Why Vyatta Is Not Keeping Cisco Up At Night
Thomas Ptacek | July 26th, 2006 | Filed Under: Industry Punditry, Uncategorized
Slightly off topic, but I can’t resist. This Slashdot article cites an interview claiming that Vyatta’s XORP-based “open source router” will give Cisco a run for its money in the mid-market. Look, XORP is cool, and I wish Vyatta the best of luck. But come on.
Data center routing belongs to switches. Routing protocols are not the hard problem in switching. Vyatta can’t make a dent in price-per-port. Not only do they not have hardware, but the one place they haven’t spent time is the forwarding path.
Click is a project that innovates in the router forwarding path. Suez is a project that used commodity hardware to build a scalable switch. XORP is a next-generation GateD hooked up to the Linux forwarding path.
Open sourcing routing protocol processing is old, old news; remember GateD (it was much more profitable for NextHop to license it to hardware manufacturers than to get ISPs to use it instead of old Cisco gear) and Zebra?
The opex costs of a high-speed telco circuit or a colo gigE connection utterly dominate the capex costs of buying the router itself. Buying and building a Vyatta switch is probably a dumb purchasing judgement. Tell me the circumstances in which I’m wrong, and I’ll concede the point.
Routing is a fraction of Cisco’s revenue, and the buzz around Cisco’s routing product line, especially in the markets where Vyatta would play, is the ISR. Vyatta isn’t even close to the ISR (answer to integrated PIX: NetFilter. answer to integrated VPN: none.). Maybe Vyatta should figure out a way to bundle Asterix.
What really sets me off here is the Vyatta spokesman saying “sure, we’ll be doing hardware too! So forget about the 800mb/s you can push through PCI now!” Brother, I can say the same thing too. The Click project did interesting things with high-speed forwarding without hardware. Last-generation NPUs and Xilinx boards are probably fertile ground for real open source forwarding hardware. If you’re going to do that, go do it. Otherwise, shut up about hardware. You’re a PC, just like KA9Q was.
Vince
July 26th, 2006 8:45 pmFrom what I read from the article, they were repeatedly saying it was intended for the T1 crowd.. Ie, you need a box, a T1/E1 card, and that’s it. No need to pay the (excessive) premium for whatever cisco provides in that market.
PaulM
July 27th, 2006 9:13 amCisco’s T1 edge routers (1600/1800/2600/2800) are commodity devices, priced
Thomas Ptacek
July 27th, 2006 10:10 am… point being, on a circuit that’s going to cost you $10k+ for a year, why would you roll your own router for $1000 when you can get a 2600 for $1500?
People roll their own OpenBSD firewalls instead of buying Checkpoint or PIX. A DIY OpenBSD firewall is at price parity with the SMB firewalls (Sonicwall, Astaro) and is substantially cheaper than an “enterprise” firewall like Checkpoint or NetScreen. But OpenBSD is also differentiated from all of those alternatives on security and reputation
How is Vyatta differentiated from Cisco, apart from not having the support, branding, hardware, and “guaranteed interoperability” of Cisco?
Both of the other OSS router startups make their money OEM’ing to hardware vendors. That’s a fine model for Vyatta too, but what’s compelling about their story vs. Zebra or GateD?
Mitchell Ashley
July 27th, 2006 3:15 pmThe reaction to Vyatta’s announcement has been really interesting. The core question here is whether there’s a market for a productized open source router.
Its not likely that we’ll run out and replace all our Cisco and Juniper gear in the data center or network core but if targeted properly there is a segment of the market that values having the flexibility of open source and not getting locked into the latest over priced pizza box from your favorite network hardware vendor.
Thomas’s comments are spot on though - its not just about routing. Switching being prime example. Vyatta is overreaching if we are to think that all Cisco’s routing business is at riak today. We should still keep an open mind for where there might be an open source router market.
Thomas Ptacek
July 27th, 2006 4:00 pmThanks for the compliment, Mitchell. I’ll point out though that if you can’t cost-justify rolling your own x86 router with OFR/Vyatta (vs. opex cost and business risk), those Cisco boxes aren’t overpriced.
I’m not sure I think any of Cisco’s mid-range hardware is overpriced.
Rascalson
October 31st, 2007 3:30 pmAnd the Smartnet cost over several years for the Cisco hardware?
jeff
June 10th, 2008 2:07 pmI think there are a few key points missing from this discussion…
1- Vyatta is an alternative to pricey hardware and software licensing lock-ins, will it work everywhere for everyone, no, but I think they make fair comparissons. A 7206 is a PCI bus based creature, so is a PC. So as long as your fairly close in comparing apples to apples (maybe reds versus a granny smith, but still), then something to consider.
Readily available commodiity hardware — especially for ethernet interfaces, give me a break. A decent high speed NIC is 100-200 bucks, a DSL card around 120. Cisco isn’t adding anything wonderful in there but charging like 10 times for it, in fact 90% of the times single or multiport eth cards can’t even do full line rate anyways.
And memory — if you want to pay 10 times what you should for memory just because its Cisco and they don’t let you stick non-certed mem in their boxes, go for it. You can waste a lot of money quickly with such lock-ins.
2- Licensing/support — especially Cisco…You buy a expensive router or even a cheap one I don’t usually get good quality code on it from the start — I had a sev1 IPsec bug in the VPN code that shipped on my 2811, even with a support contract one is typical SOL fixing the issue in a timely manner, ditto with calling anyone from Cisco and not sitting on hold for an hour…then they just tell you to upgrade your code anyways.
Kind of a lock in if the code sucks out of the box and you need a expensive support contract to upgrade, or have to cycle through numerous images to get a stable one…so we could bicker all day about total cost of ownership or business risk.
They don’t care and don’t want to hear it. I’ve even had a Cisco rep on a blog site go so far as ‘you don’t like our model, go use something else’ or suggest band aid fixes for hardware they know has design flaws.
Guess what,I’ve jumped shipped, and I am very happy about it and happily passing on to others. It can be done and it doesn’t have to suck, just it needs to fit the right application.
I used 12012s, Juniper M160, T640s… vyatta isn’t playing there yet, but I think they are a threat to ds3 and below services when its been proven reliable.
3- You think these enormously huge greedy companies like Cisco are honest? Does ANYONE remember Blackhat??? ANYONE?!
Cisco pissed off so many government branches, nonetheless regular customers with their cover up they lost a lot of business… and I for one lost even more respect for them as a company to the point I had wished I wouldn’t have used their products in some designs. Why would I want to buy or risk my business with a company who would rather risk exposing your network than prevent it from happening in the first place?
I hesitantly choose Cisco for projects now, and instead take the business risk as you call it using what ever works and well for the best price.
Leave a reply