Amazon Plans To Challenge Cisco in Networking Market With Much Cheaper Switches, Report Says

Amazon Web Services already dominates the market for cloud services. Now, reports The Information, it is eyeing a part of the cloud business it doesn't already control: the $14 billion global market for data center switches [Editor's note: the link may be paywalled; alternative source]. From the report: AWS is considering selling its own networking switches for business customers -- hardware devices that move traffic around networks, according to a person with direct knowledge of the cloud unit's plans and another person who has been briefed on the project. The plan could plunge Amazon more deeply into the lucrative enterprise computing market, posing a direct challenge to incumbents in the business like Cisco, along with Arista Networks and Juniper Networks.

As it does in many other categories, Amazon plans to use price to undercut rivals. The company could price its white-box switches between 70% and 80% less than comparable switches from Cisco, one of the people with knowledge of the program estimated.

Cisco in the death spiral

I remember when they ascended to become the hottest tech company on the planet. Never were able to successfully pivot from their core business.

Re:Cisco in the death spiral

[servo335]

Cisco is just power of a name soon a new name will step up and challenge

Re: Cisco in the death spiral

[Frosty+Piss]

True, but they have a huge competitive advantage with linking that name and their very popular cloud service. At some point, the regulators will start taking a more active interest in Amazon, but Iâ(TM)m sure Amazon already has a significant number of lawyers working on this very issue.

Re: Cisco in the death spiral

Cisco has tremendous brand recognition, like âLinux on The Desktopâ(TM).

Re:Cisco in the death spiral

[blindseer]

I heard the same thing about John Deere growing up. That John Deere was just green paint and a lot of snobbery.

Here's what I learned, farmers and ranchers are businessmen. They need to get work done like every other business. Downtime costs money. John Deere tractors still break down, get stuck in the mud, wear out, etc. It's that the competition do this more often. There's still some snobbery and such in there, John Deere tractors can have leather seats and built in refrigerator. They spend the money on the "green paint" because it gives them more return on their investment.

Is Cisco just a name? Maybe that's true now but they can only get to be "a name" by proving to be better over time. No one Is GMC just a name? Is Apple? Businessmen buy this stuff because it makes them money. If Cisco stops making people money, or rather they can make more money with someone else, then Cisco will disappear. Same goes for Apple, John Deere, and GMC.

Re:Cisco in the death spiral

Well, at least until their recent fascination with DRM in their equipment.

Re: Cisco in the death spiral

So true. If your Cisco firewall is hacked you can go to senior management and say you bought top of the line eqiptment and followed industry best practices yada yada yada.

Re: Cisco in the death spiral

Cisco is lower quality in comparison with Juniper and Nokia(Alcatel-Lucent).

Re:Cisco in the death spiral

[pnutjam]

Cisco maintained their position largely due to their upstream training and certification. They haven't been any better then the competition and they are worse in many ways.

Re:Cisco in the death spiral

JD tractors break down just as often as any other farm equipment (rarely). But when they break down you better hope your local official JD service center has time for you, because many of the major components can't be serviced by the user. If you replace the transmission, for example, you need to update the firmware to recognize it or the machine won't work. How do you do that? By having an official JD agent authorize the repair.

John Deere isn't Cisco. It's Apple, but worse.

Already have cheap competitors

They will need to compete on more than just price.

Re: Already have cheap competitors

[LostMyBeaver]

I donâ€(TM)t see this being a problem.

Ciscoâ€(TM)s data center switches (something which has fed me and my family for 6 years) are not adapting to modern networks. Cisco is so heâ€(TM)ll bent on ACI and even EVPN that they are not making their systems cloud friendly.

See, ACI is â€oeSoftware Defined†in purely the loosest sense of the word. It is very poorly suited for use with containers and FaaS as those systems leave most of the networking to systems like Kubernetes and the ACI topology isnâ€(TM)t well suited for those topologies.

EVPN is nifty if you need a lot of layer-2 broadcast domains that terminate at physical ports. But containers and FaaS terminate inside of Docker for example.

Legacy data centers thrive on high performance low latency links. This is because of two main features. The first is storage and the second is virtual machine migration (vMotion for example). Systems controlled as containers have substantially lower bandwidth requirements since storage is far smaller (30-100MB containers vs. 40GB or larger virtual disks) and because we distribute the containers predictively, we can do it far slower. We donâ€(TM)t migrate virtual machines either.

In a well designed container platform most database actions are performed with Map/Reduce technologies. This means the only traffic on the data center network is query and result. We donâ€(TM)t attempt to read terabyte or larger files from storage systems. We instead transmit a query to the nodes containing segments of the data and collect the results of the query and reduce duplicate responses. This does benefit from low latency, but high speed (10GBe, 40GBe, or greater) has no real performance benefit.

Cisco QoS is as always based on hardware, this limits the QoS mechanisms to effectively a small number of queues. Prioritization is limited as there are effectively 6 usable classes of traffic. While drop probability in DSCP can be helpful, itâ€(TM)s very difficult to implement meaningfully when the network canâ€(TM)t understand the actual type of data involved.

A proper data center switch would be fully programmable on a stream by stream basis. Like the back end of ACI or FabricPath, it would break from traditional Ethernet forwarding and instead use traffic specific tunnels with real understanding of QoS needs. This canâ€(TM)t be done with Cisco hardware.

An optimal data center switch topology would have the following :

1) High performance later-3 switches for legacy virtual machine support. Simple IPv4 routing with large buffers and marking for low-latency lossless would suffice for almost all data center needs. NSX and Hyper-V will handle the rest.

