Time to Overhaul Your Campus Network
Over the last few years cloud service providers have steadily adopted white-box Ethernet switches and modern, flexible Network Operating Systems into their ecosystems. Mega data center operators, such as Google, Amazon, and Microsoft, have replaced their proprietary gear with white boxes in their production environments. The major benefit of this paradigm shift is significantly reduced CapEx and OpEx, a more reliable environment, and customized traffic flows for efficiency. According to IDC, the worldwide ODM direct Ethernet switch (white box) market was $677 million in 2016 and is expected to exceed $900 million in 2017. That’s a growth rate of 33%, and the trend is accelerating.
The shift in white-box adoption started as early as 2012, but has been limited to data centers for many reasons. Even though Enterprise IT executives are motivated to adopt white-boxes, the migration has been slow and challenging. Essentially, the Enterprise network is distinctly different from data center network in many ways.
- The data center network is usually homogeneous, while the Enterprise network is heterogeneous. Typically, Enterprises require a variety of speeds ranging from 100Mbps to 100Gbps, and run over different cables, including various types of copper and fiber. The increasingly deployed Power over Ethernet (PoE) Continue reading
Time to Overhaul Your Campus Network
Over the last few years cloud service providers have steadily adopted white-box Ethernet switches and modern, flexible Network Operating Systems into their ecosystems. Mega data center operators, such as Google, Amazon, and Microsoft, have replaced their proprietary gear with white boxes in their production environments. The major benefit of this paradigm shift is significantly reduced CapEx and OpEx, a more reliable environment, and customized traffic flows for efficiency. According to IDC, the worldwide ODM direct Ethernet switch (white box) market was $677 million in 2016 and is expected to exceed $900 million in 2017. That’s a growth rate of 33%, and the trend is accelerating.
The shift in white-box adoption started as early as 2012, but has been limited to data centers for many reasons. Even though Enterprise IT executives are motivated to adopt white-boxes, the migration has been slow and challenging. Essentially, the Enterprise network is distinctly different from data center network in many ways.
- The data center network is usually homogeneous, while the Enterprise network is heterogeneous. Typically, Enterprises require a variety of speeds ranging from 100Mbps to 100Gbps, and run over different cables, including various types of copper and fiber. The increasingly deployed Power over Ethernet (PoE) Continue reading
A Road to Open Networking: Focused Deliverables, Measurable ROI, Same Sheet of Music
Every day at Pica8 we are supporting a global customer base involved in creative, leading–edge applications using the PicOS NOS on white box switches. We develop the software to meet the latest challenges of complex protocol sets, high performance switching requirements and operational demands.
We often face the RFI/RFQ that appears to be boilerplate for incumbent switching solutions – the protocol set is classic legacy L2/L3, and is comprehensive. Customers may have working solutions, but they wonder if they can achieve better ROI with “white box” and independent Network Operating System software. It can be difficult – DevOps and network programmability call for organizational transformation, and a problem-free rollout may be elusive.
Here’s a project example that elucidates the gradual approach that gets people involved and engaged. After describing a sequence of steps, I’ll highlight the transformation that has been achieved. And YES, CLI is not dead.
Steps to Deployment
– Team responds to an RFI for access and data center network switches
– Customer provides an RFI response, and Pica8 receives customer-defined Proof of Concept requirements
– Participate in PoC onsite lab testing, get the scorecard – 2 months
– Roll up sleeves and deliver Continue reading
What does it mean that Cisco will sell Software?
Our friend Cisco made a big announcement this week – “Cisco has built a new networking operating system that will allow users to run its most sophisticated networking features on older and lower cost Cisco routers and switches”.
We welcome and are in fact quite excited about this change. This validates the inevitable paradigm shift of the segregation of network hardware and software, and even a big titan like Cisco cannot stop the change.
If you can recall Cisco’s then-CEO John Chambers’ talk in 2015, Chambers dismissed SDN and white box makers, saying “We are seeing no unusual competition in the market, no unusual competition with white-label or white box [vendors], nor will we in the future.” Even in mid 2016, the new Cisco CEO, Chuck Robbins, still maintained the same tough position, stating “There’s a misconception that’s driving the belief that all customers want to buy white box switches”. That was less than a year ago, and the world has completely changed.
