The death of Dynamips: they’ve got it all wrong

Today I really wanted to write a deeply technical post (for example, Joe Cozzupoli sent me working configs for QPPB in Inter-AS MPLS VPN environment), but a gem from the SearchNetworking site caught my undistracted attention: they claim the licensing changes introduced in IOS release 15.0 target illicit use of Cisco IOS by Dynamips. The story quotes two of my blogger friends: Stretch and Greg (congratulations to both !!!). Each of them makes very valid points (I am wholeheartedly supporting Stretch’s plea for educational licenses), but somehow the story’s author managed to mix ingredients from their stories to come to a sensational (and totally wrong) conclusion (with a great headline).

Let’s start with the sad fact: Dynamips’ lifeline was cut years ago when Cisco introduced the ISR routers. To run IOS on a completely different mix of hardware, Dynamips has to emulate the router’s hardware, from CPU to every single I/O device. That was “easy” (OK, doable) when Cisco used off-the-shelf components from commodity manufacturers (Motorola, AMD) who publish the detailed specs of their hardware. That tradition was broken in the ISR routers which use I/O chipsets from another manufacturer that gives you data sheets (and in-depth specs) only after signing an NDA agreement (believe me, I’ve tried and got nowhere). That’s why Dynamips supports only the 2600/3600-series and not 2800/3800-series.

The high-end routing products introduced after the 7200 series (and all switches) use customs ASICs. Obviously these are not documented outside of Cisco and thus one cannot emulate them without thorough reverse engineering.

It’s interesting to note that the Dynamips’ author broke no law; he wrote an emulator for publicly known chips. The “only” pirates in the whole story are people who decide to download an IOS image from Cisco and run it on Dynamips (which just “happens” to work just fine). If the Dynamips’ author would start emulating hardware where the specs are only available under NDA or where the emulation requires extensive reverse engineering, he’d be in deep trouble.

With all these limitations in mind, it should surprise no one that you can run IOS release 15.0 in Dynamips only if you use the 7200 images (the IOS support for the x600-series routers was stopped with the release 12.4(15)T). And here comes the fatal bug in the story: IOS licensing was introduced on the ISR-G2 platforms. It is not used (yet) on the high-end boxes and will probably never be used on the 7200 platform. It should be obvious to anyone that this change in IOS deployment model has nothing to do with Dynamips (but then the story would immediately lose all its appeal).

23 comments:

  1. Indeed, Dynamips cannot emulate any of the platforms which run "universal images" with IOS licensing, so considering Cisco did this intentionnally is a bit strange (in my mind, this is completely unrelated, they just wanted the customers pay for the features they use).
    As you noticed, the 15.0 release just runs fine on Dynamips with a 7200 platform.

    If Cisco really wanted to break the emulation, that would be very easy to do (emulation can be detected because of inaccurate timing in the virtual machine, incomplete CPU and I/O device emulation, ...), no need to look for a complicated method.

    Being the author, I obviously knew from the beginning that the program would have a limited lifetime, due to the platforms going EOL/EOS. I guess one day the 7200 will be declared EOL too. Like Stretch, I would really like that Cisco provides a full featured image running on a PC but limited in performance, or that stops working after 4 or 8 hours, for example (that's what Xilinx, a FPGA vendor, does for evaluation purposes). Some Cisco engineers told me that technically it wouldn't be a problem to do this, the problem is that Cisco then must have teams for the program maintenance.

    Anyway, I'm impatient to read the QPPB article ;)

    ReplyDelete
  2. Thanks for making this clear.

    ReplyDelete
  3. Hey Ivan

    You are correct, however I am led to believe that licensing will be mandatory on all platforms at some point. I haven't had clarity around the 7200 platform so I can't confirm if licensing will be required in the near future.

    My main points are that education should be part of Cisco's agenda for addressing customers need. Not only for training, but for testing and validation. Many companies are using Dynamips to test deployment, especially for MPLS environments. Forcing them to buy test units isn't going to be popular.

    Secondly, many people are not aware of the impact that IOS licensing will have on the support and replacement of faulty hardware. Is that why it's been introduced on a small number of products, to test if customers will really complain or blindly put up with the inconvenience ?


    I am concerned about the young people who need to access resources for training. Who is going to help them ? But judging from the response, no one seems to give a hoot.

    Bad luck for them I guess.

    I going back in my hole.

    greg

    ReplyDelete
  4. Hi Greg,

    as I've said - your points are valid, licensing will surprise some people who fail to read the manuals and do proper planning, and I absolutely agree with you that Cisco should provide evaluation/testing platforms ... but this has absolutely nothing to do with Dynamips and linking the two might do more harm than good.