2) 1Gb or multi-gig (latency not performance) with enormous buffers for all modern container and FaaS traffic. They should be able to have extremely high performance REST APIs to insert and purge streams into/from the topology with QoS rules. They should be entirely layer-3 based and should allow Docker/Kubernetes or others to program MAC address tables and should block all layer-2 traffic which hasnâ€(TM)t been programmed into the forwarding table by a controller.

Now that being said, pure layer-3 switching with NAT support would be far better. Layer-2 is dead. All of that can be programmed from the control plane and skip learning. This isnâ€(TM)t 1990 when every machine had a random MAC address which had to be learned accidentally. Instead, data centers and clouds (container farms and FaaS) know all the MAC addresses of all the interfaces properly. In fact, the controllers already have all the IP to MAC mappings known internally. As such, a data center switch would allow these to be programmed instead of learned or snooped.

So the way I see it, Amazon is on the

Reminds me of Cisco & Linksys...

[kbonin]

This is why Cisco purchased (2003), absorbed, destroyed, and released (2013) Linksys - their higher end devices were able to replace a growing percentage of the switches and routers being marketed towards smaller businesses. M&A is a very successful way to kill a competitor in the US, GOV rarely cares and is for sale, and the investors rarely care after they cash out. But Cisco can't afford Amazon. High end switch market has been a mess, software configured networking is eating it alive, and its amazing what you can do with a simple Docker network. Be nice to see someone with a budget release some cheaper hardware where we still need actual hardware.

Re:Reminds me of Cisco & Linksys...

[Anonymous+Brave+Guy]

Cisco have always had a slightly odd business model when it comes to R&D. How often has some mysterious stealth startup been formed to investigate a new idea, with a remarkable number of ex-Cisco people as its initial staff, and subsequently bought by Cisco to bring the technology back in-house if it was promising?

I don't know what you mean by the high-end switch market being a mess. It's still dominated by a few big names, Cisco among them.

For all the promise of SDN, so far it's much more talk than action. The brave few who have tried it at large scales so far have rarely spoken positively about the results. At this level, getting your gear from one supplier who also has you on a lucrative support contract still seems to work out much better in the real world than buying white box gear from that guy, buying another type of white box gear from the other guy over there, installing some Linux-plus-drivers "network OS" from his mate on each of those boxes, and then trying to get 80% complete and 60% working SDN infrastructure running on top. SDN is eating traditional networking alive in the same way that Linux is eating Windows alive on the desktop: only in the dreams of its most loyal fans.

I'm not sure what Docker has to do with switching at any serious level. All the networking other than connectivity between containers/VMs running on the same big box is still hardware based.

And as a final comment, don't be fooled by arguments about big price savings compared to established brands like Cisco. No-one pays anything close to list price at high volume.

Re:Reminds me of Cisco & Linksys...

[Cramer]

Cisco bought Linksys to get it's name into the consumer market. It failed. All it did was tarnish the name "Cisco" in the enterprise market, and significantly confuse people who don't know the difference.

Re:Reminds me of Cisco & Linksys...

[Cramer]

SDN is still mostly just Marketing Lies(tm). The only people to really do it, have been doing it much longer than the term has existed. And they do it with in-house designed technology that Works For Them(tm) -- and they generally don't share. (facebook and rackspace claim to opensource their shit. Good luck trying to use what little they've shared.)

Re:Reminds me of Cisco & Linksys...

[antdude]

I still have my Linksys WRT54GL v1.1 router with its Cisco logo. LOL.

Re:Reminds me of Cisco & Linksys...

[sglines]

I used to replace Cisco switches with throwaway Celetron PC's and cheap ethernet cards. They worked just fine and cost almost nothing.

Let me guess

Complete with "cloud" management so that Amazon retains control, not only of all of my data, but my network configurations and routing. Is there a way to use 100 point font on Slashdot to write: FUCK THAT ?

Re:Let me guess

[servo335]

Privacy concerns will be massive!

Re:Let me guess

Given the success of Cisco Meraki which is exactly the same thing to the point where your perfectly good network comes to a screeching halt because you didn't renew your subscription on time. I agree with your viewpoint and cannot recommend for the same reason. I steer people towards Aruba which is much friendlier.

70% lower than which Cisco price ?

Cisco always has to prices: The list-price and the retail price to customers who are "in the know". The latter is usually 60-70% below list-price.

Which one is Amazon going to undercut ? If it is the first... Meh... Not so interesting.
If it is the second... Then things get interresting. They will even be undercutting HPE/Aruba then.

Re:70% lower than which Cisco price ?

My scrotum is hairy and interesting. It has the map of Italy on it.

Re:70% lower than which Cisco price ?

wish i had five upvotes for this

More then the equiptment.

[jellomizer]

We are able to get switches and routers for cheap for a while. Many have the same features that Cisco offers.
The reason most companies stick with Cisco, is because they are able to find Certified Staff to work on their products.

If a company tried to upgrade to Amazon Fire Sale Switches, then you need to find staff willing to maintain them and do it properly with best practices in mind, may be difficult. You can probably get Cisco Certified staff to work on them, however if there are any differences there may be an issue.

Re:More then the equiptment.

[swb]

I can't help but think that "Cisco certified" is a giant circle jerk of empire building, premium brand affiliation and so-called network experts hiding behind their Cisco manuals telling everyone how complex switching is.

It used to be that Cisco and networking were synonymous, but not for a long time. There's too much competitive product and often a lot cheaper but a lot of orgs keep buying into the Cisco myth,

Re:More then the equiptment.