So Cisco has changed their opinion. The market is going through a paradigm shift, and I actually admire Cisco’s courage to embrace the changes instead of fighting them. Cisco has been leading the networking industry Continue reading
White Box Switches Have Grown Up
White box switches have come a long way. The recent activities in OCP validate the vision and progress of white box switches, and more importantly it is clear that this trend is progressing from data centers to enterprises. I remember when Zeus Kerravala wrote in his 2016 article, “White Box Switches are Now Ready for Prime Time,” he pointed out three important advantages:
– Cost and reliability
– Features and capabilities
– Network operations
As a NOS vendor, we see NOS is being adopted into production environments. Even though there are still challenges with white box switches going from data centers to other segments, there is no doubt the networking industry has moved onto the path toward white box switches.
From what we saw at OCP Summit, the overall reliability of white box switches is improving, and in many cases, they are more reliable than some brand-name hardware. We can now find dozens of vendors providing white box switches. These vendors come with different backgrounds and carry out different approaches in designing their hardware platforms. In OCP, we can see three clearly different types of vendors providing white box switches:
- Brand name vendors, such as HPE and Dell. This group Continue reading
Scaling up SDNs using TTPs (Table Type Patterns)
Software defined networking (SDN) solutions have been in the labs for a while, primarily to explore functionality and understand what possible benefit they could bring to current infrastructure and operations. Over the past couple years, SDN has emerged as a strong alternative for IT operations in the areas of WAN, data center and the overlay solutions. The primary benefit realized, besides open networking, is the ability to accelerate service deployments. SDN solutions using OpenFlow tackled complex problems including dynamic provisioning, interconnection and fault management. While the functionality of SDN evolved and matured, the scale of SDNs was still tied to ternary content-addressable memory (TCAM). OpenFlow by design was implemented in the TCAM.
A brief on Ternary Content Addressable Memory (TCAM)
TCAMs are special memory devices that enable most of today’s intelligent networks. They enable match on a masked bit value rather than a binary match. This greatly enhances the usability of TCAM for network applications. There are many articles one can find on the Internet to get more details on TCAMs, but primarily they were responsible for the ideation of SDN. The possibilities in creating a policy-based forwarding model with a wild-card match introduced a multitude of network applications Continue reading
What Would You Do With Two Million Flows?
Today, Pica8 announced support for Table Type Patterns (TTP) in PicOS, our leading SDN operating system. The premise of this announcement is that with TTP, network engineers and operators can now implement SDN at greater scale – in some cases, up to two million flows (a 1,000x increase from previous methodologies) – while still using standard, white box hardware.
The magic of the technology is how PicOS can seamlessly leverage the capabilities of different switch ASICs. This empowers users with greater choice, and enables them to take advantage of unique capabilities of the ASIC they choose – such as memory space, programmable pipelines, and table management.
In terms of how we achieve greater flow scale with TTP, it’s similar to what I wrote about OpenFlow scale last year: all tables within the ASIC (VLAN, MAC, IP, TCAM, etc) are exposed and can be programmed via OpenFlow. But what’s more interesting is how we are seeing customers put this functionality to use.
Example 1: Cloud Brokering
For ISPs, automation and self-service portals are nirvana for the reduction in OpEx alone. If a customer wants to increase their bandwidth from 10Mbps to 100Gbps, but only wants to do it from Continue reading
Getting Back to Basics with SDN
Typically when things start to get complicated, we talk about getting ‘back to basics’. The premise, of course, is to better compartmentalize, keep things in simple, digestible chunks, and not lose sight of the fundamentals.
For instance, if you’re not hitting the golf ball straight, it’s because you’ve incorporated too much variance into your swing. A good golf instructor will break the swing down into its components, and help you work on the basics.
We’re pretty far into the software-defined networking (SDN) hype cycle now. Every networking company (or even network service company) has an SDN story. In a lot of cases, SDN is still vapor-ware or marketecture. And for customers, there’s plenty of ‘SDN fatigue’ – which story should you believe?
In short, things have gotten a little complicated.
