Openflow, Merchant Silicon, and the end of the reign of King John.

Early this morning, I finally had an opportunity to listen to the latest episode of Packet Pushers Podcast.

In the podcast, the guys discuss Openflow and the impact it could have on the networking industry. One of the points mentioned in the podcast was that Cisco is apparently using merchant silicon in the latest 10GB Nexus switch, the 3000. I was shocked when I heard this, and had to do a little research to verify. Sure enough, it seems that Cisco’s latest Nexus switch is built on Broadcom chipsets. Wow.

Let me say that again…Wow. To recap, here is my favorite Cisco blog post regarding Cisco and merchant silicon by Douglas Gourlay, an ex-Cisco Senior Manager of Product Marketing.

http://blogs.cisco.com/datacenter/on_merchant_silicon_and_mowing_my_yard/

To quote the post:

Do major automobile manufacturers outsource engine design and development to other firms? Of course not, they design and build their engines. Do manufacturers of more consumer goods like lawn mowers outsource their engines? Absolutely, they go to specialized engine manufacturers because the core value of what they offer is either a certain price point, or the value is not tied to the engine. So the question then – is do you want to ride to work or school in a car, or on a lawnmower?

Ok, so if Cisco is using merchant silicon in their Nexus line, it seems to me that the course adjustment that Big John emailed his employees about last week wasn’t the beginning. Maybe John was trying to answer rumors that had already started within Cisco’s ranks. Change was in the air, questions were being asked, and it all had to be addressed.

What would cause such a shift in Cisco? Is it possible that Cisco already realizes that being faster is no longer relevant in an age of Openflow, TRILL, IPV6, etc. etc.? There is no doubt that Cisco has felt the pressure from HP, Juniper, and other vendors. In fact, my current role is in a company that made that jump from Cisco to HP and Juniper when Cisco tried to sell Nexus 7K’s when 4507’s  or 6509’s would have been the better solution. Cisco didn’t just lose a customer here, Cisco made enemies. (I get scowls when I mention Cisco.)

Is it possible that Cisco realizes that the days of huge profit margins on every device it sells are coming to a close? Is it possible that maybe, just maybe, Cisco realizes that it’s not the only game in town?

For years, people bought Cisco for the additional features that Cisco offered. PAGP, ISL, EIGRP, LWAPP were all answers to problems that no one else had addressed. They were good answers at the time, and all led the industry standards by a couple of years. Now, the alternatives 802.1Q, LACP, OSPF, and CAPWAP have replaced those proprietary Cisco protocols. Looking at the environment now, I don’t see any areas where Cisco has a unique answer. Either the networking community has a solution (Openflow, TRILL), or each vendor has their own unique solution to the same problem (Qfabric, Unified Fabric).

Let’s look ahead 3 years. If an engineer has the option of buying products from Cisco which cost a lot more, and must be managed individually, or buying products from a range of vendors that all must compete in a cost effective manner, and all of which support unified management through Openflow, and all of which have the same features, which would he choose?

Two closing thoughts:

Apple is trying to teach the tech world a lesson: specs alone doesn’t make a better product. For Cisco to compete, they have to focus on features that answer real world problems, not imaginary scenarios. IPv6 and TRILL vs. Who really uses an ASA for deep packet inspection on a regular basis?

Cisco is a very big ship, and it will take a long time to turn. Watching from the shore, we have only begun to realize that it is turning, and have no idea where the new heading points.

Cisco is SCARED! Why Cisco won’t release an emulator.

Greg Ferro posted on his blog another plea to Cisco to play nice and give network engineers tools for testing, verifying, and learning new technology. If you’ve missed the recent debate on the matter, it’s OK. Crawl back under that rock, you won’t miss a thing.

I generally read Greg’s posts while nodding my head like some sick bobble headed doll, with an occasional grunt in agreement. However today, my head stopped bobbing when I realized something…

Cisco is AFRAID of the virtual switch/router.

Let that sink in for a minute.

I know what you’re thinking. “They don’t have anything to be afraid of. That’s crazy talk.”  I’m sure that people said the same about Dell and HP when ESX was first announced. “They don’t have anything to worry about. No data center could ever virtualize all of their servers. That’s just crazy.” Only, it did happen. Right now I am sitting just a few hundred feet from 100 servers that would be over 500 servers if it wasn’t for vmWare. Think of the lost revenue to Dell and HP.

