> On Oct 26, 2020, at 11:51 AM, Eric Kuhnke <eric.kuh...@gmail.com> wrote: > > If we're talking about whitebox router and ipifusion, what we're really > talking about is vyatta/vyOS and the linux foundation DANOS stuff on an > ordinary x86-64 server that has a weird shape. >
Maybe tangential, but to be clear, VyOS is not equivalent to DANOS/Vyatta. And DANOS is a subset of Vyatta. VyOS is a fork of the second generation Vyatta code which used the Linux kernel as the packet forwarding plane. Control plane integration is based on a proprietary scripting language with bash shell interpretation. The current generation Vyatta is for the most part a completely different system. Some of the changes at a very high level: Linux kernel based forwarding has been replaced with bespoke DPDK based software packet forwarding to improve features and performance. Merchant silicon forwarding support was also added to be able to support hybrid software/hardware forwarding paths on the same box. The control plane is a completely re-written event driven system using yang as the modeling language to improve features, ease of use, operation, and security. The Vyatta routing protocol stack is proprietary. DANOS is the open source version of current generation Vyatta, which makes up the bulk of the Vyatta code since AT&T released it to LF. Active Vyatta development on the OSS is done upstream in github. The major differences between Vyatta and DANOS are mostly due to licensing restrictions. FRR in DANOS replaces the proprietary routing protocol stack in Vyatta. Also, the merchant silicon integration in the DANOS forwarding plane currently only supports a limited number of Broadcom DNX based systems using OpenNSL rather than a proprietary SDK. From a hardware perspective, Vyatta/DANOS supports hybrid software/hardware forwarding environments. So you could install it on standard x86 system that looks like a server to enable software forwarding. In this environment it has been tested to 100(s)Gbps depending on the hardware. Or you could install it as a VNF in the cloud. Or you could install on a merchant silicon based whitebox switch and get hardware based forwarding at the full Tb capacity of the merchant silicon chip. There are install guides at danosproject.org <http://danosproject.org/> for those use cases. There are also vendors that produce hybrid systems with large enough punt paths between the x86 SOC and the merchant silicon to support true hybrid environments where some features/forwarding are handled by the merchant silicon and some by the SOC. One example, in a CPE device you may want local traffic routing and filtering services handled by the merchant silicon while IPsec is handled in software using DPDK on the x86 SOC. Vyatta/DANOS is deployed in production at scale in all of these footprints. So it’s not just for weirdly shaped servers anymore. -r