So what does getting back to basics mean in an SDN context? It’s means understanding the fundamentals components of an SDN solution. Fortunately, we can draw from real data and learn what’s working from customers that have already deployed.
Recently, EMA published research on the impact of SDN on network management. The report featured survey data from over 226 early adopters of SDN – both in the service roviders and Continue reading
Adding a Full API to PicOS
Pica8′s PicOS is a Linux network OS based on Debian. This makes it easy for our customers to integrate their own tools or applications within PicOS. We are compatible with all the leading DevOps tools, such as Puppet, Chef, and Salt; and of course, we support OpenFlow.
But what if you would like to have an application on the switch itself to manipulate its data path? This is beyond the standard DevOps model and is not aligned with the traditional OpenFlow model, which uses a centralized controller.
Typically the requirement for such an application would be:
– A switch using traditional L2/L3, as well as an API to override those L2/L3 forwarding decisions.
– The API could be called on the switch itself while the application is running on the switch (that requirement would forbid a centralized OpenFlow controller).
For this use case, most network equipment vendors have an SDK (Software Development Kit) to program native applications running directly on the switch. A good example would be the Arista EOSSdk.
One big issue with those SDKs is that they are “sticky.” Once you develop your application, it only runs on the SDK provided by your vendor, Continue reading
Adding a Full API to PicOS
Pica8′s PicOS is a Linux network OS based on Debian. This makes it easy for our customers to integrate their own tools or applications within PicOS. We are compatible with all the leading DevOps tools, such as Puppet, Chef, and Salt; and of course, we support OpenFlow.
But what if you would like to have an application on the switch itself to manipulate its data path? This is beyond the standard DevOps model and is not aligned with the traditional OpenFlow model, which uses a centralized controller.
Typically the requirement for such an application would be:
- A switch using traditional L2/L3, as well as an API to override those L2/L3 forwarding decisions.
- The API could be called on the switch itself while the application is running on the switch (that requirement would forbid a centralized OpenFlow controller).
For this use case, most network equipment vendors have an SDK (Software Development Kit) to program native applications running directly on the switch. A good example would be the Arista EOSSdk.
One big issue with those SDKs is that they are “sticky.” Once you develop your application, it only runs on the SDK provided by your vendor, so you Continue reading
Are white box switches less secure?
Are white box switches less secure than proprietary alternatives like Juniper or Cisco switches?
Gregory Pickett, Founder of Hellfire Security, did a presentation about white box security during the last Black Hat conference, triggering a multitude of news articles which we will study in this post. Without dwelling on the author mixing ideas between SDN and White Box Networking (which is quite common these days – the title of the presentation is about SDN and the presentation is all about white box networking security) the security issues raised are real.
Those security issues are either network operating system (NOS) specific (which I will not comment on as none of them are related to PicOS), or Pre-Boot related (Bootkit). I will focus on the key issues relating to security of NOS boot loaders, specific to Open Networking / White Box Networking.
Rootkit and Bootkit
The typical goal of a malicious user is to install a rootkit on the device under attack. A rootkit is a collection of software designed to enable unauthorized access while masking its existence.
Because NOS’s protection mechanisms are becoming more elaborate, a new kind of attack came up. This type of attack bypasses all NOS security by Continue reading
How More Services Providers Are Thinking ‘Outside In’
June usually signals two things in my household: the end of the school year, and the beginning of the trips to the multiplex for the latest family-friendly animated movie. This year is no different, and from everything we’ve heard, Disney / Pixar’s latest entrant, Inside Out, is a winner.
While animated and emotion-based avatars are cute and funny, it’s the reverse concept that’s driving a lot of service provider thinking. And that is, thinking from the ‘Outside In’.
What do I mean by this? It all depends on the point of view. For a service provider that’s managing a network, be it global, regional, or metro, there’s a natural tendency to think about starting from the core and extending it out to edge. For this network, it’s important to have a reliable, super fast core – big fast iron that can process packets and bandwidth at really fast rates.
