Cisco To Develop Third-Party APIs For IOS 129
MT628496 tips a Computerworld article on Cisco's announcement that it plans to build IOS on a UNIX kernel, in modules, and allow third-party developers to access certain parts of it. IOS has traditionally been a closely guarded piece of software without any way for anyone to add functionality. No timetable was given for when APIs will be available. A Forrester analyst said, "...the network is one of the least programmable pieces of the infrastructure. The automation and orchestration market is far more oriented towards servers, storage and desktop environments. The ability to dynamically change the network is a missing component." The article mentions that Juniper Networks had announced on Monday its own developer platform for Juniper routers, and it's available now.
Re:Get a D-Link or a LinkSys, Routers r a commodit (Score:5, Insightful)
That said, this kind of command navigation sucks. You are trapped in a maze of twisty, little prompts, all alike.
The structure of these commands were determined in antiquity, when embedded networking devices were resource starved for storage and memory. That's pretty clearly not the case today.
Screw IOS, its resistance to simple scripting, and its defiance to be committed easily to memory.
Re:Get a D-Link or a LinkSys, Routers r a commodit (Score:5, Insightful)
People buy those expensive, rackable switches and routers because they want something *reliable* for *serious* use that absolutely requires reliability.
Re:Hmmm.... a Unix based kernel? (Score:2, Insightful)
Re:Get a D-Link or a LinkSys, Routers r a commodit (Score:5, Insightful)
Most people do not buy 800 series routers, but if they do, it is typically because of managability and security. When it comes to being able to manage a remote network device and use a central authentication system, Cisco beats the pants off of ANY comsumer grade device.
Once you get to 1800 devices and above (even 1600 and 1700, but they are EOL) you have features that far exceed any consumer device.
Real routing capabilities (RIP, OSPF, EIGRP, ISIS, BRP, etc).
Modular interface cards. You have Modem, ISDN, xDSL, Cable, 56k, DS1, ATM, DS3, SONET, etc.)
QoS. Should be self explanitory
Various security functionality. VPN, tunnles, RADIUS, TACACS+, etc. (I am not a security guy)
Voice Terminate voice, act as a phone system (2800 and 3800) run VXML, etc
These are just the routers. Switches are just as much above the consumer grade as the routers are. QoS, port density, VLANs, true Layer 3, etc.
Both have their place and in some cases, a consumer grade equipment has its place in the corp environment. I have used them many times. T
To say Cisco is a rip-off is pure ignorance. (Do not use the list price to justify yourself either. NO ONE pays list for Cisco gear. As a general rule 35% - 50% is the rule.) Sure Cisco is not the cheapest or the best, but they provide a complete end-to-end solution and everyone knows Cisco. Heck, even Nortel switches and Extreme (I think) made their interfaces to emulate IOS.
Re:Get a D-Link or a LinkSys, Routers r a commodit (Score:3, Insightful)
1) Quality network hardware is expensive. Often frighteningly so.
2) If reliability is even remotely important to you, the expense is easily worth it.
3) Failure to comprehend #2 will almost inevitably cost you your job.
Re:Get a D-Link or a LinkSys, Routers r a commodit (Score:3, Insightful)
Re:May be end-of-life open sourcing (Score:1, Insightful)
The QNX used wasn't the operating system "QNX" that most people associate with PC-based embedded systems. It was "Neutrino," a true microkernel with POSIX API's that QNX (the company) started shipping in 1996. This was a completely different and new product from the QNX (operating system) that QNX (the company) had been shipping for many years prior to 1996.
Second, the reason why IOS has run in one (or two) address spaces for so long is easy: think about how you get the fastest possible speed out of a CPU when you're constantly changing address spaces and you have a limited number of TLB's on the CPU architecture. Answer: you try to use as few address spaces as possible, lock down one or two address spaces in a couple of TLB's and you go like a bat out of hell. Oh, and don't trip over bogus pointers, because you're going to bring down the whole box.
As packets flow through IOS, they go up through various different layers of drivers, then possibly through various levels of packet inspection, filtering, access lists, tunnel de-encapsulation, etc, etc... and then they might get bounced from line card to line card only to reverse the same process. Some of the time, some of the functionality is offloaded onto a line card, sometimes it all happens on the same CPU. IOS tends to derive some of its speed on non-assisted platforms (ie, platforms without hardware assisted switching) from keeping the packets, data structures, etc aligned rather carefully on cache line boundaries (and trying to not disturb those cache contents) for the particular CPU in question. Once you start getting into situations where you start switching address spaces, possibly sending messages or using mutexes/semaphores to control shared data structure access, etc... getting the same packet throughput on a CPU becomes rather challenging, especially as the features multiplied by the number of interfaces goes up.
The situation in the highest end platforms is one where as much of the packet throughput as possible is offloaded onto the hardware line cards and switching engine, leaving the main CPU doing only control plane functions (routing protocols, spanning tree, SNMP, etc). This used to be the model in the cisco AGS+ days, when there was a 80-bit wide custom horizontal microcode machine doing switching from cBus interface to cBus interface. It took awhile to re-discover why this was the preferred model for router hardware.
Re:Get a D-Link or a LinkSys, Routers r a commodit (Score:4, Insightful)
The user interface people writing IOS need to read Eric Raymond's document on user interface, at http://www.catb.org/~esr/writings/cups-horror.html [catb.org]. It applies to closed source interfaces as well.
Re:Thank you for asking my question (Score:3, Insightful)
Moreover, Cisco update procedures and user interfaces and backup procedures are so painful that implementing an upgrade or patch is very risky indeed, and is often left idle long after the cracks are widely published. The result is that the firewall and routers which companies rely on to remain secure with their absolutely pitiful internal security is often easily pierced by anyone remotely competent.
Re:Get a D-Link or a LinkSys, Routers r a commodit (Score:2, Insightful)
I already have IOS on Unix... (Score:3, Insightful)
I was going to say that it's only of use for training purposes, and can't be used in the real world. But then I noticed a lot of people in this thread advocating the use of consumer routers, and they probably would put emulated IOS on an old PIII and expect it to route 1Mpps. So knock yourselves out, retards.