to all people and dominate every sector of the market that involves gear or software beyond the PC for such a long time that they have lost focus in their core business of making routers, where they are accustomed to market domination. Competitors have caught up to the point where anything short of carrier-grade Cisco hardware is either (a) a joke (b) overpriced, or more often (c) both. The carrier stuff at least has [most of] the performance where it counts, but if you're not a first-rate negotiator with a lot of boxes to buy it still prices itsself out of competitivity.
Basically, they just don't seem to get that IOS and their processor-forwarding-based platforms need a major overhaul in order to be capable of providing scalable carrier-grade service on their entry-level platforms.
What you've actually described is security through obscurity.. Being proprietary does not keep it unpublished. The "proprietary technology" source code and utilities have been repeatedly stolen, published, and republished among the cracker crowd, and the tools they write get released and circulated among the script kiddie crowd eventually. And Cisco has repeatedly engaged in really unfortunate security standards for decades, with a lack of reporting of the incidents for both non-disclosure reeasons, and an unwillingness by corporatations to admit such cracking has occurred.
Moreover, Cisco update procedures and user interfaces and backup procedures are so painful that implementing an upgrade or patch is very risky indeed, and is often left idle long after the cracks are widely published. The result is that the firewall and routers which companies rely on to remain secure with their absolutely pitiful internal security is often easily pierced by anyone remotely competent.
The first post says no such thing. It simply says that IOS has a very antiquated command system, which it does. If IOS were to break backwards compatibility they would have the opportunity to create a much easier to use and much more flexible ways of doing things. It would be really good in the long run, but is not likely to happen because the short term consequences would probably be so painful.
...thanks to Dynamips.
I was going to say that it's only of use for training purposes, and can't be used in the real world. But then I noticed a lot of people in this thread advocating the use of consumer routers, and they probably would put emulated IOS on an old PIII and expect it to route 1Mpps. So knock yourselves out, retards.