In late January we learned that Arista Networks was rumored to be acquiring Big Switch Networks (kudos to Jessica Lyons Hardcastle at SDxCentral for breaking this news on January 22nd 2020). Subsequently, on its 4th quarter earnings call Arista made it official, also reported by SDxCentral, “Arista Finally Makes Big Switch Official, Disappoints in Q4.” So what are the implications of this acquisition for open networking, SDN and the network packet broker markets as well as for the broader networking industry?
To date, Big Switch has focused on making software that runs on white box data center switches from Dell EMC and Edgecore, similar to Pluribus Networks. Since Arista sells its own switching hardware, these former partners are likely going to turn into competitors. Furthermore, given media reports that Arista is acquiring only certain Big Switch assets and key employees, it seems likely that Big Switch will no longer be investing much in the way of engineering resources into its open networking solutions, and will instead turn its focus to vertically integrated solutions championed by Arista. Customers who want a truly disaggregated open networking solution, without the “lock-in” typical of a vertically integrated vendor, will want to look at other options – including Pluribus.
Big Switch offers two fundamental solutions:
- Big Cloud Fabric (BCF): is a software-only solution that is focused on SDN automation of data center underlay networks only – the white box leaf-and-spine switches that provide the physical switching and routing of packets for east-west traffic between servers within a single data center. This solution does not provide an SDN-automated overlay (e.g., VXLAN). BCF is OpenFlow-based and requires a centralized SDN controller to program all the switches. Therefore, the leaf and spine switches must all be running the Big Switch operating system, as all switches must be compatible with the OpenFlow protocol. There are multiple challenges with this approach, including single points of failure, greenfield-only deployments and the fact that three redundant controllers must be deployed at every data center site, to name a few. As industry analyst Scott Raynovich noted in explaining the Big Switch acquisition, its “controller-based architecture started to fall out of favor.” You can read more about the challenges with a centralized controller approach in the blog Controller-based vs Controllerless-based SDN Solutions. BCF historically competed with vertically integrated vendors like Arista, Cisco, Juniper, Extreme and open networking software vendors like Pluribus Networks.
- Big Monitoring Fabric (BMF): this solution provides a packet broker function for network visibility and analysis. This software does not run on the production data center leaf-and-spine switches, but instead runs as a separate overlay network. To that point, BCF must run on separate hardware from BMF, as BMF and BCF cannot run on the same switch. The BMF-enabled white box switches are placed in various locations and either sit in-line or receive mirrored data from TAPS or SPAN ports on switches. This traffic is inspected by BMF in turn, and is then forwarded on to the correct analytics or security tool. BMF competes with Gigamon, Netscout/VSS, Ixia/Anue and the Pluribus Networks Network Packet Broker (NPB) solution.
Talking to industry insiders, listening to Jayshree Ullal’s public comments in the earnings transcript and reading the interpretation of a number of reporters, it appears that Arista is very interested in integrating BMF into its Data ANalyZer (DANZ), but less interested in BCF as part of the Arista portfolio. Two examples:
“Big Switch’s workload monitoring fabric, which enables centralized packet and flow-based monitoring across public, private, and hybrid clouds, ‘is a perfect compliment’ to Arista’s DANZ switch monitoring tool, Ullal said. Big Monitoring Fabric ‘has deeper visibility, service nodes, recorder nodes, and monitoring fabric etc.,’ she added, according to a transcript.” (From SDxCentral, Arista Finally Makes Big Switch Official, Disappoints in Q4 by Jessica Lyons Hardcastle.)
“Ullal pointed out that Arista did not buy Big Switch Networks for big switching. However, Arista appreciated its focus on software complementing Arista’s inline DANZ (Data AnalyZer) switching and Arista CloudEOS.” (From Pulse2, Why Arista Networks Is Buying Big Switch Networks by Amit Chowdhry.)
So how should customers interpret this? If you have deployed BCF or are considering doing so, you might want to think about your options. All companies have limited resources and have to make trade-offs for strategic priorities. If BCF is not strategic for Arista then it could very well turn out that there will be only bug fixes for production networks and very limited new feature development going forward.
BMF will likely continue to receive investment, but by most accounts it’s likely to be integrated into Arista DANZ. It is not clear what that means to BMF hardware partners who effectively compete with Arista. It is certainly possible that vendors like Dell and Edgecore will become more friendly with Arista – but don’t bet on it. If you were considering BMF or BCF because you believe in the principles of open networking, where one OS can be swapped out for another OS on the same white box switch – or hardware from one open networking vendor can be swapped out for another vendor’s hardware – then again, you may want consider other options. The beauty of having deployed an open networking solution like BCF or BMF is that the hardware is common and you could swap out either solution with another open networking software vendor, including Pluribus Networks ACF or NPB. Open networking breaks vendor lock-in, provides choice and options, and as a result drives faster innovation because of the disaggregation of hardware and software – each can innovate at its own rate.
Pluribus Networks offers the Linux-based Netvisor® ONE Network OS and the Adaptive Cloud Fabric™ (ACF), which is our unique controllerless SDN implementation based on open networking principles. Key advantages of Pluribus solutions compared to Big Switch are 1) a controllerless SDN architecture, 2) use of standardized protocols instead of OpenFlow, 3) an SDN-automated underlay and overlay and 4) integrated visibility and analytics built right into our fabric. We also offer the Network Packet Broker (NPB) solution which provides a very unique and powerful network packet broker fabric. Let’s look at each of these in more detail.
