Slashdot Mirror
Your Next Network Operating System Is Linux
jrepin writes "Everywhere you look, change is afoot in computer networking. As data centers grow in size and complexity, traditional tools are proving too slow or too cumbersome to handle that expansion. Dinesh Dutt is Chief Scientist at Cumulus Networks. Cumulus has been working to change the way we think about networks altogether by dispensing with the usual software/hardware lockstep, and instead using Linux as the operating system on network hardware. In this week's New Tech Forum, Dinesh details the reasons and the means by which we may see Linux take over yet another aspect of computing: the network itself."
The Chinese have been using Busybox for years. I still have two routers that use Busybox - the Swiss Army Knife of embedded Linux.
linky.
Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
As much as I would like to see Linux / BSD being used to power network devices (and I admit that it's already happening), it's going to be a long time before most enterprises ditch their Cisco gear for equipment that runs an open source OS. Many large enterprises have already made significant investments in hardware and personnel. Even if a vendor were to come along with an excellent product at a great price point it would probably be at least 5-10 years before most enterprises move away from their Cisco switches, routers and other appliances. Don't get me wrong -- I'd like to see Cisco's dominance challenged, and to see a Linux / BSD based CLI used to configure network equipment instead of IOS -- but it seems unlikely in the near future.
Facts have a liberal bias.
But all I want to know is, will sudo rm -rf / delete the internet?
No but sudo rm -rf \ will!
\ is the escape sequence. / is the root directory. The GP had it right. rm -rf / will delete the internet.
When our name is on the back of your car, we're behind you all the way!
each adapter gets a configuration attached for starters, then things go from there (VLANs, ACLs, etc.)
iptables -N eth0-in
iptables -N eth0-out
iptables -A FORWARD -i eth0 -j eth0-in
iptables -A FORWARD -o eth0 -j eth0-out
Then create all the rules you need in the specified chain.
The way to get the most performance out of iptables is to make each chain as small as possible. This can quite easily be split up into logical lists for what you actually do - ie:
iptables -N 10.1.1.1
iptables -N 10.1.1.2
iptables -N 10.1.1.3
iptables -A FORWARD -i eth0 -d 10.1.1.1 -j 10.1.1.1
iptables -A FORWARD -i eth0 -d 10.1.1.2 -j 10.1.1.2
iptables -A FORWARD -i eth0 -d 10.1.1.3 -j 10.1.1.3
This way, you can easily branch out and skip a fuckton of rules that will never apply to the packet that is being processed. Usually, you can bring each chain to less than 6 rules. Less rules == less overhead == more performance.
Sendmail is like emacs: A nice operating system, but missing an editor and a MTA.
sudo rm -rf / won't delete anything.
POSIX rules state that you cannot remove any parent of the current directory. The GNU rm command doesn't fully check this, but it does make sure that you don't remove / or .. (but if you give the path to any other parent directory, it will let you remove that). Try it for yourself and see (in a VM of course).
The big difference is that there is a hardware forwarding chip involved. A PC with 10G NICs is hard pressed to forward at 80 Gbit/sec, and draws a couple hundred watts. The 1U switches Dinesh is talking about can do 1.28 Tbit/sec with all features enabled, and draw around 100 watts.
- nolan
CTO/Cofounder, Cumulus Networks