Whitebox Switching and Open-Source Networking Are not SDN
One of my readers left this comment to the Four Paths to SDN blog post:
You didn't mention Cumulus. SDN protocols become much less important when you have an open Linux switch platform. You can compile and install your own management daemon and implement whatever protocol best suits the task (and blend local and remote control).
Here’s my usual response to this line of thinking:
The above slide is from the keynote I'll have @ SDN Architectures event in Zurich in two days. There are still a few places left; registration instructions are at the bottom of this page.
Let’s start with what SDN is. According to the orthodox definition it’s the separation of control and data plane (in words of one of the engineers attending my SDN workshop: that’s exactly like SNA, we’ve seen how well that works). A more useful definition focuses on abstraction layer that allows everyone to focus on network services, not on implementation details.
Watch SDN 101 and Network Programmability 101 webinars for more details. The easiest way to access them is to register for the free Introduction to SDN course.
Linux-based networking does not give you one or the other. It might be easier to implement network automation with existing Linux tools, but that won’t give you an SDN solution – the individual Linux-based switches still have to talk to each other, and they usually do that using traditional networking protocols, because people who know what they’re doing (like engineers working for Cumulus Networks) have better things to do in their life than reinventing 20 years of well-running wheels.
Now let’s focus on the second part of the comment:
You can compile and install your own management daemon and implement whatever protocol best suits the task (and blend local and remote control).
You can do the same thing on a Junos box, and it’s even easier to do it on an Arista switch (listen to Software Gone Wild Episode 19 for a real-life case study). Cisco and HP still have a problem with this approach because most of their gear run on proprietary operating systems, but then keep in mind that you could use Tcl in Cisco IOS for almost a decade; Python was added to NX-OS a few years ago.
Writing Tcl code isn’t exactly fun for most people, but the point is that you could “program” Cisco IOS (the same way you “program” a Linux box with iptables CLI) a long time ago if you really wanted to. The fact that most people didn’t do that has more to do with the mindset (don’t touch a running box) than with the programming capabilities of the box.
On the other hand, the real beauty of Linux-based network operating systems (Cumulus Linux, Arista EOS and to a smaller extent Junos) is the ability to take any one of the zillion off-the-shelf packages and install it on your switch.
How could we ever survive without having figlet on our switches?. See Cumulus presentation @ NFD9 for more details.
Summary
Linux-based network operating systems make our lives easier (assuming you know your way around Linux), but apart from ease of integration with existing configuration management tools like Ansible, Puppet or Chef, they haven’t given us dramatic new functionality.
Finally, open-source networking and software-hardware disaggregation have nothing to do with network automation or software-defined networks. They are just different business models used by vendors who want to disrupt the existing status quo (see also: Be Wary of Geeks Bearing Gifts).
Disclosure: Cumulus Networks was indirectly covering some of the costs of my attendance at the Network Field Day 9 event.
"On the other hand, the real beauty of Linux-based network operating systems (Cumulus Linux, Arista EOS and to a smaller extent Junos) is the ability to take any one of the zillion off-the-shelf packages and install it on your switch."
Novell NLM anyone?
or
What about the certification of approved "packages" to install on your shining open source switch that is supporting a critical application.
Believe it or not sometimes the proprietary can be more secure.
After that they tout the supposed beauties of their architecture, not list the criteria you could use to figure out whether something is SDN or not.
I could do the same and argue that "SDN architecture is:" somehow defines what an SDN architecture is supposed to be based around.
Anyway, it's your blog and your way of "discussing" things by being a critic, nothing wrong here, just the Internet attitude I suppose.
Carry on as we need the hype to be addressed.
I, therefore, make you knight of SDN (although it does not make me king of SDN...maybe this needs to get full approval from his holiness Martin Casado)
Long live SDN ! Long live Rocket turtle !
What matters are getting packets to right place as fast/secure/reliable as possible and that includes provisioning of getting them moving.
:)
Thank you!
Ivan, If i were you, I would disable Anonymous comments because they are rarely important and are always considered "internet attitude" of trolling.
Art Fewell's recent interview with Rob Sherwood has an interesting exchange in which Rob states, "I think OpenFlow is very valuable but it's also, it's a technical solution to a business problem that we've had. This is to say, if you flashed back 7, 8 years when I started working on this; the idea that you could actually buy a switch and put your own software on it and there was enough hardware documentation and enough open source software to make that happen, it was actually, it just wasn't even on the table. The next best thing that we could hope for was a remote API into the low level forwarding plane on the box. That was how the OpenFlow was designed. Fast forward to today, we have things like, if I could put a small plug-in for my open source project, Open Network Linux. You can grab something like that and either deploy our OpenFlow, or write your own OpenFlow, or write something else."
You Four Paths to SDN article listed "Vendor-specific APIs" as one of the paths to SDN, but raised the objection that relying on a vendor specific API results in vendor lock in. Moving to Linux APIs to interface with network hardware avoid vendor lock in and allows operators to benefit from the Linux ecosystem of "zillion off-the-shelf packages" and as the ecosystem expands, hopefully zillions more. The Linux netlink API provides a good abstraction for interfacing with routing which is used by open source distributed routing agents like Quagga or Bird, or if you want a standardized remote API, you could use something like IETF Forces protocol.
Open networking hardware and Linux is moving SDN from being primarily concerned about protocols (which are required to communicate with closed systems) to APIs and software which seems to me the essence of software defined networking.