[Jaime2]

All the knock offs have a credibility problem. Amazon can just say "Netflix runs on our network and this is what we use". As for staff, Amazon will probably offer to do management for you for a third of your staff's salary. Stonewalling would only land them in the unemployment line.

Re:More then the equiptment.

[jellomizer]

That is all fine and good, unless your networking needs is different then what Amazon or Netflix needs are.
Cisco can normally rattle off names of companies in your industry who are successful with their product.

Re:More then the equiptment.

Well just march right down there and get yourself a CCIE and find out just how easy it is. ROFL

Re:More then the equiptment.

I work for a fortune 500 and we've been ordering Aruba (HewlettPackard owned) switches instead of Cisco lately. They're cheaper and supposedly have some really nice functionalities that cisco doesn't.

Re:More then the equiptment.

[jellomizer]

Oh it is. That is the same with all Certification programs. However the advantage of Certified engineers working on your stuff, isn't that they are smarter or better then what anyone else could do with. But what it does do is keep the work rather consistent.

I am not a networking guy myself. If given a job to do networking, I can probably get it to work, but in the future when the real networking people come in they will look and be scared about the insane job I did, where it could had been done much more easier.

Re:More then the equiptment.

That is all fine and good, unless your networking needs is different then what Amazon or Netflix needs are.

The network needs of Amazon or Netflix are bigger than just about everybody, except Google, Facebook, Microsoft and the US govt.

But lots of companies need big fast switches & routers. If Amazon's network gear is good enough for Amazon, then it is more than capable of handling just about anything you will use it for.

Re:More then the equiptment.

[Junta]

'Bigger' is not the only metric.

For example, a lot of very large internet datacenters have extraordinarily convoluted networking configuration, which is fine if you have expertise and need the power, but broadly speaking most don't need that power but they do need simplicity.

They might have decided their equipment works best with small broadcast domains and just focus on layer 3 technologies, but a shop may have been doing just fine with their oversized broadcast domain because their network vendor made the most of that sort of topology rather than skipping it because it's a bad idea.

Re:More then the equiptment.

[jellomizer]

Sometimes you need a tractor trailer to do a job, other times you need a Dump Truck. Both can haul hundreds of tons of material. But they do it differently.

Re:More then the equiptment.

[swb]

99% of the networking out there doesn't get more complicated than VLANs, QoS and spanning tree with maybe some pretty trivial static routing on top of it. You might find a little bit of OSPF routing here and there, either bigger physical campuses or multi-site environments trying to deal with automating failover between MPLS circuits and IPSec backups.

You need a CCIE for that like you need a PhD in chemistry to cook dinner.

That's not to say that CCIE isn't one of the best vendor certifications and CCIEs aren't smarter than the average bear, but it's also a pretty narrow space where it's an applicable requirement outside of larger telcos, data centers and carriers, and maybe places bought into very broad Cisco-specific product suites.

My point is mostly that the Cisco crowd likes to make "muh networking skillz" into some kind of mystical knowledge when it really isn't. It mostly seems like they hide behind a greatly elevated sense of phony expertise, which Cisco and their resellers are only all too happy to reinforce.

Re:More then the equiptment.

Its hard, but thats just because Cisco builds their own standards built on top of other actual standards. Like EIGRP, VTP, VSS. And then, of course, they license everything in strange ways, like you can do VSS on a 4500x but not a 3850, etc. And the hardware compatibility is insane up and down the stack.

So you have to have people that can cut through all the overhead BS that is Cisco instead of just working on networks.

Personally I've waited a long time to see Cisco get cut. Its happening, slowly. HP/Ubiquity/Juniper, I see more and more of this now. Its not a given to see a 29xx in a rack now, where used to be that was the de facto standard.

Re:More then the equiptment.

[aaarrrgggh]

The thing is that because of this the CLIs for most competitors are very similar, and for routers you are mainly looking at differences between noun-verb and verb-noun syntaxes. The idiosyncrasies between brands can be a challenge, and the management tools can vary tremendously... but it simply isn't the case that you *need* the Cisco branded equipment.

With Cisco experience as an example, picking up configuration on a Ubiquiti switch isn't a huge deal. Mixing and matching all day long will be frustrating, but that is always true.

Right now the disruptive opportunity is that there could be a whole lot more 100Gb needs outside the data center in the next couple years, and the manufacturer's haven't really ramped up the "business" versions of this equipment yet-- 10G is still an outlier.

Re:More then the equiptment.

Most CCNA's I've dealt with are in the same boat. The network engineer will be horrified to figure out the creative ways you had to get it to work. Cisco's product line is such a moving target that a CCNA is useless. I've yet to find someone with a current CCNA that actually had a practical knowledge of network setup from the ground up. CCIE's are a different breed, they spent 10s of thousands on classes and taking tests. They are required to have a much deeper understanding of networking in general.

On top of all that, Cisco doesn't develop new products anymore. They buy them and then poorly integrate them. Their FirePower ASA's for small business require you to plug in the management port to one of the lan ports so you literally have a 1 foot long patch cable connecting two ports on the ASA. Larger ASA's use the firepower management server which is clunkly but powerful at least. Then you of course you have Nexus switches which were hilarious for me since I mostly worked with HP. I found I had no FEC support to bond ports, I had to bond with LACP like I would any switch that wasn't Cisco. Cisco UCS is quite a joke as well unless you are literally connecting dozens of chassis together. If you are at all small you are just wasting your money.

