Monday, October 30, 2006

The world is flat!

My daughter loves Boowa and Kwala on a site called UpToTen Kids. She loves the songs in French, much to the delight of my wife.

Being a geek, after hours of watching Boowa and Kwala sing and dance, I decided to find out more about the company. On the main webpage, I found that UpToTen is located in Port Louis, Mauritius. I think I'm fairly well-educated in geography (last count I have been to 70+ countries in my travels) and I honestly had no idea to the location of Mauritius. A quick web search later, I found the island located in the Indian Ocean.

A few moments later I found that the website for the company appears to be hosted at Rackspace, so those songs my daughter watches are not traversing three-quarters around the globe to reach our home, but I'm pretty sure that folks in Port Louis are uploading content from there. Even if they are not, some communication between the Indian Ocean and the Bay Area exists so my daughter can enjoy Boowa and Kwala songs in French.

I'm fairly sure that the Vyatta OFR is not in that transmission path yet, but sometimes I truly marvel at how the Internet and networking technologies have flattened out our world. Since Vyatta is helping to expand the Internet with open-source options, we're working to grow the market and to spread data packets with songs in them across the globe :)

Friday, October 27, 2006

At least I have a nice personality....

Begin shameless vanity warning.... I was at the Eastwick Communication's "Black and Orange Bash" last night and had a great time. At that event, a friend of mine pointed out that all of the photos of me speaking at STIRR 1.7 were not exactly flattering. I guess if PR folks think your photos are bad, then they are bad! I'll do my best to do better next time - I do think that I look different in person, but I'll never know :)

Next time I'll make Dave do the public speaking gigs!

Wednesday, October 25, 2006

Extensibility is key

Extensibility and flexibility of the OFR has always been of interest to many of our customers and prospects. We firmly believe that being open source enables our solutions to be used on unique ways that are just not possible with closed source and proprietary solutions.

Recently, I was explaining to a friend of mine about the OFR and he immediately found a use for his environment. As it turns out, management at his company has the suspicion that some employees are using the company's Internet connection to surf some non-work related websites (insert your favorite vice here). To set the stage, his overall network is pretty modest with one Cisco 3800 router serving 3 LANs and a single fractional T3 connection. As a solution, he was examining buying an application layer switch at a cost of about $20K.

And then the flexibility of the OFR hit him.... "You mean I could use your product on a Dell box I already have and then write a script to automatically add to the firewall rules for the non-work related sites on the OFR itself? Or, I could use tcpdump on the OFR to automatically look for URLs in the traffic and build the firewall rules automatically?" I agreed that his concept would work and gave him a few words of caution about running tcpdump 24x7 :) Still, I can easily imagine running tcpdump on one core of a dual-core Intel box while the OFR ran simultaneously on the other core....

To be entirely fair, you could do something similar in a Cisco environment. My friend could setup Netflow export on his Cisco 3800 router and setup a Netflow collector such as cflowd on a Linux box. And on that Linux box he could run the same script he is developing to look at the traffic and build us the firewall rules. Then he could write another script to transfer the firewall rules with HTTP or TFTP to the Cisco 3800 and load the new firewall configuration. That seems a bit harder, far less flexible and probably more problematic than writing the script on the OFR itself.

Granted, writing scripts and tweaking code is not for the average network engineer. But, it's good to know that the extensibility and flexibility exists in the OFR. The closing thought from my friend was pretty simple, "I could never have done this directly on my Cisco 3800."

We'll see how his project turns out - a little time and some scripts could save him $20K and get us another customer!

Thursday, October 12, 2006

How not to upgrade

I was asked to help upgrade a Vyatta OFR recently and broke a number of cardinal rules about doing a router software and configuration upgrade. Granted, it's been a few years since I was personally responsible for doing a router upgrade and I figured it was like riding a bike. Well, as it turns out I may have to put back on my training wheels!

Here are the rules for upgrading a critical piece of network infrastructure like a router, especially if you want to keep your users happy:

  • Upgrade after hours
  • Test the software
  • Verify the configuration
  • Have a fallback plan

I did my upgrade during office hours when users were active on the router (although I did warn the users about the upgrade and told them to expect "a few minutes of downtime" :). I did not test the software upgrade beforehand nor did I verify the configuration. Lastly, of course I did not have a fallback plan. Bad, bad, bad, bad.

So, I took down the OFR and proceeded to load the new packages and software updates. The software came right up and all was well. Feeling good at this point.

The next step was to load up the configuration. The plan was to copy the configuration file to the OFR and away we go.... The problem was that I edited the configuration file using MS Notepad and that inserted some control characters (^M, carriage return) to each line. The OFR did not like those characters and it took me a few minutes to figure that out. Time was ticking away and the good feeling I had was waning. I tried to edit the MS Notepad using vi on the OFR (and I'm pretty good at vi). For whatever reason I was having terminal console issues (I'll just blame Hyperterm) and the editing was not going well. We were far past the "few minutes of downtime" and I did not have a fallback plan. Users were getting restless and the only plan was to go forward.

After a few more minutes of struggling to edit the configuration file and tweaking my Hyperterm settings to no avail, panic started to set in. I don't panic especially well (who does really?!?) and decided that the best plan at this point was to re-type in my configuration file manually. That task seemed a bit daunting as the OFR configuration was over 400 lines! I got started by entering my network addresses and then immediately firing up DHCP and NAT so the users could get back on-line. Once I verified that the users could get to again the panic subsided considerably. Most of the rest of the configuration was for the firewall, so we were a bit exposed for a few minutes as I frantically typed firewall configuration commands.

Nevertheless, the upgrade got done and the users are happy. Next time, I'll make sure I follow the cardinal rules. That is, if anyone ever lets me near an OFR upgrade again :)

Wednesday, October 04, 2006

Fonality acquires trixbox

Tom Keating interviews Chris Lyman, CEO of Fonality, about their acquistion of trixbox today. Trixbox, also known as Asterisk@Home, provides a .iso image that turns a PC into an IP PBX.

Here at Vyatta, we think that projects that enable people to turn commodity PC hardware into nework devices need to be applauded - so we applaud the acquisition! Like we've said before, the cat is out of the bag for proprietary networking and telephony vendors that use closed hardware and software. Why do you need proprietary hardware for most network and telephony applications when you have the power and accessability of the Intel hardware platform flooding the market? Vyatta turns a PC into a router/firewall with a bootable .iso image. Fonality now does the same for an IP PBX. Do I see a trend here?

STIRR it up

For those of you in the Bay Area, come hear me give the 60-second pitch on Vyatta at the next STIRR event in Palo Alto on October 11th. You can find more details about the event here. I hope to see you there!

And, yes, showing my age, the subject line is a Bob Marley reference :) Great song.

Monday, October 02, 2006

Network folks rejoice!

When we first started Vyatta we predicted that the market for open source networking would attract two different types of buyers, system folks and network folks. I characterized these two types of buyers back in March in this post. We released the software version of the OFR for the systems folks back in July and that has gone very well! Today, network folks, rejoice, for you got your product too! As you may have seen we announced the appliance version of the OFR today.

Another more subtle change today is the ability of our products to be purchased via our online store.

Any feedback on the store and products are always appreciated!