Adaptive Cloud Fabric
Controllerless – what this means is that we leverage the distributed processing power of multi-core Intel CPUs, RAM/SSD memory and the packet processing ASICs contained in the white box switches themselves that have to be deployed anyway for underlay connectivity. We achieve this by taking a distributed compute approach to our implementation, so the SDN control intelligence and database are efficiently distributed into every switch in the fabric. If you deploy 30 switches, they all federate into one fabric and act as one logical programmable switch/router with underlay and overlay functionality. You can see and control the entire fabric from any switch in the fabric via CLI, REST API or our UNUM™ management platform.
Open, Standard Protocols – because Netvisor and ACF run as applications in the user space (control plane) of the switch, they do not change the standard behavior of the switch, unlike OpenFlow. The switch is still able to use standard underlay protocols such as BGP, OSPF and so on to establish any underlay topology and interoperate with switches and routers from any other vendor that also uses standard protocols (the vast majority). This means that interoperability and insertion into existing networks is a snap, and one can take a stepwise approach to migrating to open networking if desired. In fact, Pluribus software can be used to automate just the leaf/top-of-rack (TOR) layer while existing spine switches stay in place. If you’d like to see some technical examples of this you can look at some of our product demo videos on our Resources page.
SDN Automation of Underlay and Overlay – Pluribus pre-integrates underlay and overlay network automation, along with rich network monitoring and analytics, into a comprehensive solution that works right out of the box. This radically simplifies the deployment and ongoing management of underlay and overlay networks – it eliminates the need for customers to deploy and integrate separate underlay and overlay solutions.
The overlay is an incredibly powerful capability that provides a homogeneous fabric inside a single data center, across multiple data centers and into campus aggregation environments. Because all network services are defined and instantiated completely in software, the overlay delivers agility by enabling the rapid deployment of rich multi-tenant Layer 2 and Layer 3 services, including leveraging anycast gateways and supporting highly scalable multicast. In addition, the overlay in ACF provides hierarchical network segmentation across the data, control and management planes, which delivers segmentation for both security and multi-tenancy. The concept of underlay and overlay is covered in the blog SDN for Physical and Virtual Networks in Space- and Cost-Constrained Environments, and if you want to read more about using segmentation for security you can read about it here.
Finally, if you are looking only for underlay automation, perhaps because you prefer not to use an overlay or because you prefer to implement a compute-based solution for the overlay and have the resources to integrate the underlay and overlay yourself, then Pluribus Netvisor ONE and ACF can either perform as a set of individual high-performance switches or deliver SDN automation of the underlay only.
Integrated Visibility and Analytics – In addition to pre-integrating the underlay and overlay, Pluribus has developed a clever architectural approach to extract metadata on every TCP flow that passes through the fabric. While we support more traditional approaches like sFlow, our vFlow approach is not sampled – you get full data on every flow. This data can be fed into our Insight Analytics solution, which can store up to 2 billion flows and provides rich visualization and powerful search capabilities. With Insight Analytics, our customers are able to quickly identify performance issues and security threats like DDoS attacks and then rectify those issues quickly, leveraging the automation capabilities of the fabric to, for example, shut down a specific port fabric-wide across all switches with a single command. This flow metadata can also be exported via open APIs, including REST or IPFIX, into third-party systems. You can read more about our network monitoring capabilities here.
Pluribus Network Packet Broker
Perhaps you just upgraded your leaf-and-spine network within the last few years and you are not ready to do a refresh, but you do want to improve your visibility, performance and security monitoring capabilities. In this case, you might wish there was an open alternative to BMF. Good news: Pluribus also supports this capability with its Network Packet Broker solution.
Pluribus NPB is the industry’s first dynamic network packet broker fabric solution that is simple to deploy, can scale out to seamlessly monitor geographically distributed data center networks, and can rapidly adapt to changing network conditions. Customers deploy the NPB solution so that all traffic coming from the production network can be intelligently filtered at wire speed and delivered to multiple security, performance and compliance tools. The NPB solution works on the same principle of distributed, controllerless SDN architectures, where the switches in the monitoring fabric form a peer-to-peer relationship to exchange state information so that all the switches act as one logical switch making provisioning, day-to-day operations and troubleshooting very easy. This controllerless approach eliminates costly controllers and at the same time improves reliability and flexibility.
The NPB solution is also unique in that it can dynamically load balance traffic across multiple links for efficient resource utilization and multiple resilient connections inbound from TAP/SPAN sources and outbound to multiple tools. This same dynamic architecture allows the NPB solution to seamlessly span multiple sites, enables tools to be placed either in a centralized pool or distributed across locations without restriction, and to deliver completely automated and rapid sub-second re-convergence. Paths are dynamically computed for each flow of each policy which ensures the monitoring fabric is optimized for cost while also being able to quickly adapt to network changes, including link and node failures.
All of this is very unique and differentiated from the much more statically configured BMF solution from Big Switch/Arista. But what is even more powerful is that the Pluribus NPB solution can not only run as an overlay network for any existing production data center network, it can also run a service within ACF. That means that a single network of white box Ethernet switches can be deployed in a leaf-spine architecture to provide the production switching and routing (ACF) and the same switches can run a virtualized Network Packet Broker overlay to provide the network packet broker fabric functionality. This enables tremendous cost savings over any other packet broker in the market.
More recently, Cumulus Networks was acquired by Nvidia/Mellanox and you can read my thoughts on that acquisition in this blog.
If you would like to request a demo or contact us, please visit this contact us link, send an email to Sales@pluribusnetworks.com or call us at +1 650 289 4717 or +1 855 438 8638 (U.S. and Canada).