On top of all of that you have Meraki which is actually a good product they haven't destroyed yet which doesn't integrate with any Cisco products yet despite being under their wing for at least 5 years now. Their licensing model is the main criticism but that is in line with Cisco's customer hostile policies so that is at least consistent.

Re:More then the equiptment.

[jeff4747]

Amazon already has a certification program around AWS. It's not going to be very hard for them to add an "Amazon Certified" program.

Assuming the hardware is not shit, getting some people to get that certification and getting some company to install that hardware is not going to be hard for a massive cloud behemoth. Start with their own staff and datacenters. "We run AWS on these" should sell well enough to start making inroads.

At that point the market will pick a winner.

Re:More then the equiptment.

Penis hats are a coming fashion item.

Re:More then the equiptment.

99% of the networking out there doesn't get more complicated than VLANs, QoS and spanning tree with maybe some pretty trivial static routing on top of it.

99% of programming out there is copy and pasting from stackoverflow. That does not mean there are no programming experts.

Re:More then the equiptment.

Try hiring people with degrees in networking instead of paper tigers.

Re: More then the equiptment.

Some people support their families taking to time to study this equipment in depth and make their livelihoods supporting it. Go ahead and support amazon if you want, but I'd rather support my family using skills I've learned over the past 10 years than to buy some white box and make bezos even richer.

Re: More then the equiptment.

Some people support their families taking to time to study this equipment in depth and make their livelihoods supporting it. Go ahead and support Big Auto if you want, but I'd rather support my family using skills I've learned over the past 10 years than to buy some "mechanical horse" and make "car makers" even richer.

Fixed that for you.

Also, 90% of Cisco Certs, like MS Certs and Novell back in the day, is vendor specific bullshit designed to obfuscate the existence of open standards already published elsewhere.

What does DC stand for...
Domain Controller
Data Center
Direct Current
District of Columbia

So buy the Amazon white box and work 80% less to support your family with your savings. Or go and grow your 100% of own food rather than enrich some fat cat middle man.

Re:More then the equiptment.

Facebook makes their own switches. Now that ZTE is off the hoot, now they can too. It is not hard to write software to convert brand name config and system files into the newer white box hardware - but not done often enough. Have a define and alias verb in the set too, so if someone bitches about verbs and keywords, alias and macros can help out.

Re:More then the equiptment.

[strikethree]

Throwing packets around coherently requires discipline, but it is certainly not rocket surgery. Cisco has a motive for making it more difficult than it really is; therefore, the people who mastered that falsely elevated difficulty are also falsely proud of their accomplishments. Nobody wants to hear that what they worked so hard to learn is really much simpler than what was presented. So they remain proud of their accomplishments.

Re:More then the equiptment.

[swb]

Thanks, I wasn't able to put into words like that. There's a feedback loop where Cisco makes things (at least seem) more difficult than they should be, the people who do it are invested in sorting it out, and want to keep that going by keeping their organization invested in what "only they can do".

Doubt MPLS are going to save the day *again*

Seems like every time Cisco needs something new they call in Mario, Prem, Luca & Soni (MPLS).

Need switching acquire Crescendo (cat5k -> Cat6k), started by them.
Needed a storage switch? Spin out and spin back in. MDS
Need servers and ToRs? Spin out and back in
Pseudo-SDN (ACI) with hardware lockin? A Spin out and spin back in.

Not sure that Chuck will go back to them on bended knee and beg for them to save the day again.

Amazon Prime comes to network gear

[QuietLagoon]

Prime members have their packets delivered in 2 nanoseconds or less.

Re:Amazon Prime comes to network gear

Not to mention, packets from all senders get mixed together so you never know if you'll get an authentic one or a cheap knockoff. But, you can always order extra and just send back the ones you don't like...

Re:Amazon Prime comes to network gear

AmazonBasics Edge Router

Though seriously... I would_pay_ for Prime Now on this.

What's in it for us?

[mykepredko]

From Amazon's perspective this makes sense, provide priority bandwidth for Alexa and Amazon Prime as well as providing a way of monitoring customers' internet habits. Hopefully, they will be providing a high level of security so the information they're accessing/collecting doesn't become available to third parties.

When there are *lots* of low-cost switches that I don't have to worry about Amazon's potential for taking over my home, why would I want to buy from them?

Re:What's in it for us?

[aaarrrgggh]

The incremental cost of offering for sale something they manufacture for themselves already is low, and the opportunity for profit is high.

Re:What's in it for us?

[jeff4747]

These are switches for datacenters, not your house. It is unlikely that Amazon is interested in getting you to buy one.

Re:What's in it for us?

These are switches for datacenters, not your house. It is unlikely that Amazon is interested in getting you to buy one.

To be fair, I'd say at least 10% of regulars here for the tech bits have either a VM cluster, 10G networking or both in their home. You can do both for under $1000 USD if you are not memory or CPU bound.

Silly

[heson]

We pay top dollars (maybe 4x any other brand total cost, the license is ridiculously expensive) for Cisco because they are proven to work and don't fail. We have tried lot of almost as expensive brands and they failed, the chance of us trying something new is 0% testing in a lab another proven brand that is not burned is possible.

I.e to get into market, start with solid cheap stuff (where the requirements are low). Then try to fight the big players.

My estimated outcome: either they do not survive one year or they become as expensive as Cisco if they win.

Re:Silly

Cisco Certified here.

    Cisco used to be reliable. Now they have buggy software running on top of linux. Cisco has always been good at hardware but their software blows! Don't get me started on this fiasco they call Firepower Threat Defense. Cisco is a turd circling the drain.

