OpenSolaris

1. Project: Virtual Network Machines
   1. Announcements
   2. Events
   3. News
   4. Blogs
   5. Leaders
   6. Observers
   7. Files
   8. Mail Lists
   9. Virtual Router
      1. Virtual Network Router Appliance Project
   10. Discussions
   11. VNM Development Tools and Demo
   12. Project Sitara
   13. Integrated Load Balancer

OpenSolaris Project: Virtual Network Machines

View the leaders for this project
Project Observers

Endorsing communities

Appliances
Networking
Security
Xen

Sub-Projects

• Virtual Router
• VNM Development Tools and Demo

Related Projects

• Project Crossbow
• Project R Bridges
Project ILB - Integrated load Balancer

Introduction

Virtual Network Machines is an OpenSolaris project to exploit the networking technology in OpenSolaris in non-traditional ways. Many of these technologies needed to deploy and consolidate network devices such as routers, firewalls, etc. already exist in OpenSolaris and its sister projects today. This project takes those capabilities to the next level.

We see the project as being motivated by the confluence of several industry trends:

1. Exploiting the advantages of open source for network devices like routers, firewalls, load balancers, etc. Building on a general purpose OS has the ability to be a very flexible deployment platform.

2. Moore's law making it more and more feasible to use general purpose processors in many networking devices that today rely on special hardware. Moore's law is resulting in an increasing number of CPU cores per chip, and as a result of this the OS platform needs to be highly multi-threaded in order to take advantage of the hardware. Some hardware also brings the network interface much closer to the CPU, which further reduces latency for packet processing.
3. Virtualization as applied to network functions. We already see virtualization providing flexibility and better resource utilization for servers. The technology can also be applied to network devices by virtualizing them and being able to consolidate them to share hardware.

Network Machines are a likely result, in which disjoint hardware network appliances become software functions running on a shared hardware platform. In some cases the same hardware platform might also host applications, which opens up the potential for closer interaction and integration between the applications and the networking functions.

Virtualization provides the ability to dynamically deploy new instances of the network functions without any changes in the physical wiring. Users get the ability to create Virtual Network Machines, a combination of Project Crossbow, which allows the NIC and IP stack to be virtualized and partitioned with near zero performance penalties, and Zones, which provide application level isolation on the same physical hardware.

A Virtual Router project is already underway to take advantage of the Virtual Network Machines project. The Virtual Router project also leverages the Quagga Routing Protocol Suite which provides the flexibility for users to deploy and modify routing functions to suit their needs.

Some OpenSolaris functionalities that could help you enable a solution on the Virtual Network Machine are:

• Project Crossbow provides the networking resource partitioning, QOS, and class of service support in an easy-to-use manner. It also parallelizes the flow of packets across large numbers of CPUs and cores for scalability and performance.
• The ILB project is will provide Layer 3 load balancing features that would allow a Sun box to be used as a layer 3 load balancer.
• Writing high performance device drivers using Nemo (aka GLDv3) and Clearview allows the flexibility to add support for any kind of devices with minimal effort.
• The existing and new APIs being added to the stack via Packet Event Framework , Pluggable Sockets , Packet Filtering Hooks and Crossbow makes Open Solaris a very flexible platform for ISVs and users to modify according to their needs.
• Debugging and Observing things are designed into OpenSolaris instead of an afterthought. A collection of Networking and Systems tools available on OpenSolaris are available here. Imagine using tools like snoop (1M), netstat (1M), tcpdump, wireshark (aka Ethereal), and DTrace to debug and analyze problems on your network devices.
• An open source firewall (IPfilter), NAT, DHCP, naming services, etc., already available with OpenSolaris and new functionality like load balancing, etc., on the way.
• The ISVs and user create functionality based on Open Solaris in a platform-neutral manner. The functionality can be deployed as 32bit or 64bit, and on a large variety of SPARC and x86 platforms. In the short term the most interesting hardware platform might be Sun's Niagara 2 processor, which has two 10 Gigabit Ethernet NICs on the CPU chip and also has built-in security coprocessors implementing RSA functionality as well as a large number of block ciphers.

Many of the components necessary to move in the above direction either already exist or are under development. But we explicitly seek community input on what directions they see as most interesting in the short and medium term.

We are also developing elementary tools and scripts in a demo to help visualize the Virtual Network Machines. These demo tools and scripts can be customized and will be used to very rapidly create and deploy a virtual router and firewall as part of the Virtual Router project.

Want to get involved?

We're interested in feedback on the above thoughts, including ideas for related applications and appliances, at VNM dash discuss at opensolaris dot org and help in determining which other existing open source components would be beneficial to include, for instance, services such as Asterisk.

Resources

You are welcome to try out Crossbow or Quagga and share your comments with the rest of us.