    As for the young people: I don't know about you, but we had to survive with way less than what they have. Plus: if they want to get exposed to the internetworking technologies, there's always Vyatta, Microtik ... and the whole thing will definitely not benefit Cisco in the long run :-P

    Ivan

    ReplyDelete
  5. Yeah, well. You don't get thanked for being helpful. On the other hand, less networking people means I can charge more.

    Now that I think about it......

    ReplyDelete
  6. Ivan, I can appreciate when networking was uphill both ways, but if it takes the avg peson $10-15k to become CCIE because they will have to use h/w and supported s/w to keep up with blueprint changes. Unless cisco 360 becomes the cost of Juniper's offerings, I would expect less interest in certs. With less professionals, fewer experts to work on them, and ultimately less sales IMO> It would of course take a long time, but I dont believe it is too far from the truth.

    ReplyDelete
  7. Ivan, you make an excellent point, and I should have included that in my original article. Of course, as the owner of a physical lab, I'm more concerned about the availability (or lack thereof) of an educational license for use on real hardware anyway.

    ReplyDelete
  8. Darby, I'm the author of Dynamips and what you are saying is totally WRONG: Cisco never made an offer about it, I really would like to know why you invented this ?

    ReplyDelete
  9. Chris, why you have stopped development of Dynmaips? Lack of time and/or interest?

    ReplyDelete
  10. Mr. Weaver, what you've just said is one of the most insanely idiotic things I have ever heard. At no point in your rambling, incoherent response were you even close to anything that could be considered a rational thought. Everyone in this room is now dumber for having listened to it. I award you no points, and may God have mercy on your soul.

    ReplyDelete
  11. Darby,

    Let me make things very clear one more time: I've never heard about Chris Jacobs, and I have never been contacted to license Dynamips (I don't know for the GNS3 guys).

    Moreover, I developped this program on my spare time because I needed it for my job and I enjoy experimenting with Cisco routers. I'm also glad that it is/was helpful to the community. My goal never was to make money with it and if Cisco would have contacted me, the answer would have been: "The source code is available, you can do whatever you want with it, of course I would love to enhance it with your help, even for free.". Feel free to forward this answer to the people you talked with if you want. In this project, I was only interested in the technical part, not about making money (I don't run a business about dynamips, and I *NEVER* received any dollar for it - if I wanted to, I would have first set up a "Donate" button on my site, and as you can see, there is none).

    ReplyDelete
  12. I've a lot of contacts with Cisco engineers, and I know about IOU and how it works. However, this product (which must not be distributed to the customers) was developped long before dynamips existed. AFAIK, IOU is used mainly for developpers for testing the code that is platform-independent.

    ReplyDelete
  13. Chris,

    Apparently the issue hit Groupstudy and one of the people from Cisco who would know is saying that Cisco did communicate with someone from "Dynamips" (He's probably using Dynamips generically as well to imply one of the incarnations as well).

    Here's the post/reply:

    On 2010-02-08 05:43, Tyson Scott wrote:

    > I have to agree with Iwan here and your tone and insults towards Iwan either
    > show you haven't been in the computer industry very long or you don't see or
    > don't agree with the big picture that many are arguing towards in this
    > thread.

    I didn't meant to insult anyone, so if somebody was hit - sorry,
    this wasn't the idea. What I found insulting in his post was the idea,
    that just because company is selling software it should support all
    3rd party addons/extensions/emulators, or else it is 'greedy'.

    ReplyDelete
  14. > What Cisco has failed to do is create a good developer test bed environment
    > for test engineers and people that are interested in propagating their
    > products. It was already mentioned a while ago in this thread how harmful
    > failing to do these things was for Novell in the past. How many people on
    > this list still use Novell in their environment? For many years Novell
    > still had better products than Microsoft but no one saw the need or lost
    > interest due to many factors.

    I fully agree. I do also believe that information as it is should
    be free, people should be able to read and learn freely, and there should
    be no borders for people without $$$ to learn what's important for
    them. While I actually work for Cisco, I'm also involved in couple of
    Open Source initiatives (for which Cisco doesn't pay), and I'm constantly
    challenging our internal teams with questions and concepts that peer out
    of "let's sell that!" idea. Not to mention I teach at Network Academy
    and do some work that may be viewed as 'working for people' not
    'selling Cisco stuff to people'. But let stop it at this point.

    > Microsoft for example has the MSDN subscription that you can purchase as a
    > developer and allows you to use as much of their products as you want in a
    > lab environment without license infringement. I personally have an MSDN
    > license for this reason.