Re:Silly

[Gilgaron]

I'd bet this is just vertical integration that they are selling to others. The sales pitch is going to be "you're running all your cloud stuff on this hardware already"

Re:Silly

We pay top dollars (maybe 4x any other brand total cost, the license is ridiculously expensive) for Cisco because they are proven to work and don't fail.

Cisco also continues to find hard-coded admin passwords in the products:

https://www.theregister.co.uk/...

Incompetence? Deliberate act? Hard to tell the difference...

Re:Silly

[The-Ixian]

Especially with upstarts like Ubiquiti Networks entering with ridiculously inexpensive hardware good features and easy to use management software.

I wouldn't be surprised if Amazon just buys them as their entry into the market.

Re:Silly

Also Cisco Certified here.

Cisco doesn't run on linux. It's a proprietary OS. It used to run a flavor of unix 20 years ago. You have your knowledge inverted.

Cisco has always been good at hardware but their software blows! Don't get me started on this fiasco they call Firepower Threat Defense. Cisco is a turd circling the drain.

Don't buy Cisco software. Don't buy Microsoft hardware. Don't buy fruit from Starbucks. All three companies are equally "circling the drain."

Re:Silly

For various levels of "Proven" - Cisco today isn't the Cisco of the late 90s and early 2000s. They've now got a lot of products that really don't live up to the legendary brand name.

Their support is good and their core products are good. If you can afford them.

Cisco's real problem is Cisco. They've got that 90s era pricing structure of "Pay out the ass for features, then again for CALs, then again for support." Their sales culture is appalling. They're really out to sell you anything and everything you don't need and don't seem interested in providing you a working solution.

The overall industry trend also runs counter to Cisco's business model. Cisco is rooted in the old school where you set up a very elaborate, very smart network to control your data.

Today bandwidth and processor power is cheap. Really, you just need reliable gear that can pass lots of data and your VM infrastructure takes care of the rest. It's just VM's passing data to each other all day long.

It's just like the server market. Whitebox owns the cloud. Just generic machines designed for maximum value. It doesn't matter if every node is not bulletproof. For every node that fails there are redundant nodes elsewhere that have already taken over.

Network gear, at it's core, are just specialized computers with lots of network ports. They can be white-boxed too.

Re:Silly

[Cramer]

running on top of linux... on top of commodity merchant (*cough*broadcom*cough*) silicon.

Re:Silly

[Cramer]

Incorrect. A growing amount of Cisco hardware is running linux. Old School IOS and Old School PIX aren't linux -- which shouldn't be a surprise as they pre-date linux, but modern ASA, NX-OS, IOS-XR/XE have a linux base. (XR started out with QNX and moved to linux ~5yr ago)

Re:Silly

[pnutjam]

HP switches have been reliable, cli compatible, and much cheaper for years. They also throw in a lifetime advanced replacement warranty and firmware without an annual cost.

I used to love replacing Cisco with HP, when I worked on networks 10 years ago. Now there are plenty of other choices for commodity switching gear. I didn't realize you can now buy 5 port "managed" switches for around $25. Finally got rid of the old hubs I had hanging around for sniffing traffic.

Re:Silly

[cthulhu11]

... so long as you don't mind waiting 6 weeks for an RMA when your Ubiquiti unit fails. Never again.

Re:Silly

[strikethree]

We pay top dollars (maybe 4x any other brand total cost, the license is ridiculously expensive) for Cisco because they are proven to work and don't fail.

This is true. Cisco gear CAN be the toughest of the tough. In one of my networks, a switch had been hit by a 7.62 millimeter round and it stopped working. Unplugged it, plugged it back in, and it started working again. Had a bunch of Cisco reps present because were signing a $500 million SmartNet deal with them and they begged to take pictures of my switch to use for marketing purposes. I imagine many people saw pictures of that 3650 (iirc).

Sci-fi Theme Playing Out

100 years from now Amazon will be the new Umbrella or Cyberdyne System Corporation.

Re:Sci-fi Theme Playing Out

[Oswald+McWeany]

100 years from now Amazon will be the new Umbrella or Cyberdyne System Corporation.

They're only 5 years away from being Veridian Dynamics.

How much to get rid of ads?

[Oswald+McWeany]

Is it still going to be cheaper than Cisco when you pay to not get ads delivered to everything connected to your network switch?

Is this going to be like their phones and their tablets and their e-readers where you have to pay more not to get ads?

What do I want?

Cheap 10+Gb ethernet cards and switches.
Why are they still around $100 a port?

Re:What do I want?

[sexconker]

Because fuck you, that's why.

They're so locked into that mentality that 10 Gbps needs to cost $$$$ that instead of pushing forward they're pushing backward by shitting out multiple half-assed "solutions" for teaming two 1 Gbps links on consumer / small business gear, as well as teasing eventual support for 2.5 Gbps and 5 Gbps standards.

They blame cat 5e cabling, but you can run 10 Gbps over cat 5e in "short" runs (probably up to 40 meters).

Re:Hardware? We don't need no stinkin hardware.

[blindseer]

Software defined networking is great when dealing with networks at a high enough level. People have been making routers from commodity hardware for a very long time. Obviously people have produced special purpose hardware for routing as this means they can optimize the hardware for the task and can do so cheaper than someone grabbing a PC, filling it with interface cards, and loading some software onto it.

Switching is different than routing, it's done on a different level. The hardware needed is more complex, and therefore more expensive, than what is found in commodity computers. Go and try to find a software defined switch. I tried, and they don't exist. The closest you will find is a switch defined as a virtual machine. Load up something like VMWare ESXi and you'll find a way to create a software switch, but it can only switch packets among the virtual machines on that system.

