Cisco Modeling Lab (VIRL) behind the scenes

The first hints of VIRL started appearing around Cisco Live US 2013 where the product development team demonstrated Cisco’s take on 21st century network modeling tool. A few days ago, Omar Sultan, Joel Obstfeld and Ed Kern gave us a brief peek behind the scenes of this totally awesome tool (note to Cisco haters: I haven’t been drinking the teal Kool-Aid for a long time – this is my honest impression).

Name change first: the marketing department obviously couldn’t cope with Cisco having a viral product, so they diluted the message with corporate marketese, inadvertently creating an acronym that can be easily pronounced (hint).

Disclaimer: The information in this blog post comes from a WebEx-based briefing I got from Joel Obstfeld and Ed Kern. I haven’t tested the product yet nor have I seen any documentation.

Behind the Scenes

Here’s a brief overview of what’s going on behind the fancy UI (more about that one in a follow-up blog post).

No CPU emulation. CML runs all networking software natively, with each device being in a separate VM. IOS XE is already available in that format (CSR 1000V), as is NX-OS (Titanium), classic Cisco IOS (virtual IOS used for onePK development) and IOS XR.

The CML developers claim that the IOS software bundled with CML comes from the same source code as the software available for different hardware platforms on CCO (including the same control/management plane bugs).

No ASIC emulation. Networking software used by CML does not emulate ASICs. Control and management planes are obviously unmodified (because they’ve been forever decoupled from hardware – CoPP might be an exception), data plane is completely rewritten to perform forwarding in software using E1000 or VXNET3 device drivers.

Data plane rewrite will obviously result in temporary gaps in forwarding feature coverage. IP and MPLS forwarding works today, and there are still some layer-2 gaps.

No forwarding plane degradation. Data plane rewrite implements CEF forwarding in software – they haven’t cheated by punting everything to process switching.

Obviously the VM forwarding performance is capped (so you won’t be able to use CML in a live network).

OpenStack/KVM based. If you want to run numerous virtual machines (networking devices) on the same physical hardware, you obviously need a hypervisor and an orchestration system. CML developers chose OpenStack with KVM (but you wouldn’t know it).

Reasonably low footprint. CML uses KVM memory caching/sharing tricks to reduce the memory consumption of individual VMs, allowing you to run 6-7 IOS images (or 4-5 IOS XR images) in a CML VM with 8GB of RAM. Obviously the memory consumption increases if you mix software images (because fewer VMs use the same memory pages).

OVA or bare-metal install. You will get CML in OVA format that you can easily install and run in VMware Player, VMware Fusion or any other desktop virtualization product of your choice. The OVA has an install script that will create OpenStack environment within the virtual machine and use nested hypervisor approach to run network device VMs within the CML VM.

For large-scale deployments you’d want to install CML on a powerful bare-metal server with plenty of RAM and CPU cores. They’ve shown us a topology with 50+ routers happily running on a UCS C-series server.

Design on laptop, launch somewhere else. CML has two components: network topology and protocol design engine (and UI), and the execution environment. They are totally independent and exchange information in text files in XML format (ideal for automation or versioning).

You can thus easily design the network topology on your laptop (even while being offline sitting at the airport like I’m at the moment) and execute the model on a high-end server waiting for you in your office.

First impressions

The skeptics will say “Yeah, the same thing as ****, only a year later” … and they might be partially right. However, it seems (so far) the VIRL/CML team made all the right choices and generated a fantastic product (I have barely started … wait till I start drooling over the network design/UI features). The last product from Cisco that got me so excited was UCS.

Now let’s just hope that someone doesn’t decide to cripple the product between now and FCS (which should be in Winter 2014), and you’ll definitely hear more about it when I manage to get my hands on an actual demo.

21 comments:

  1. Anonymous 24 October 2013 11:38
    FCS in winter 2014? Is it that far away? Was expecting some kind of release a couple of months from now.
    Replies
    1. Ivan Pepelnjak 24 October 2013 13:27
      2014 starts and ends with winter ;) I hope we'll see it in early 2014.
  2. Anonymous 24 October 2013 13:31
    Yeah. I really hope Cisco does not mess this up. Watching Hitchhikers guide to OnePK and would be really useful to have VIRL and development in one environment. That would really help for us engineers that need to learn some programming as well.
  3. Henk 24 October 2013 14:16
    Will you be able to attach the virtual network on your laptop/PC via VIRL to a real network ?