    I don't but I'm not that interested in Microsoft, however I do get Your
    point and I fully support it - that's why I tried numerous times to
    discuss freeing some tools Cisco uses internally to broader audience.
    We may see that shortly in Cisco Academies through the world (and while
    it is surely not my achievement, I'm very happy it will happen
    eventually).

    > Who on this list has implemented Dynamips into a production environment?
    > The answer is going to be no one because it is not built for production. If
    > that was the goal of these users then I can see the problems with it but it
    > is not. In fact Cisco themselves have long seen the need for virtual
    > testing thus IOU was created many years ago for Cisco employees. I used it
    > extensively as an employee.

    Sure, me too, and a lot of people I know both within Cisco and externally
    uses it. But thinking that Cisco is introducing licensing just to cut out
    people using dynamips is silly.

    ReplyDelete
  15. > Cisco needs to implement some type of developer licensing that allows us all
    > to continue to learn about their products and propagate their agenda or it
    > will hurt them in the end. Creating a Cisco Developer license would be the
    > right direction to take and I would gladly purchase a developer license as I
    > think many others would as well.

    Something like this, and a couple of other ideas are circling internally.

    > When I worked for Cisco in 2007 it was announced from John Chambers that his
    > goal was to have 50,000 CCIE's by the end of 2010. Now either this goal was
    > lost in translation to the Learning at Cisco team or there has been a change
    > in the direction of the program. Or they just haven't worked everything out
    > to fully bring that goal to fruition.

    It would be propably realistic if the world wouldn't change a bit
    between 2007 and now. Learning to CCIE, and then paying for having
    CCIE is propably too much for companies that without the economic
    problems we've faced would be able to - propably.

    > But right now you have a community of engineers that want to develop
    > their understanding of a product and contribute to Cisco's end goals
    > being cut at the knees for doing so. In my opinion that is a very
    > strange relationship.

    Again, I don't see Cisco doing licensing program just because somebody
    did write dynamips. Licensing was on a roadmap from a long ago
    (AFAIK just as IOS-XR was put on the paper by Kirk Lougheed and some
    other people, but I didn't go deep on that so I may be wrong on the
    dates), but in terms of such big company it is a nightmare to
    implement it in real life - that's why it took so long and goes only
    with new products and it is not backward applicable to the old ones
    that are finishing their lifetime.

    Actually, author of dynamips was working or was invited (I don't
    know details but maybe some others or he himself may fill in them)
    to Cisco to discuss with the development some ideas.

    ReplyDelete
  16. > In the same way having a community of the top engineers continuing to be
    > comfortable and knowledgeable about Cisco's equipment in the end is going to
    > be the better pay off for Cisco, at least in my opinion, then cutting off a
    > large part of the community due to their economic circumstances or lack of
    > availability to equipment because of not being lucky enough to work for the
    > right company at the time.

    That's also my idea of going forward. I'm for tools that would
    be lightweight enough to use on your personal PC and would
    give you ability to look at bigger designs, problems, best
    practices etc. And I'm pretty sure such tools will be available
    soon, either from Cisco or from other 3rd party companies. They may
    be limited somewhat, specially with the higher-end OSes like IOS-XR,
    but as PC horespower is constantly going forward, it may be that
    control plane of even the beffiest gigants will be available to
    train, teach and test.

    And to add - I don't know the exact reasons dynamips was halted in it's
    development, but I don't think it was Cisco fault.

    > Tyson Scott - CCIE #13513 R&S, Security, and SP

    I'm a #15929, R&S and SP by the way. But that is entirely out of the
    discussion thread :)

    Best regards,


    "Everything will be okay in the end. | #ukasz Bromirski
    If it's not okay, it's not the end. | http://lukasz.bromirski.net


    In any event, it's not just Darby Weaver "inventing" the story and I'm sure Chris Jacobs, CCIE Global Program Manager did not fabricate an untruth when she answered my query either.

    There is probably the case of "Dyna-something" and it may well be Dynagen but they have Dynamips on their site in what looks pretty equal to more un-educated eyes. I guess maybe others make the same the mistake.

    It's like using the term Coke as "soda" for example.

    ReplyDelete
  17. >While I actually work for Cisco, I'm also involved in couple of
    >Open Source initiatives (for which Cisco doesn't pay), and I'm constantly
    >challenging our internal teams with questions and concepts that peer out
    >of "let's sell that!" idea.

    You work for Cisco Darby? Really?

