Welcome to the Dawn of OpenWelcome to the Dawn of Open--Source Networking.Source Networking.™™
Open Source Data Communications Networking
Dave RobertsVice President, Strategy
InteropNew York CityOctober 2007
2
Is Business Ready for Open-Source?
“Open source software solutions will directly compete with closed-source products in all markets.”− By 2008, 95% of Global 2000
organizations will have formal open source acquisition and management strategies
− Today, 81% have deployed or are considering deploying open source applications
− 72% plan to expand its use
Why? − 65% say open source has sparked
innovation inside their companies
− 67% … for lowered costs
− 81% … for better quality software
Sources: Gartner (2005), CIO Insight (2006), IDC (2006)
Slide Credit: Matt Assay - VP of Business Development, Alfresco
“Open source produces better software.”
3
Open Source Has Thoroughly Penetrated the Application Infrastructure
Operating SystemOperating System
DatabaseDatabase
Application ServerApplication Server
Application DevelopmentApplication Development
ApplicationsApplications
4
1969: ARPANET Internet Message Processor
Leonard Kleinrock and the first IMP, UCLA
5
1983: 4.2BSD gets TCP/IP
TCP/IP +
6
Late 1980s: Modern Routers
A Cisco ASM/2-32EM router deployed at CERN in 1987.
7
Late 1980s: Modern Routers
A Cisco ASM/2-32EM router deployed at CERN in 1987.
8
Examples of Open-Source Networking
TelephonyVPNFirewallRouting
Open Source Projects
IDS/IPS/ANTI-X
Zebra / QuaggaXORP
OpenVPNOpenSwanStrongSwan
AsteriskFreeSWITCHSIPxchange
SNORTTripWireClamAV
SpamAssassin
IPCopm0n0wallIPtables
9
2004: An Interesting Idea Brews
10
How Far Can Commodity Hardware Go?
11
The Experiment
Quagga
12
Problem: It’s String and Duct Tape
13
Wanted: A Vendor to Blame Vendor Support
MyriadOpen Source
Projects
SMBSMB
EnterpriseEnterprise
ServiceProviderServiceProvider
Vendor?
14
The Evolution of Open Source Networking
KernelKernel
RoutingProtocols
KernelKernel
KernelKernel
IP & RoutingProtocols
3rd-PartyExtensibility
IP AddressManagement
Debugging&
Packet Sniffing
AdministrationFeatures
Firewall
WAN Protocols&
Encapsulations Management&
Monitoring
Enterprise Grade SystemEnterprise Grade SystemComponentComponentDaemonsDaemons
routedgated Quagga
VPN
15
ProprietaryHardware
StandardHardware
x86 Ecosystem Economics
T3 Card $8,500 $3,000
2-Port T1 Card $2,000 $1,000
T1 Card $1,300 $700
GigE Card $3,500 $65
10/100 Card $1,400 $20
Memory (GB) $5,000 $100
Chassis $4,000 $1,000
Har
dwar
e C
ompo
nent
68%
50%
46%
98%
99%
98%
75%
ResultingCost
Reduction
16
Superior Price Performance
0%
25%
50%
75%
100%
64 128 256 512 1024 1280 1518
VyattaCisco
Line Rate (%)Gigabit Ethernet
Frame Size
HW: 2821SW: Cisco IOS
Twice The Performance
$0
$1,000
$2,000
$3,000
$4,000
Retail Price
HW: Dell PE860SW: Vyatta
Half The Price
17
Target: Mid-range Router / Firewall / VPN
Linksys
1800
2800
3800
7200
CRS-1
Performance
Pric
e
SOHO
Enterprise Branch SME
Carrier CPE
Enterprise edgeWAN core
Carrier core
Today’sFootprint
18
Open-Source Deployment Scenarios
InternetApplication servers
CommoditySwitch
VPN tunnel
Corporate HQ
CommoditySwitch
SME
Enterprise Branch
Colo / Hosting / Data Center
19
Asterisk Server
IP Phone IP Telephone Provider
SIP.VOIPCOMPANY.COMAnalog Phone
Telecommuting Employee’s IP Phone
POTS
Internet
Employee’s Router/Firewall
Open-Source in an Enterprise VoIP Network
Enterprise Router/Firewall
20
Open-Source for BGP peering
More Routes = More CPU & Memory
− 4 GB Memory Capacity today
• Extreme BlackDiamond supports only 256 MB max
• Juniper M7i and M10i support only 768 MB max
• Cisco 7200 with NPE-G1/G2 supports only 1 GB max
− Vyatta = x86 CPU Choice
• Juniper M7i and M10i run with a 400 MHz Intel Celeron!