People have made limited software switches with server style Ethernet cards (which grant greater access to the packet content than a desktop Ethernet controller) and the right kind of software but they are expensive and slow. They are really only useful for things like testing, training, or demonstrations.

This is a big deal because this means Amazon is getting in the hardware business in a way that is quite rare. Amazon is a large enough company that they may actually be able to follow through.

Way behind

Dell, HP, others have their own competition to Cisco. I doubt Amazon can produce (or acquire) a technology that could seriously compete. Will they replace their Cisco gear in their data centers with their own? And when they have an entire zone outage from it?

At some point data in cable A has to go to cable B

And for that, you're going to need some actual physical hardware.

Support? Longevity?

So what are Amazon's plans to address support of both software and hardware? How will they fix security issues and other bugs? Will they provide the needed assurance this won't be abandoned in another couple years for the next new shiny thing? Or do they just plan to dump their stuff on the market and hope for the best and tell the end customer they need to support it?

Re:Support? Longevity?

[sexconker]

So what are Amazon's plans to address support of both software and hardware? How will they fix security issues and other bugs? Will they provide the needed assurance this won't be abandoned in another couple years for the next new shiny thing? Or do they just plan to dump their stuff on the market and hope for the best and tell the end customer they need to support it?

So what are Cisco's plans to address support of both software and hardware? Shit out untested, buggy software with huge security holes on reliable, but extremely overpriced hardware? Etc.

Cisco isn't exactly highly regarded anymore. It's the entrenched standard people are afraid to move away from. The devil you know.

Re:Hardware? We don't need no stinkin hardware.

[Junta]

Well, I was assuming the parent was joking, that it could be software all the way down, which isn't obviously possible.

In terms of software defined switches, generally speaking they consider any switch that can be ONIE to be 'SDN-friendly', and some others.Sure, there are switching chips doing the actual moving of the data (there pretty much has to be), but their primitive capabilities are exposed to software for more in depth wrangling.

In practice though the complexity of SDN switching is well beyond the point of diminishing returns for almost everywhere to bother with.

Re: Hardware? We don't need no stinkin hardware.

"Hardware? I though everything was headed towards SDN (software defined networking)?

https://en.wikipedia.org/wiki/Software-defined_networking"

(Your article says SDN started becoming a topic in 2011.)

1)You would think AWS would know a bit about SDN, since they basically invented it, and made it available as part of a service to customers in 2009, except they called it VPC:

https://en.m.wikipedia.org/wiki/Amazon_Virtual_Private_Cloud

2)You probably still need networking-specific hardware; you want a higher ratio of network ports to CPUs in a typical switch than a typical PC or server. Amazon already makes custom network hardware for servers and switches using 25GbE, apparently including 100GbE using QSFP (4Ã--25GbE) (where AFAIK Cisco only does up to 4x10GbE between switches and their server hardware and 100GbE is only available between reall really expensive core switches - N7K - and really really expensive routers - ASR9K or NCS6K).

See e.g.
https://www.theregister.co.uk/2016/11/30/aws_hardware/

By Selling Broadcom Switches

Amazon plans to do this the same way Cisco, Arista and everyone else does this now: by selling switches built with merchant (Broadcom) silicon. If you're a business entity, you already get a 40% discount, minimum, on Cisco's list price. So, the decision is really whether saving 30-40% is worth running potentially buggier hardware, potentially worse support and facing a potentially high learning curve. It may be: when these Broadcom switches first game out, vendors had to compete with Cisco's custom-silicon Nexus 5k and 7k platforms, which were (and are) pretty good boxes and had massive market penetration. Some vendors, like Arista, were able to immediately compete with Cisco selling a product that had the features data center customers cared about (low latency, deep buffers) and excluded those they didn't (MPLS, large routing tables). It certainly helped that anyone who was familiar with IOS and it's syntax could provision one of their boxes without having to look at much documentation. Amazon could certainly do this as well, but the market is already pretty crowded and more mature in terms of features and stability, so I'm not sure how they really plan on sticking out.

Not a difficult task

[nehumanuscrede]

It won't take a whole lot to undercut Cisco since they have always had ridiculous pricing.
Even companies with damn near infinite amounts of cash finally started looking at other vendors because of ludicrous price levels.

However !

That said, I have decommissioned Cisco routers and switches that have been running ( without a reboot ) for twenty plus YEARS without a hiccup.
I doubt you're going to find that sort of reliability in anything offered at rock bottom prices.

So, while expensive as hell, I can't complain about the operational track record.

Re:Not a difficult task

[aaarrrgggh]

Sure, but in 5 years to you expect you will find much equipment that is 5 years old today left in operation? If so, is it at its "smashing point?" (Smashing point is where it is cheaper to replace something that works for something new with better performance.)

Re:Not a difficult task

That said, I have decommissioned Cisco routers and switches that have been running ( without a reboot ) for twenty plus YEARS without a hiccup.

Given the number of firmware updates from Cisco that fix serious security issues (including hard-coded admin passwords), not rebooting in twenty years seems to be negligent...

Re:Not a difficult task

[CharlesAKAChuck]

Depends entirely on the circumstances. I've had entire racks full of servers and switches that hadn't been power cycled in years and years. Not patching them was not important at all since they were on their own little network running production gear, air gapped from the rest of the world. You want to walk into the middle of our plant and plug into a switch (if you can find them) to try to cause trouble, knock yourself out. There's some other switches and routers that could, theoretically, be accessed from outside, but by the time someone got that deep into our network that equipment not being patched would be the least of our worries. Point being, yes Cisco costs an arm and a leg. But the equipment is top notch, the support is top notch, and the warranties are amazing compared to the rest of the computer industry.

