Whitebox Hardware and Open-Source Software
One of my subscribers was interested in trying out whitebox solutions. He wrote:
What open source/whitebox software/hardware should I look at if I wanted to build a leaf-and-spine VXLAN/EVPN/BGP data center.
I don’t think you can get a fully-open-source solution because the ASIC manufacturers hide their SDK behind a mountain of NDAs (that strategy must make perfect sense – after all, it generated such awesome PR for NVIDIA). Anyway, the closest you can get (AFAIK) if you're a mere mortal is Cumulus Linux, and you just choose any whitebox hardware off their Hardware Compatibility List.
I also want to look into open source/white label for my firewalling needs, DMVPN over mGRE, and SD-WAN needs.
Apart from few firewall manufacturers touting their awesome ASICs nobody does firewalling in hardware, so all you need is an x86 server and an open-source firewall (suggestions welcome: please write a comment).
Modern open-source IPsec implementations already use AES-NI instruction set, so you could say you’re using whitebox hardware for your IPsec implementation even when you’re running OpenVPN on an x86 server.
DMVPN is proprietary as are all SD-WAN solutions so no luck there, although someone recently wrote about open-source SD-WAN solution. Had no time to dig deeper, and maybe they do have a high-quality open-source implementation, but their whitepaper is so buzzword-loaded that my BS detector experienced immediate overload.
- Dinesh Dutt described Network Operating System Models a few months ago;
- Russ White and Shawn Zandi talked about Open Networking in Large Data Centers in 2017;
- Adding to hours of content created by Dinesh Dutt, Pete Lumbis described new features in Cumulus Linux on October 15th 2019;
- Donald Sharp did a deep dive into FRRouting on October 22nd 2019;
- Speaking of EVPN, we added tons of new stuff (including MLAG-with-EVPN, service insertion in EVPN environments, and EVPN on hosts) in 2019.
For open-source-ish NOSes I guess you're down to Cumulus which is a product or SONIC which may be "more open" but doesn't seem to be commercially supported. In PCs and servers it was a big deal to get a more advanced OS for $0, but switches are not free and most people don't just have them lying around so a free-but-unsupported product has less appeal.