Using Linux as a network device can result in many benefits. Find out what network devices are and why it’s a good idea to use Linux as one.
This is actually not an easy question to answer. In general, one can say that a network device is a piece of equipment whose main role is to forward packets or perform actions on them. While packet forwarding seems easy to understand, the actions that a packet can be a subject to differ between device types. For example, a router will (usually) route an IP packet based on a (OSI model) layer 3 header, a switch will use layer 2 for that, and a firewall can dig deeper into the packet payload. It all depends on the device and its purpose.
Traditionally network devices were dedicated pieces of hardware - of all different sizes and costs - designed and built to serve a specific purpose. But today some of that functionality can be done (and is done) by software, for example in the form of Virtual Network Functions (VNFs) or Cloud-native Network Functions (CNFs) that are deployed on standard servers.
A lot has been said and written about the advantages of virtualizing network functions. One of them is the ease of deployment. There is no need for a technician to go to a site to install and connect the device. If the servers are there the deployment is done remotely, very often in an automated way. You can see examples of deployment automation on our network professional services page.
The second reason, already mentioned, is the ability to use COTS (commercial-off-the-shelf) hardware for (almost) any function. This helps to manage vendor lock-in scenarios, because swapping an existing solution is relatively simple. This also goes well with the pay-as-you-go model, as the capacity can be increased (and decreased) easily (and often also in an automated way).
From the solution architecture perspective, the usage of Linux as a network device gives network architects more flexibility in terms of solution design. Not being limited by hardware capabilities allows for easier design of distributed systems in terms of the management, control and data planes, not only in aspects of SDNs, but also when it comes to choosing a particular solution to serve each role. See our article to learn more about Management, Control and Data Planes in a network device. This flexibility allows for choosing the platform for the function to be deployed on (like Kubernetes, OpenStack, or a public cloud). It also fosters following the Control/User Plane Separation (CUPS) model, when the Control Plane and Data Plane functions can be realized by completely unrelated elements, including open-source options.
We have already shown How to drop a packet in Linux in more ways than one, but let’s discuss now how one can forward packets, and how we can achieve high throughput in Linux, as this is a must for a network device.
As mentioned above, using Linux gives quite a broad range of possibilities when it comes to building a network solution. A network architect can decide whether a certain action on the packet should be done in the kernel space, the user space (with help of DPDK-based solutions), or maybe it is better to have it offloaded to a standard Network Interface Card (NIC), if such offload is supported, or to a SmartNIC (when custom offloading can be developed), or even to some other hardware-accelerated solution, like a GPU for example. Moreover, virtualization and containerization may even spread to physical hardware as well, so in some cases it may be beneficial to consider a custom functionality developed for a specific box. One such example can be found in our webinar: Promises of SONiC network operating system.
To complete the picture of network evolution it is necessary to mention that nowadays traditional networks and virtualized networks come together as one. With all the movement towards 5G, employing public clouds for day-to-day business, even in areas like telco where they are not a native solution, and with moving content closer to the end user, there can no longer be a line drawn between hardware and software networks. When designing a network solution, a network architect must be proficient in both traditional networks and Linux-based ones. It allows them to design solutions to best meet the requirements both from the network perspective and from the deployment & maintenance point of view, thanks to combining the best of both approaches.
Linux has had the capabilities to act as a network device for a long time. These include but are not limited to the topics mentioned in this article. Functionalities like MPLS, VRF, PBR, and dynamic routing are all supported and often in more than one way. We will cover them in detail in our future blog entries.