Re:Not a difficult task

[bn-7bc]

Hmm live upgrade on a 20 old switch/router, did Cisco dot thst back then, ore are ypu inderctly telling us thst the box has 20 year ol firmware? I’m shure I’m missing something here so any info is apprecuated.

Re:Not a difficult task

Are you having a stroke?

Re:Not a difficult task

[pnutjam]

Your really surprised to see solid state equipment running for 20 years? Generally if switches fail, they do it in the first year. After year one, they usually just chug along.

Re:Not a difficult task

[AmiMoJo]

You can have one very reliable Cisco switch or four redundant cheaper ones.

Take your pick between NSA and Chinese backdoors.

Re:Not a difficult task

[cthulhu11]

Everyone has ridiculous *list* pricing. Anyone buying Cisco gear in quantity is going to get a healthy discount from list. I used to work for a Cisco partner, who got 40-60% off.

Re: Not a difficult task

Or install both and watch them fight each other until the winner bricks the other.

Re:Not a difficult task

[misnohmer]

I once spent months trying to figure out a network problem only to eventually find that some Cisco routers, even though they negotiated full-duplex connections, were communicating at half-duplex and when transmitting packets they would discard simultaneously incoming packets (with no errors). It did stay up without rebooting though.

Re:Hardware? We don't need no stinkin hardware.

Hmm, I'm using 10Gbps software switch as real 10Gbps switch is still too expensive...

Just group your interfaces into a bridge -- after all the core function of a switch is a bridge. No software required; it's build into the kernel already.

# man bridge

Amazon Linksys. Cisco can't buy it.

Like kbonin and others have commented, the networking equipment market is a freaking overpriced mess. That's why Cisco acquired Linksys years ago and then subsequently crippled Linksys switches -- they were eating away at Cisco's high margins.

But now, if Amazon beings to play the role of Linksys, then there is not much Cisco can do about it. Cisco certainly is not in a position to acquire Amazon like it did with Linksys 15 years ago. So Cisco will be forced to lower its prices. Other vendors will be forced to lower their prices too.

However, this is going to depend on how much Cisco retains their brand prestige over the next few years. Because there are some established brands that are kind of shitty, but managers still purchase them anyway so that they don't get fired. Kind of like how nobody gets fired for buying Microsoft, Adobe, SAP, and so on. Cisco is also in that group to a cetain extent.

Equipment from Buffalo and Ubiquiti Networks are nice and reasonably priced. We have a Buffalo PoE managed switch here in the office. Cisco's equivalent switch would have costed us like 3 - 4x more.

So I'm glad to see Amazon getting into this market.

Re: Hardware? We don't need no stinkin hardware.

100GbE switching is available for dirt cheap on the N9K platform.

Re:Hardware? We don't need no stinkin hardware.

Switching is in fact FAR simpler then routing. Layer 3 switches are a hybrid router with switching logic. Pure switching simply looks at feild X in a packet and switches it to the correct egress port with a single table lookup. That is trivial. Routing has to look at the entire table and match based on a list of rules. Layer 3 switches let you bring the joys of policy routing to switching. There is real need for 100G switches in a affordable price point for DC's. Along with that they want layer3 switching/routing.

Re:Hardware? We don't need no stinkin hardware.

[blindseer]

Well, I was assuming the parent was joking, that it could be software all the way down, which isn't obviously possible.

Yes, I realized that was quite probable after I submitted my post.

In practice though the complexity of SDN switching is well beyond the point of diminishing returns for almost everywhere to bother with.

Agreed, I imagine there is a market for software defined switching but it is quite small because the costs outweigh the benefits for most cases. I can also imagine much of that market exists in places where much of the network is virtual, like the VM clusters I mentioned in my previous post. It may be possible that software defined switches could gain more of the market. I'm thinking that not only would cost be a consideration but also security. I don't know much about how software defined switching would work but I'm quite certain the more general purpose the hardware the less secure it will be.

I'm sure AWS has been making their own hardware

I'm sure AWS has been designing and making their own hardware for their cloud service for years. Why not roll it out to the masses?

Re:I'm sure AWS has been making their own hardware

No. They've been buying from Arista. They don't have the expertise for it.

Have any suggestions for brands of switches...

Which support 10G or better, have open source operating systems (BSD, Linux, etc) and open source friendly hardware on board, and have products in the 500-2500 dollar range?

I've been looking for solid VLAN capable managed 10G+ switches/routers/backplanes for a while now and haven't seen much.that competes with cisco/juniper/etc at the low-mid range, which is where my budget is at.

Re: Have any suggestions for brands of switches...

You must not have looked very hard. Any of the open switch capable devices should meet your needs, and are considerably less expensive than Cisco.

If Amazon use them, it's good for me too

[JcMorin]

If Amazon uses their own switch to power their own super huge datacenter... that's a solid argument that those switches actually works!

Re: Hardware? We don't need no stinkin hardware.

My Nexus 9372's are SDN...

Re:Hardware? We don't need no stinkin hardware.

[Junta]

At layer 2, the promise of value is more granular control over packet forwarding than designating vlans.