• Cisco 7200 NPE-G1 is 700 MHz MIPS.
Up to 2 million total routes− 10 peers x 200,000 routes
Affordable Upgrade Path− Off-the-shelf memory & components
Your network
Just forwarding
Peering networks
Each router keeps N copies of the full table, one per peer, including each IBGP peer.
IBGP EBGP
21
Branch Office Virtualization
Application 1 Application 2RouterFirewall
VPN
Branch Office
Corporate HQ
VPN Tunnel
Reduce box proliferation, including networking
22Remote branch office, VMware ServerRemote branch office, VMware Server
HQ Server, VMware ESXHQ Server, VMware ESX
WAN
VPN Tunnel
10.8.12.0/24
10.8.13.0/24
10.8.14.0/24
eth1
eth0
.1
.2
eth2
eth0
HQ Users
Remote Users
eth1
.110.8.11.0/24
10.8.0.0/24
10.8.21.0/24
10.8.22.0/24.1
.10
.10
.1
.1.1
.1
.10
.10
.10
10.8.21.0/24
10.8.11.0/24 10.8.15.0/24
VMnet5
VMnet2
VMnet1
VMnet3
VMnet4
VMnet0
10.8.0.0/24
10.8.0.0/24
VMnet0
VMnet1
VMnet2
10.8.15.0/24
DMZ with public web server
Open-Source in a Virtualized Enterprise Network
23
Flexible deployment− Choice of Hardware
− Virtualization
− Blades
Value Added Services− Security – Routing+FW+IDS+Anti
− Management –Groundwork, Hyperic, Alterpoint
Upgrade Path− Box Consolidation
− Open Source / Linux-Based
− x86 Components
Open-Source Networks For Data Center & Hosting
Gateway WAN Edge
Distribution
T1/E1Connection
T1/E1 Connection
T3 Connection
VRRP
BGP
BGP
BGP
Aggregation Layer
Blade Servers
Shared Hosting
Mail Server
Database Server
Virtualization
24
How Far Can We Go?
Linksys
1800
2800
3800
7200
CRS-1
Performance
Pric
e
SOHO
Enterprise Branch SME
Carrier CPE
Enterprise edgeWAN core
Carrier core
Tomorrow’sFootprint
Use ASICs
Port to low-cost
hardware
25
Future Standard Hardware Directions:Achieving 10 Gbps and Beyond
PCI Express− More I/O bandwidth
AMD Hypertransport 3.0− More memory and chip-to-chip
bandwidth
Intel I/O Acceleration Tech. (I/OAT)− Partition network processing across
cores
− Fast memory-to-memory DMA
Intel “Tera-scale computing”− 10’s or 100’s of cores per die
− Specialized cores for security or networking
ATCA− Modular, hot-swap chassis technology
− High-speed switched backplanes
26
And then it hits you…
27
…this stuff really is that good
28
It’s all about freedom
29
Join the open-source networking movement!
Dave [email protected]
“Dictators ride to and fro upon tigers which they dare not
dismount. And the tigers are getting hungry.”
– Sir Winston Churchill
Welcome to the Dawn of OpenWelcome to the Dawn of Open--Source Networking.Source Networking.™™