But, you say, “what about the Nexus 1000v”. What about it? Cisco had already lost sales because all of those virtual servers didn’t need individual switchports. That was Cisco’s way of getting some of that revenue back. It wasn’t about extending network engineer’s control into the virtual environment. It was about lost port revenue.

Imagine with me for a moment. What would happen if you could virtualize the Edge and Core layers of your network all onto a single HA cluster. (Maybe a couple of Dell or HP servers.)

Firewalls, Check
Routing, Check
IDS, Check
VPN, Check

Where is the need for 10GB, 40GB, 100GB, TRILL, or Fabric Path? What about all of the other technologies that Cisco will sell us over the next 10 years, forcing us to replace existing hardware?

Outside of the HA cluster, you would need a couple of switches for Distribution, and you would need your normal Access layer switches, but how many components of the network would be cut? Not only routers, firewalls, and switches, but adapters, redundant power supplies, wireless controllers.

It’s already been done. Look at Cisco Call Manager. A router, switch, and server that do the work of racks and racks of PBX equipment.

“But, I just want them to release it so that I can test.”

Cisco has three choices: 1. Stick fingers in their ears and hum loudly. (Current tactic) 2. Release a good virtual network platform, and wait for everyone to ask, “wait…why can’t we virtualize this for real?” 3. Release a crippled, barely working virtual platform, and then get derided for their poor product.

No matter how Cisco looks at it, they lose.

Suddenly I am asking myself. After IPv6, what is the next big thing to happen in networking? Could virtualization change networking the way it changed servers?

Is Cisco getting back on track?

Cisco’s big-man-in-charge, John Chambers, sent out an email to all employees this week, which outlined a few important things:

-Cisco has lost focus
-Cisco was caught off guard by certain movements within the Networking community (openflow, new products from other vendors, etc)
-Cisco makes it difficult for new product to make it to market
-Cisco has to focus on the core business components, rather than continuing to diversify into low margin consumer markets
-Most importantly, Cisco shareholders, employees, and customers are not happy with the current direction that Cisco has taken

The message is a great read, and gives me hope that Cisco can get back on the ball, and address some of it’s core issues. Kudos to the Cisco team for taking a hard look at where they are, and making decisions to correct their wandering trajectory. Here’s hoping they follow through!

http://blogs.cisco.com/news/message-from-john-chambers-where-cisco-is-taking-the-network/

Microsoft meets the first snag in plan to purchase IPv4 addresses

As you should now be aware of, Microsoft is planning on hoarding purchasing a large huge block of IP addresses from Nortel. Now ARIN chief, John Curran, has made it clear that if the plan does not meet the current ARIN requirements for transfers, the IP address space can be reassigned. Here are a couple of relevant quotes:

Companies that are allocating their address to a third party can ask for compensation if they want to, he said. However, the acquiring party is required to show an immediate and appropriate need for the addresses, he said.

Existing transfer policies allow up to 12-months worth of address space to be transferred from one entity to another, he said.

So, that brings up the question, can Microsoft show a need for 666,000 in the next 12 months?

Link: http://www.computerworld.com/s/article/9215091/IPv4_address_transfers_must_meet_policy_ARIN_chief_says

Microsoft sets the price of IPv4 space post IPocalypse.

The resellers market for IPv4 address space has just heated up. Microsoft has puchased 666,624 IPv4 addresses from the burned out shell of Nortel for the tidy sum of $7.5 million dollars. That works out to a little over $11 per IP address. That’s pretty expensive when you consider how much Nortel paid originally. This also make me worry about how quickly prices will inflate on the remaining address space that is floating around out there.

On another note, I guess Microsoft realized that since they had built poor, if any IPv6 support into their products for so many years, they better make certain they have enough v4 addresses.

via http://downloadsquad.switched.com/2011/03/25/microsoft-buys-666-624-ipv4-addresses-from-nortel-for-7-5-milli/

RSA hacked? No, really.

In an open letter to customers, Art Coviello from RSA admitted that attackers had gained access to some of their internal information regarding the RSA SecurID products. While there was no customer information lost, it says that RSA is working with customers to provide “immediate steps for them to take to strengthen their SecurID implementations.”

I think I’ll go for a walk now…