    ReplyDelete
  18. As a network engineer I can tell you this: if I have more experience with Juniper, because I was able to learn quicker and faster how they work when somebody will try to get a answer from me what to use, I would tell him to use Juniper.
    In fact companies are buying what designers are recommending.

    From my point of view without a proper testing and emulation software cisco will never sell at the full capacity. The creation of an advanced emulator freely distributed should be a marketing campaign.

    First one who will have a full learning network and will "force" network engineer to learn cisco (most of them will know cisco only, because time is limited, will be easy to learn, everything clear) will win the market. And as an example, take Microsoft: you CAN test what you learn, quick and easy, the books are clear, this is the book, this is the exam, nothing more to ask. And everybody know that the difference between linux and microsoft machines is moving to microsoft step by step. Every cisco employ against the idea of an freely emulator and free study/learn version of IOS and books should ask himself why the MSDN and MSDNAA exist.

    ReplyDelete
  19. It seems to me that dynamips could still be used indefinitely from a training point of view. No matter what code you are running ie 12.2 , 12.4, 15.1 etc. there will always be commands:
    config t
    router bgp
    router isis
    mpls ldp
    pilicy-map
    class-map

    no matter what code you are running. I don't forsee the death of dynamips until the majority of companies (large and small) start to run IOS-XR based routers in their network. I believe that it will be a very long time before that happens.
    Meanwhile, using dynamips to study and test technologies will remain feasible since most commands will be the same and most companies are still running 12.x trains of code in their network.

    For example, the ISP I work for still has 11.x code running on 2500 teminal servers, 12.0 code on 7500, etc. In my experience, companies don't just go upgrading code willy nilly to keep up with the next best things. Usually you find a code with minimum bugs and when you find one that works, you let it roll for years until you upgrade to take advantage of a new feature etc.

    I see no death to dynamips, not even in the next 10 years. Maybe Im overOptimistic. But this is my experience.

    thanks,
    rock

    ReplyDelete
  20. Just my impression as a cisco employee. I don't remember Dynamips ever being discussed in any conspiratorial way. Cisco most definitely didn't start licensing ios because of dynamips. That is laughable.

    I've used Dynamips, but our internal simulation tools are superior and highly confidential. It would be shocking if we released them in any way. Shipping a few routers for education purposes is a lot cheaper than the value of our simulation tools.

    ReplyDelete
  21. Michał Orlęcki09 February, 2011 01:25

    It's not about less experts for Cisco. Who cares about that? They already have too many and frankly, existing ones won't mind pay rise (when field thins out a bit).

    The problem is with more experts for Juniper, Vyatta and others (let's not put Mikrotik as serious contender in enterprise data delivery space :>) A horde of new, fresh engineers, that will drive support costs of those platforms way down and will also act as strong evangelists for their products. You have to admit, that both Vyatta and Juniper are disruptive force, just like Firefox and Linux was to Microsoft's IE and Windows systems. You can already see how frequently windows is deployed server-side :P

    ReplyDelete
  22. End of Dynagen/Emulator = End of Cisco
    Networkers are cisco's indirect customers and only because of them, cisco is what it is today. Crippling network engineers of hands on training on their gear will hamper their products' sales in a huge extent. Gone are the days of cisco's monopoly; Today is the age of compitition and all have to provide what the customer demands.


    It may be a rumour of some kind, but what I've heard is that a group of Indo-Chinese companies are tying up to form a virtual company developing open source software which will run on their network hardware boxes.

    This software is supposed to be developed and running on Linux, harnessing its opensource nature, while in an effort to make the products drastically cheaper than Juniper and Cisco. The network operating software will be similarly develped by protocol developers and have a common look and feel of any GUI based Linux application. It will also have a frontend GUI/desktop and backend kernel.

    Additionally it will also implement Intel's multi-core processors with other 3rd party ASICs to deliver unmatched performance with the capacity to bear loads of traffic, network protocols & advanced services. - An all in one box

    Because companies will get to select the hardware features & will only have to pay for the hardware, it will be cost-effective as well as universally standardized. They are expecting to provide an SDK for open developers to design new features and thereby ease configuration, troubleshooting, and network management. One of their endeavour will be to help networkers by adding virtual training emulators through their box and also get to know the results of the traffic flow in advance of actual implementation of a particular configuration.

    Now this is where the future of networking could be, and hopefully Cisco, Nortel & other giants may also be a part of it.

    (Note: I'm working in a company which is developing similar network products)

    ReplyDelete
  23. howcome that my cisco 3560 image is running on dynamips using 7200 platform? cant understand why... anybody has an answer?

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.