it’s with great sadness and reservation I take these powers….

So first thing, I’m not taking on any powers. now that that’s out of the way, I wanted to take a little time and put together some thoughts on the current state of our industry.

We’re at an inflection point, a paradigm shift where everything that once was is about to change. I’m sure some would argue that we’ve already fallen over that edge. I don’t mean to be all dramatic ( although it does create an more interesting bit of writing!), but I truly believe our industry is in for change.


Like ” Fish crawling out of the ocean change “.

There’s a great book called the Aquarian Conspiracy that deals with the concept of paradigm shifts. It’s not IT related at all, but I think applicable to this topic sense we are dealing with a point where there are so many of our “beliefs” that are been destroyed that we need to find a new path forward.

what beliefs am I talking about? let’s start with this small list, although I’m sure there are more ( feel free to post in the comments if you have any!)

1) International Standards bodies work. – IEEE/IETF have been infiltrated by overly powerfull vendors with their own agendas, allowing them to force or stall individual projects on a whim. ( see Greg Ferro’s article for a great description of this in detail

2) That overlay networks are going to solve all of our problems.

3) A protocol per problem: Any problem can be solved by adding a new protocol.

Now there are a lot of solutions right now, SDN is hot. Whether that’s Nicara, BigSwitch, IBM and HP with the recent VEPA gear. ( yes, one of them is VEPA “ready” @ioshints! ), or whether we’re talking about something much more devious like vXlan or NVGRE.

There’s a lot of great work that’s been done in the Openflow arena but I’m not sure it’s gotten out of the “solution looking for a problem” stage yet.

But to be honest, there’s one player that has be a little bit concerned here. Perhaps I’ve just seen too many Star Wars movie in my time, and with the recent re-release of Episode 1, my mind is going down a strange road.

VMWare scares me.

There. I said it out loud.

Now to explain to you WHY they scare me, I have to explain a little bit of the star wars story. ( for those of you who have been living under a rock ).

Once upon a time there was a republic that had lived for a thousand years with their glorious protectors.

The Network Jedi Knights.

Now these brave men and woman had been rescuing the business for years from spanning-tree loops, layer2 data center interconnects, and the evil of double ( and single ) NATs.

But unfortunately the Senate ( IEEE/IETF ) had grown complacent with the member planets (vendors) arguing internally for placement.


” NO SPB!”

“TRILL lets us sell more hardware!”


“No VN-link”

“You’re proprietary!”

“No YOU’RE proprietary!”

And suddenly out of the darkness comes VMWARE and VxLAN.

” Yes, I know you haven’t done anything about that little VLAN problem, but you guys just keep arguing…  it makes me really sad, but I suppose I will handle all the traffic decisions, but just until you guys get this figured out, ok? It’s with great sadness and reservation that I take on these power…”

I’m pretty sure that everyone remembers how that story ended.

Don’t believe me? Think about this, VMware introduced the vSwitch and took Cisco on as it’s “apprentice”. Cisco had the only vSwitch in the industry for the last few years that had access to the hypervisor of the major player in the industry.

And now, VMware has it’s own security suite that negates the need for a ASA. Especially when you consider that there are currently no hardware products that support the termination of VxLAN tunnels.

And if all the shady behavior is not enough to convince you, check out this little nugget that I found on the Microsoft page today.

” learn about the Cisco and NetApp pre-validated private cloud offering through the Microsoft Hyper-V Cloud Fast Track”

What the heck happened to VCE???  Now we have to deal with MCN as well?

I don’t know how this is going to play out. Will Openflow grow out of a lab toy into a solution which not only scales, but actually addresses technical requirements in a much more elegantly simplistic way than our current protocol-per-problem paradigm?  I guess we’ll see…

What do you think? Anyone else worried about the state of the networking industry? Change is a constant and embracing change is the key to surviving in this industry, but I also think a healthy dose of vendor sketicism and suspicion is not only healthy, but a survival trait.

I just hope that the network industry pulls out of this before John Chambers ends up in a black suite with a respirator and all the rest of us Jedi’s are gone.

Feel free to let me know where you see this headed in the comments.



3 thoughts on “it’s with great sadness and reservation I take these powers….

  1. Personally, I believe OpenFlow has alot of potential. It fixes the “protocol per problem” ideals, and allows us to do VERY unique and specific tasks within the network without adding more appliances. However, OpenFlow has 3 concerns of mine:

    1). Buggy Code – OpenFlow is based on programming that anyone can do. Without strict checking and controls, more problems can be created rather than fixed

    2). New Division in IT. You have a server group, a storage group, a networking group, and now a “Network Programming” group introduced in the mix. It could cause more problems with troubleshooting issues and deploying new “networks”.

    3). Security – OpenFlow is so new, I would not expect it to be grown into a mature technology yet (then again, Virtualization wasn’t mature when VMWare first started either). As such, alot can be learned (and exploited) by reading OF packets.

    We are moving so fast, it’s hard to keep up. It wasn’t long ago when we were still in a “digital phone” world, before VoIP engineers became common. Storage, Voice, and Data all getting converged, and now networking is becoming virtual. Similar to software (when SaaS and Web Services became shifts in thinking, or when Object-Oriented languages became started).

    It will be interesting to say the least. Good post! You made me think too much on a Friday night! ((reaches for another beer)).

  2. Hey @neelix,

    I also think Openflow has a huge amount of potential, but to some degree, it’s still a “solution looking for a problem” kinda protocol to me. It does do some very unique things and I think there are probably going to be some great applications in high speed trading, and perhaps super scale-out architectures like facebook, google, yahoo, etc… I don’t see a good use-case yet on how most “normal” networks are going to be able to benefit from Openflow or SDN… yet. This year does still have a lot of announcements yet, so maybe I might be surprised. 🙂

    On your concerns

    1) I’m not sure that anyone can program. I had an interesting discussion with a customer the other day on the DevOps phenom that’s going on. His question to me was ” It took you 10-15 years to become a good network person. It took these programmers 10+ years to become a good programmer. How long is it going to take us before we find good programmers who are good networking people too?”. Very interesting question. Other than the guys like @lynxbat who are obviously both, I know very few networking people who are good coders.

    2) On the new division in IT, I think the DevOPs movement has already started us down this road. But as most of these programmers have never read the fallacies of distributed computing, they just don’t understand how the network work works. As a result, we’re either seeing bad decisions, or a drain on resources as you need to pair a good coder with a good networker to actually get anything usefull down. ( This was my customers comment again ).

    3) On the security front, I’m actually not that worried about security. Not because security isn’t important, but more because I learned a long time ago that there is no security. you don’t have to run faster than the fastest lion, just faster than the slowest gazelle. 🙂 This year has been an embaressment for security. BEAST, Root certificate’s issuers issuing false certificates. Who would have thought that we would ever see a point in the industry that Microsoft’s version of SSL was more secure than most in the industry. I do as much as time and the budget will allow, and ther than that, I remind the customer that it’s my job to help them understand the risk, and their job to decide whether or not those risks are acceptable.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s