This is certainly important, but in order to differentiate and add value to their customers, service providers are investing more at the edge. They are thinking about how to wrap up and package network functionality, offer these up as monetized services, and distribute these all the way to the customer premises. Continue reading
The White Box SDN Twitter 45
With SDN and white box news flying fast and furious through the Internet, it can be hard to keep up with really great articles. Twitter is a great place to monitor breaking White Box and SDN news, but where do you start? This blog presents a list of 45 top White Box SDN Twitter handles you should follow to keep up. The following Tweeters have their fingers on the pulse of White Boxes and SDN. See the list below or follow the whole group at Pica8’s SDN 45.
- @bigswitch – Big Switch Networks
- @BradCasemore – Brad Casemore
- @capveg – Rob Sherwood
- @CIMICorp – Tom Nolle
- @Cloud_SDN – Cloud SDN
- @colin_dixon – Colin Dixon
- @craigmatsumoto – Craig Matsumoto
- @CumulusNetworks – Cumulus Networks
- @DanPittPaloAlto – Dan Pitt
- @e_hanselman – Eric Hanselman
- @ecbanks – Ethan Banks
- @etherealmind – Greg Ferro
- @IEEESDN – IEEE SDN
- @ioshints – Ivan Pepelnjak
- @IPv6Freely – Chris Jones
- @jonisick – Joe Onisick
- @JRCumulus – JR Rivers
- @martin_casado – Martim Casado
- @mbushong – Michael Bushong
- @mitchwagner – Mitch Wagner
- @NetworkedAlex – Alex Walker
- @NickLippis – Nick Lippis
- @ONLab_ONOS – Open Networking Lab
- @ONUG_ – Open Networking User Group
- @OpenDaylightSDN – Open Daylight Project
- @openflow – Open Networking Foundation
- @OpenSourceSDN – Continue reading
Demystifying myths in the networking industry
I have great respect for my previous company, Cisco Systems, and truly believe that the company has successfully brought a disruptive approach of applying network technologies to answer major business challenges.
Working at Cisco was like being conferred with an honorary doctorate from an Ivy League school in engineering, management, leadership and entrepreneurship simultaneously . The experience of working in multiple lines of businesses was helpful in shaping the mindset on how best to manage innovations and productize them so that it was mutually beneficial to the customers and the company. This productization often required an intense validation process, which resulted occasionally in some really cool technology ideas not ever seeing the light of day. Thoughts presented for the rest of this blog are an attempt to share my experience and possibly dispel some myths in the industry.
Myth – One Vendor Can Answer All Networking Requirements
Network vendors for the longest time have enjoyed a monopoly (or duopoly). If an organization had some IT infrastructure requirements, there were a handful of vendors that would satisfy all their needs. This was great for everyone! As a measure of risk mitigation, a famous unwritten policy surfaced that “you would not lose your Continue reading
The Flip Side of Overlays
Why Labeled BGP on White Box Will Disrupt How We Buy Routers
For those of us that are old enough to have or remember a record collection, there is familiarity (and probably a little nostalgia) for the term “flip side.” In this context, flip side refers to the B-side of a standard vinyl record, and refers to secondary recordings or bonus tracks that weren’t as heavily marketed as their A-side counterparts.
Why am I writing about an antiquated music medium? And what does this have to do with networking? I bring this up because it’s an interesting parallel with what’s happening with network overlays – and specifically, how these are viewed from the “flip side,” or in other words, the different points of view from the consumer and the provider.
First off, some background. In the simplest terms, an overlay is a logical network that enables you to create paths and connections on top of (and in many cases, regardless of) the physical connections between the end points. More importantly, overlays are a critical construct because they enable network operators to create more virtual subnets – which in turn support multi-tenancy, VM mobility, and service differentiation.
These are all Continue reading
White Box Acronym Soup
The LightReading blog, Open Networking Acronym Soup, covers all the interest groups, communities and standards bodies that are driving this idea of Open Networking, which in itself is a grab bag of topics around SDN, NFV and of course white box/bare metal switches. A recent blog post struck a chord with me at first because the author, Marc Cohn, is a good guy and a friend.