The switch chips under the covers have a great deal of impossibly complicated capabilities that traditional switch config software abstracts away to basically vlan and not much else. Traditionally there is also sometimes helpful filtering (e.g. 'do not forward ethernet frame if it's dhcp response'), though that is a bit rare and generally hard to configure. There exists a contingent of folks who want to go deeper and imagine higher performance topology (e.g. a fat tree, torus, dragonfly, basically the sorts of topologies you see in infiniband and omnipath) that spanning tree would spit all over, and MST or similar would be too coarse. TRILL was the 'non-SDN' answer proposed to provide other topologies on ethernet, but that didn't pan out.

Problem is that in practice, it's trying to reinvent the infiniband sort of strategy (openflow controller is like an infiniband subnet manager) and this is very difficult to pull off, and generally superfluous for most people and the rest could... just get infiniband where the solution is pretty mature....

Re:Hardware? We don't need no stinkin hardware.

Software defined networking is only useful for service providers to secure access. When you have multiple customers hosted on the same VMWare servers you need to make a network that is scale-able and secure. You do this by creating a separate subnet and a private vlan. If they have multiple machines across several vmware hosts then you create a community pvlan and away you go. Everyone can share the same primary private vlan which allows for easy subnetting but the switch won't allow them to cross secondary vlans. This is all defined in-software, at the switch level it is just a single tagged vlan primary vlan, and then tagged secondary vlans for each customer.

SDN is just like using the term cloud, it's just another term for something people have been doing for over a decade. If you're a business with only a few VLANs and not much infrastructure churn then you have no need for SDN. If you have a lot of churn then it can make sense as it is easy to scale out and remain PCI, hippa, or ferpa compliant.

In my environment the first customer took me a week to provision properly with SDN, the second customer took less than 5 minutes. I'm limited only by my ability to spin up a new vm from my gold image and then assigning it to the new network. Everything else takes about 1 minutes start to finish.

Re:Hardware? We don't need no stinkin hardware.

Yes this can be done with a regular computer but it will not perform at near the same level as a real managed switch that is using ASICs to do all the work which are purpose built to do exactly that. They will outperform a CPU doing the work every-time. You can throw a ton of CPU at a PFSense box and achieve good performance but then you might as well bought a real firewall which will be easier to manage and perform even better.

I say that as someone that threw together two old servers to make a PFSense HA cluster until we could afford actual firewalls which more than doubled our performance overnight. It's easy to look at a NIC and think that its 10gig so put two together and you'll get 10gig switching throughput. You'll be lucky to get 5 out of it.

so, 19y 11m of unpatched bugs and back doors

so, 19y 11m of unpatched bugs and back doors.

Good to know.

Re:Good idea

Has she he's really been far even as decided to use even go want to do look more like? That's far more important than how many gay.

Does the discount include NSA monitoring?

[saccade.com]

The NSA was already caught hacking Cisco's routers before foreign customers received them. I wonder how secure Amazon's are? Do they subcontract the manufacture to China? Does the Chinese government get a back door out of the deal?

Re:Hardware? We don't need no stinkin hardware.

[Cramer]

Yes, software switches do exist (aka "bridge"), but, as you mention, they're slow as crap because software (general purpose CPU) has to move frames from interface to interface.

Amazon isn't "getting into the hardware biz". They're just going to (sub)contract that shit to any number of "white box" switch makers already gluing common Broadcom (etc.) switch SoCs to boards. The OS on those boxes will most likely just be a customized / rebadged existing network OS.

Re: Hardware? We don't need no stinkin hardware.

Openvswitch.

Re:We withdrew from the Paris agreement

[Bradac_55]

Says the guy that has probably never needed to call Cisco TAC lvl2 about a zero day bug found in a $10 mil+ DC.

There's lots of competitors out there and the telco I work for has all of them in small amounts in both DC's but none of them comes close to Cisco TAC until that changes we won't move over anything major over to the wannabe's except edge devices (Aruba switch/controller/ap combo's).

Juniper comes the closest but there layer7 support (next gen firewalls like Palo's) isn't there yet.

Re:We withdrew from the Paris agreement

Says the guy that has probably never needed to call Cisco TAC lvl2 about a zero day bug found in a $10 mil+ DC.

So, your argument is that you spent $10M+ on a DC and YOU found a bug and YOU had to call them for support? What does you overpaying have to do with having to call for support on a buggy product? Why would buying a buggy product at all be a good thing? Is your argument "Yeah, they are shitty and over priced, but you can call for support as long as you spend thousand more on another service contract"? Because I prefer products I don't NEED to call support on.

I feel the same way about next/same day onsite support. Is it free? Does the support contract on each of twenty devices for 4 hour part replacement cost more than just having a spare for the 20? If I need more than 5% in spares, that means I am looking for different devices, not same model replacements.

Someone else complained that a $200 pfsense box (plus NICs) was only 5Gb they way they configured it. Setting aside the $200 budget and config mismatch issues, I don't care if I need twice as many links if the CAPEX is a twentieth the cost, OPEX HW contract support is $0 (because I can buy spares under CAPEX and still be cheaper) and the operating labor is trivial if you build your config scripts in the first place.

Amazon can't do shit

Amazon will only try to cut costs, not make quality hardware.

Inside attack

So not protected from inside attacks then.

Re:We withdrew from the Paris agreement

You sound unemployed.

They don't get it

People who buy Cisco gear are not worried about price - They want the reliability.

If Amazon are building their stuff to be cheap, they will not be fighting with Cisco, they will be fighting with TP-Link.

Lower 10gb and 40gb pricing

[Only+Time+Will+Tell]

I'd love to see this effort drive down the costs of 10gb+ network speeds and drive them into the consumer market.