Cisco says network virtualization doesn't offer any guarantees
Share on Twitter.
Get the most reliable SMTP service for your business. You wished you got it sooner!
July 30, 2014
Cisco has written an interesting white paper in which it suggests that network virtualization
can produce unwanted consequences and that there are no immediate guarantees that the whole
process will work going forward.
The scathing report goes on to say that-- “Virtualization isn't a new concept but it's now being
applied to network functions such as those in switches, routers and the myriad other network appliances
deployed,” the white paper suggests, before going on to offer the observations that “The early days
of server virtualization had a dramatic impact on lowering server capital expenditures”.
That Cisco would come out with such revelations isn't surprising, considering that network virtualization
has been cutting into the company's revenues for the past two years.
However, Cisco says that companies that are making meagre savings didn't last because “Operational
costs skyrocketed as more labor-intensive and complex processes were required in the end.”
Which is difficult to dispute-- all manner of vendors and products have emerged to manage
large collections of virtual servers. And there are other direct and indirect costs as well.
Network virtualization, the paper continues, should be approached with that experience in
“Furthermore, reducing complexity through automation and management will speed up operations to a certain degree,
contribute to service agility, and lower operational costs,” the paper adds.
Some of the arguments that follow are not sophisticated. Cisco says you probably wouldn't
bother with network virtualization for seldom-access resources, but landline and wireless
carriers will do well to put it to work for this month's new released movie downloads.
The paper also preaches some automation, optimization and the careful design of virtual network
resources as well, so it makes for good reading.
The paper is more interesting for the fact that Cisco seems to see the need to hose down enthusiasm
for network virtualization despite being in the market.
Another eyebrow-raiser is the mention of server virtualization's dark side, as those pitfalls
were often discovered by early VMware adopters.
Cisco and VMware used to be the best buddies and are still happy to be seen in public together
when discussing the VCE joint venture or the NetApp/Cisco/VMware Flexpod stack-in-a-box/reference
architecture, but are they still best buddies after this?
Behind the scenes, we can of understand that each would consider the other an enemy when
it comes to network virtualization, and that would be fair to assume.
Cisco must know that by pointing out that server virtualization created some messes in the past
two years and it is now spreading FUD-by-association in the direction of VMware's NSX network virtualization
efforts. It will be interesting to follow these developments in the next year or so.
In other IT news
System admins and IT managers better take note of this. Microsoft is issuing stern warnings
when migrating from the soon-to-be-unsupported Windows Server 2003 to Server 2012.
Additionally, the software giant has just discovered a new obstacle to migrations away from the dated
operating system that it didn't know existed.
The issue manifests itself when users run Windows Server 2003 and Windows Server 2012 R2 domain controllers
serving the same domain.
Some people who do so may also find thatthe Kerberos authentication protocol crashes as well, another source
of guaranteed headaches.
When that happens, it becomes impossible for users to log in to servers, which isn't really going
to help a migration effort.
Microsoft acknowledges the issue in a post titled “It turns out that weird things can happen when you
mix Windows Server 2003 and Windows Server 2012 R2 domain controllers.”
That post adds that Microsoft is currently working on a fix, “but it’s going to take us some time to
get it out to you.”
Just how much time it will take to create the fix isn't specified, however. The post admits
the bug is a very big one, as running the two domain controllers in the same domain is just the kind
of thing that can be necessary during a migration.
“We realize that upgrading an enterprise environment isn't easy, and much less so when your users start
to have complex issues during your upgrade,” the post says.
The good news is that workarounds are possible, but those outlined in the post require a lot of
working around to get when you need to go.
IT system admins and users experiencing the 'weird things' are advised to check with Microsoft for
news about the hotfix when they become available.
In other IT news
A new microkernel that DARPA (The U.S. Defense Advanced Research Projects Agency) hopes to be bug free and used to
protect drones from potential hacking will be released as open source tomorrow.
The formal-methods-based secure embedded L4 (seL4) microkernel was developed by Australian
scientists at National ICT Australia (NICTA) and was part of DARPA's High-Assurance Cyber Military
Systems program developed two years ago to stop hackers knocking unmanned drones out of the sky.
At the time, it was underlined as the most advanced and highly-assured member of the L4 microkernel
family due to its utilization of formal methods that didn't impact performance.
A microkernel differs from monolithic kernels – such as the Linux and Windows kernels – by running
as much code as possible – from drivers to system services – in user space, making the whole thing
more modular and in theory, more stable.
Tuesday at noon Eastern Australian Standard Time (GMT +10), seL4's entire source code including
proofs and additional code used to build trustworthy systems will be released under the GPL v2 licence.
Overall, a group of mathematicians from around the world and some aviation experts from the
likes of Boeing and Rockwell-Collins joined a team of dedicated NICTA researchers on the project
which involved the seL4 operating system designed to detect and stop hacking attempts dead in their tracks.
NICTA senior researcher June Andronick said the microkernel should be considered by anyone building
critical systems such as pacemakers and technology-rich cars.
"If your software runs the seL4 kernel, you have a guarantee that if a fault happens in one part
of the system, it cannot propagate to the rest of the OS and in particular the critical parts," Andronick
"We provide a formal mathematical proof that this seL4 kernel is correct and guarantees the isolation
between components," she added.
NICTA demonstrated in a video how a drone which runs the platform could detect hacking attempts
from ground stations that would normally cause the flight software to die and the aircraft to crash.
"What we are demonstrating here is that if one of the ground stations is malicious, and
sends a command to the drone to stop the flight software, the commercially-available drone will
accept the command, kill the software and just drop from the sky," Andronick said.
The researchers' demo drone would instead detect the intrusion attempt, flash its led lights
and fly away. This could ensure that real drone missions could continue in the event of hacking
attempts by combatants.
Andronick added that seL4 would come into play as the team added more functionality including
navigation, autonomous flight and mission control components.
In depth information about seL4 was available on the NICTA website and within the paper Comprehensive
Formal Verification of an OS Microkernel.
In other IT news
The IEEE (Institute of Electrical and Electronics Engineers) has launched a new study group in an effort
to offer 25 Gbps Ethernet standardization a boost in speed.
But some might say-- ``Don't we already have Ethernet industry standards running at speeds higher
than 25 Gbps?``
And the answer would be yes we do, but only as multiple links running in parallel. A 40 Gbps
Ethernet connection is four 10 Gbps Ethernet serial links bundled together, and 100 Gbps Ethernet
is ten links.
As switch vendor Plexxi notes, the 10x10 configuration that delivers 100 Gbps connections can be
considered a placeholder, since the IEEE documentation for such speeds assumes 4 x 25 Gbps connections.
With hardware vendors already getting to work at the market-facing side of 25 Gbps Ethernet, the
IEEE is now accelerating its own work on the standard.
In announcing the new study group, its chairman, Cisco's Mark Nowell said that its main
focus will be on the MAC layer, adding that “the heavy lifting in developing and standardizing 25 Gbps
Ethernet signalling technologies has been done as part of the development of 100 Gbps Ethernet.
These technologies can be reused to enable a single-lane 25 Gbps Ethernet solution set for server
interconnects for those future data centres.”
The MAC-layer standard will build on the physical layer specification, 802.3bj-2014, and the in-progress
P802.3bm task force that's defining “4 x 25 Gbps operation for signal traces for chip-to-chip and chip-to-module
applications, as well as for 25 Gbps operation over four parallel multi-mode fibres”, the IEEE says.
Get the most dependable SMTP server for your company. You will congratulate yourself!
Share on Twitter.