But secondly, and more importantly to everyone else, is to point out his astute observation that “we” (people, users and vendors) try to simplify stuff by using acronyms. I agree. In my past job at Infoblox, people always wanted to know what DDI meant, I would reply in my standard excited way “DNS, DHCP and IPAM’’ and most would agree that DDI was easier to say. So let’s take a look at the acronym soup and examine several key factors that you should know about white boxes. And I will lay them out here and try to keep it simple and break the list into two sections, what you should know now, and what you need to keep an eye on…for now.
OCP – Open Compute Project – This is an organization driven Continue reading
Establishing the Big Data Connection
Establishing the Big Data Connection
Many network vendors will tell you that their network equipment is built for Big Data. However, once deployed, do you have enough Big Data context to effectively monitor, troubleshoot, triage and tune your network? In most cases the answer is no! When designing and deploying a network, administrators must consider whether this network will provide enough Big Data context?
Before we go any further let’s define BIG DATA context.
BIG DATA context is the ability to correlate Big Data events and protocols back to network events and protocols and to be able to classify BIG DATA network flows correctly. To establish the Big Data Connection, we’re going to discuss the requirements to ensure a network is in the class of networks that have Big Data context, how administrators can possibly achieve this, and the role network programmability and agility play in this discussion.
Now let us see how we can build BIG DATA context and act on it.
Building Big Data Context
Network monitoring, tracing, visibility and reporting with Big Data context is accomplished with network equipment that is able to export flow statistics, counters and flow DBs and leverage open systems to classify such Continue reading
Zero Touch Provisioning in a Bare Metal World
Who doesn’t like automation? If you’re speaking to somebody in IT, then the short answer is “nobody”.
While the term Zero Touch Provisioning (ZTP) might be increasingly more common to networking, the concept of automation has existed for years in IT. At its core, ZTP is an automation solution that’s designed to reduce errors and save time when an IT administrator needs to bring new infrastructure online.
This is particularly useful for data center servers, where scale and configuration similarities across systems make automation a necessity. In the server world, the Linux-based operating system has revolutionized on boarding and provisioning. Rather than using command-line interfaces (CLI) to configure these systems one at a time, administrators can use automation tools to roll out the operating system software, patches, and packages on new servers with a single command, or the click of a mouse.
Advanced scripting capabilities also allow administrators to tailor the boot configuration of these systems with profiles for specific applications. So for example, if you need ten servers for a new Hadoop cluster, you can load this with one profile, but if you need six new servers for a new web application, you can Continue reading
Scaling SDN: Is OpenFlow Ready for Prime Time?
Pica8 Says ‘Yes’ and Challenges the FUD
Up to this point, OpenFlow has mostly been deployed in research and higher-education environments. These early trials have shed some light on interesting use cases, what OpenFlow is good for, and of course, what OpenFlow might not be so good for.
This is important because OpenFlow and SDN adoption is only going to grow. It’s imperative that we understand these limitations – specifically, what’s real and what’s FUD.
One of these is scale.
If you’ve kicked the tires on OpenFlow, one question you may have heard is “How many flows does that switch support?” However, this question is only part of the story. It’s like asking only about a car’s top speed when what you should be thinking other things too – such as fuel efficiency and maintenance. So to figure out the right questions, we first need to go over a bit of background.
In its most basic terms, any network traffic, whether it’s Layer 2, Layer 3, or something else, is governed by a of forwarding rules as defined by a series of protocols. If it’s this MAC, do this. If it’s that IP, go Continue reading
The History of Open
Everybody is talking about “open” this or that – from Cisco making claims to new companies embracing open source code as a means of developing or accelerating their go-to-market strategies. But what does “open” really mean?
One challenge in using a broad and you might say amorphous term like open is that it can lead to confusion or a negative first impression that “this is just marketing.” To get some perspective, let’s look back a bit and see how we got to this point of open and what the original intent was.
Open systems are computer systems that provide some combination of interoperability, portability, and open software standards. (“Open” can also refer to specific installations that are configured to allow unrestricted access by people and/or other computers; this article does not discuss that meaning.)
The term “open” was popularized in the early 1980s, mainly to describe systems based on Unix, especially in contrast to the more entrenched mainframes, minicomputers, and engineering workstations in use at that time. Unlike older legacy systems, the newer generation of Unix systems featured standardized programming interfaces and peripheral interconnects. Third party development of hardware and software was Continue reading