Thursday, November 20, 2008

Lie: "You can't run a network using open source..."

So I just got done writing a rebuttal to Matt Asay's article, Cisco: All the open source that's fit to ship.

This is a follow-up, because there is one implication of Matt's article that Matt suggested, but sort of slipped through the cracks. You see, with one side of its mouth, Cisco suggests that only its proprietary IOS is capable of running today's modern networks. Only IOS and ASIC-powered Cisco hardware, you see, have the stability, reliability, and performance required in today's demanding networking environment.

I dealt with the ASIC lie a few months ago. As for the software lie, the fact that Cisco is using so much open source in its ASA and PIX products reveals it. If you're using Cisco products today, you're already using gobs of open source software. You just don't know it because it's rolled into an otherwise proprietary offering and branded "IOS." And you're overpaying for it, as I said in the previous posting. But the fact is, nobody, least of all Cisco, can claim that open source isn't good for networking. It's so good that Cisco stuffed at least 45 open source packages into the ASA/PIX families. If it didn't work, all those proprietary products shouldn't work either.

Fortunately, with Vyatta you can get all that yummy, open source goodness, with a fully open, extensible software system, utilizing low-cost commodity hardware, for a price that will make you a hero during the coming recession.

Cisco: reducing costs with open source, pocketing profits

I like Matt Asay. I have interacted with him for a couple years on the Open Source Business Conference (OSBC), having Vyatta speak at a couple of sessions. Matt's a really intelligent guy, a great writer, and a big open-source advocate. So... it's with great sadness that I'm going to have to take Matt to task in this posting.

Back in October, Matt posted this to his C|net blog: Cisco: All the open source that's fit to ship.

Says Matt:

If you were to rate the companies that use the most open-source software in their products, who would be top of your list? Red Hat, given that it's a pure-play open-source company? IBM, given its massive investments in Linux and Apache?

Or how about Cisco, with this impressive list of open-source licenses used for software embedded in Cisco's security appliances?

In this posting, Matt highlights that Cisco is using an enormous number of open source projects to create its products. He references this list of licenses from the ASA and PIX product lines to bolster his point.

Clearly, this is a long list of licenses, about 45 by my count. That means that Cisco must be using at least 45 open source packages to build the ASA/PIX appliances, because the list only references licenses and a license could be used to cover more than one package (say the GPL covering tens of packages, for instance).

Here's the problem with Matt's analysis: it focuses on usage. Sure, Cisco is using open source. I would ask, "Who isn't?" Honestly, in the networking industry, I can't think of a single company that isn't using open source of some sort. Junos is based on FreeBSD, for instance, Fortinet uses Linux, Extreme uses Linux, etc. In fact, even before Linux got to be the hot thing, many companies were using some amount of open source in the form of something like BSD's networking stack. So, honestly, there is nothing new here.

The fact that Cisco, or anybody, uses open source as an ingredient technology isn't surprising. It's a great way to reduce costs. The question is, do you, the user get any benefit from it? If not, then do you really care whether some of the ingredient technologies in an otherwise proprietary product are open source?

Now, I don't want anybody to think that I'm bashing companies that make proprietary products using open source technologies. If you're complying with the appropriate license terms, I don't have a problem with that. Let me be clear that I think there are some good reasons for being more open, but if you're complying with the terms, I'm cool.

My objection is Matt's suggestion that somehow Cisco, or anybody, simply using open source is in any way interesting in itself. Matt will point out that he says, "When did Cisco become an open-source company? Hint: it didn't." The next sentence then goes on to say, "It has just allowed more and more open-source software to pervade its products, making open source business-as-usual for Cisco (and its wide range of customers)."

There are two ways to read that sentence. One is that Cisco is somehow being good with open source and it's becoming part of its business practices. Another, more cynical view, is that Cisco is going about its business making closed, proprietary systems but doing so using open source "raw materials." I think Matt meant the first interpretation, but all I see is the second.

Specific questions I would ask myself about any company "using" open source:

  1. Did the company in question pass on the costs saved in development to me?
  2. Is the majority of the code open to me for modification if I want to, or is the open source wrapped up in so much proprietary code that it really isn't standalone. In other words, it's great that a company would use something like Apache as the web server in its products, but just getting the source code to Apache isn't really interesting if the rest of the code in the product is otherwise closed.
  3. Can I fix bugs in the code myself?
  4. Will the company take back contributions from me so that I don't have to keep fixing bugs in the code myself?
  5. Does the company contribute back in the form of patches, marketing, documentation, etc?

If the answer is "No" to most of those, then I think you have a proprietary product wrapping itself in the flag of open source for PR/marketing reasons. In this particular case, I think it's safe to say that Cisco's use of open source results in a negative answer to most, if not all of those questions (maybe Cisco is contributing back to the projects they are using; I honestly haven't browsed the version control system logs for any of them). Indeed, we have covered before the fact that Cisco has a gross margin of 64%, one of the highest in the tech industry.

In the leading paragraphs of his article, Matt compares Cisco with Red Hat and IBM, and I think that's giving Cisco way too much credit. Red Hat is clearly a good open source citizen. IBM, while it still retains a large number of proprietary products, has found its stride promoting its proprietary technologies at the same time being a huge benefactor to open source. Both of these companies answer "yes" to most of the questions above (at least for specific products in the case of IBM).

Including Cisco in that same category does a disservice to those other companies.

Deploying Vyatta in Amsterdam (with photos)

Ben King from Net That Works has a nice write up of a Vyatta deployment he did in Amsterdam, complete with photos. Big BGP, firewalling, and "routing on a stick" were key features of the deployment.

The conclusion:

Although this is not anything like the biggest Vyatta deployment we have done, I like it because it demonstrates how using HP and Vyatta you can very effectively deliver a relatively complex redundent solution for a fraction of the equivelent Cisco price.