    Say you have a lab with 10 real routers. Running IS-IS. Now you attach your PC, which has a 100 virtual (virl) routers. Suddenly your IS-IS network has 110 routers, consisting of a combination of real and virtual routers. This could be a nice way to check interoperability.
    Replies
    1. Ivan Pepelnjak 25 October 2013 09:33
      Yes. They said you'll be able to add your VMs to the environment (servers ...) as well as interact with the outside world through the usual "physical" Ethernet interfaces.

      Keep in mind that CML is nothing else than a single-host OpenStack deployment - anything you could do in OpenStack you could (theoretically) do with CML.
  4. Oliver 25 October 2013 04:41
    I'm sure they are tight lipped on pricing / licensing specifics...but any hints as to who they expect a typical customer for this might be? Large enterprises/SP's, individuals running labs at home, etc?
    Replies
    1. Anonymous 02 November 2013 10:44
      Actually you could contact the Cisco accounting team, they do disclose the preliminary pricing information. And yes, everyone would get some. It's not too cheap though.
  5. Dean Smith 28 October 2013 18:14
    We've been running 70+ router emulation environments via Dynamips for some years to verify routing policy changes etc. hooked up to physical test kit when necessary. The ability to have a Cisco provided solution running on Cisco Hardware (C Series Servers) that is fully supported is really exciting. I'll certainly be hassling my Account Manager for more info.
  6. Anonymous 30 October 2013 15:55
    no more need for consultant firms, the customer can play on VIRL until he gets his design right.
    Replies
    1. Ivan Pepelnjak 31 October 2013 09:01
      The behavior also known as Infinite Monkey Theorem ;)

      http://en.wikipedia.org/wiki/Infinite_monkey_theorem

      Sweet dreams!
    2. Chris Gray 31 October 2013 13:36
      sure but seriously, if your a skilled engineer but say not expert on MPLS TE on the IOS-XR routers. Now it seems like with a few days on VIRL you can be therefore it can probably be a good way to reduce consultancy costs if you already have a team of strong engineers who need to learn a new technology.
    3. Ivan Pepelnjak 03 November 2013 08:21
      If you are fluent in the nuances of MPLS TE (technology details and design challenges) then VIRL will definitely give you hands-on experience you need prior to deployment - so you'll be able to do the deployment yourself instead of using consultants.

      If you think VIRL will give you design expertise, then my original comment still applies ;) See also RFC 1925 section 2.4
  7. DanC 03 November 2013 19:23
    RFC 1925 section 2.4 - Haha! Good one, haven't seen that before :-)
  8. Anonymous 24 November 2013 21:32
    Still on the fence about this solution of short-cutting the forwarding plane versus what Juniper is doing with things like Virtual MX. With the VMX Juniper is actually emulating the PFE, so the throughput is terrible, only around 1kpps, and it takes a lot of CPU resources, but it truly tests both control and forwarding plane, including things like hashing.
  9. Anonymous 27 November 2013 22:25
    Any updates for VIRL as 5.1 released and they said VIRL will be with 5.2 release...
  10. Jason Wong 10 December 2013 10:19
    Each virtual routers are basically VMs orchestrated via OpenStack via Java based GUI called VMMaestro ,copyrighted Cisco (not Oracles as many bloggers suggested). Wish bloggers would stop blogging based on others blog. :-)
    Networking is through virtual switches, tap / tunnels,so no reason you cannot connect them to a physical box .
  11. Anonymous 28 December 2013 00:10
    Ivan, Have you heard any further updates on this matter? Thanks,
  12. Haara 02 February 2014 22:48
    At Cisco Live in Milano last week they had a demo of CML running that you could try out in the walk in labs and also on display at the learingnetwork booth. They're releasing two versions of it one for private use that would cost aprox $100 and with a 15 device limit and then a corporate version with no limits but the guy i talked to didn't know the price for that one yet.
  13. Unknown 02 January 2015 13:14
    Well! How can I forget about RFC 1925 section 2.4. What's about that quote which was too common at that time? "Some things in life can never be totally appreciated or understood until experienced firsthand".
  14. Anonymous 09 June 2016 12:45
    Is it true that NX-OS implementaion on VIRL still does not support any of the data centre features, like OTV, vPC, LACP? I am not a user, but thinking of moving from GNS3 to VIRL. And then this came up...
Add comment
Home
Sidebar