
HP announces OpenSwitch, an open-source network operating system - noplay
http://www.openswitch.net/
======
Animats
So I look at a random source file, and find:

[https://git.openswitch.net/cgit/openswitch/ops-
arpmgrd/tree/...](https://git.openswitch.net/cgit/openswitch/ops-
arpmgrd/tree/src/arpmgrd.c)

    
    
        /* Build hash key for a given vrf name and ip address */
        static int
        get_hash_key(char* vrf_name, char *ip, char *key)
        {
            sprintf(key, "%s-%s", vrf_name, ip);
            return strlen(key);
        } /* get_hash_key */
    

What could possibly go wrong?

Definitely not thinking hard about security over there.

~~~
function_seven
Ha. Kind of like PHP's function name lengths being used as a "hash" back in
the day.

But, what contexts is this function used in? Is it supposed to be one-way at
all? If not, then this is just a simple way of distributing vrf/ip pairs into
buckets. Still smells funny, though.

EDIT: This comment looks like I'm defending the implementation here. I'm not.
Seems like it'd me more uniform to just add the bytes in the vrf/IP pair and
mod them with something. Seeing a hyphen in the format string of sprintf() is
really weird, considering that just he string's length is being used.

Again, assuming this is in no way security-related, then this is just a
general, run-of-the-mill WTF.

~~~
Animats
An unchecked "sprintf" is a potential buffer overflow, especially in something
like this where the input and output string buffers are parameters to the
function.

I didn't even go looking for bad code. I was just curious to see what language
they were using. This was near the top of the first file I looked at.

The code looks like C code circa 1990. If a first glance turned up this, what
else bad is in there?

~~~
ArkyBeagle
Whether this is bad in practice depends. It is declared static, so it's just a
small helper function, not a major API entry point.

In a review, I'd call out requirements for buffer overflow detection outside
this function.

------
victorhugo31337
"OpenSwitch is a network operating system for disaggregated switches that are
built around OCP compliant hardware and that utilizes the ONIE boot loader to
install and uninstall network operating systems. It is aimed at accelerating
the transition to open networking as well as the adoption of disaggregated
data center networks."

------
readams
This is a "me too" move by HP. Open network linux already exists, already uses
ONIE, and is already a part of the open compute project.
[http://opennetlinux.org/](http://opennetlinux.org/)

This is just a land grab by HP.

------
ChuckMcM
This seems like a good, if belated, move on HPs part. Ethernet switches have
become trivial to build with off the shelf parts. If you open up the software
then you can focus on things like build quality and reliability.

~~~
ju-st
It sounds _too good_ to me. How will they make money in the Ethernet switching
sector?

~~~
jeffasinger
If this becomes the main type of switch, then HP would be in a great position
to offer integrations and consulting.

~~~
ju-st
The companies that need integrations and consulting are more likely to buy
Cisco. This open source OS will be in the "experimental" status for quite some
time.

------
victorhugo31337
How is this any better/different than Open vSwitch?

[http://openvswitch.org/](http://openvswitch.org/)

~~~
caust1c
openvswitch is simply an interface which provides the ability to
programmatically configure your network devices.

You could run it on OpenSwitch as the program/module which talks with a
controller.

~~~
illotum
More so, there's already a white box switch that runs it, Pica8 switch is
basically a Debian distro with OVS and proprietary drivers.

~~~
standel
And here is the recently announced partnership between HP and Pica8. PicOS is
certified to run on HP Altoline switches.

[https://www.sdxcentral.com/articles/news/pica8s-white-box-
os...](https://www.sdxcentral.com/articles/news/pica8s-white-box-os-gets-a-
big-name-partner-in-hp/2015/09/)

------
epistasis
The hardware compatibility list is pretty slim at the moment:

[http://www.openswitch.net/documents/user/hardware-
compatibil...](http://www.openswitch.net/documents/user/hardware-
compatibility)

~~~
mzayats
The release today is about opening it up for the community participation.
Making sure we release it early and not overbaked. So the community can shape
the direction. We wanted to have one real HW platform that would be fully
functional + Docker container image, which is being heavily used in the
development and CIT. Other Broadcom Trident II/Tomahawk based platforms would
be quite easy to support. For other ASICs, we would be glad to get their
vendors involved.

~~~
voltagex_
So I'm guessing this gear is well out of the range of the hobbyist hacker? Is
there a virtualized one I can play with instead?

~~~
umbs
Here are instructions to get started in a virtual setup.

[http://openswitch.net/documents/dev/quick-
start](http://openswitch.net/documents/dev/quick-start)

------
pm90
Their Github organization is empty, but you can see the code at:
[http://git.openswitch.net/cgit](http://git.openswitch.net/cgit).

~~~
mzayats
main repository is indeed at git.openswitch.net where it's paired with Gerrit
for code reviews (review.openswitch.net).

Github mirroring will be set up in about week.

------
you_eeeeeediot
Gonna be hard to compete with the likes of Cisco Nexus... I mean after almost
5 years of the Nexus 1000V platform they come to the table with an "open-
source" software platform to be used on hardware that no one is currently
using?

I could see this getting traction if they announced it was compatible with
some of the newer switches

~~~
epistasis
The Nexus 1000V is not really in the same category at all. This is a
replacement for NX-OS.

And honestly, I really don't know how Cisco's Nexus line is going to survive
at all. They will coast for a while on the population of Cisco certified
engineers that don't want to learn new things, but it is literally cheaper for
us to buy new hardware and support contracts than it is to renew our Cisco
support contract. _And_ the alternatives are far more capable than NX-OS for
our ops people.

The Nexus line is effectively dead, as I see it.

~~~
technion
I asked our Cisco representative to offer a competing quote against an HP
networking deal, and he responded with a quote for Cisco servers, and Ironport
mail filtering.

When I asked him what was going on, he pointed out that he only responds to
bids he can win. I told him there were no servers in that opportunity, and he
went on to discuss that, from a sales point of view, I have a better chance of
pushing servers anyway, than pricing Cisco against HP networking. That's from
one of their own guys, and it says a lot.

~~~
tw04
It says HP is trying to buy market share. That strategy doesn't tend to work
well long-term when your shareholders catch on.

~~~
epistasis
I doubt HP is losing a dime on their switch pricing, unless HP is even less
efficient than I expect them to be. Other vendors beat HP handily on price
with identical hardware specs. Cisco has gotten fat on ridiculous margins, and
it's doubtful that they will be able to survive in a marketplace where
merchant silicon drives commodity switches.

------
lifeisstillgood
As I stopped knowing anything about datacenters around 2001, can anyone tell
me what a network operating system is?

I am going to guess large high throughput switches and some degree of software
defined networks that knock putting your printers on one C-network and your
servers on another into a cock hat

Apart from raw power, is there some way I can reconfigure my network without
moving a cable that I previously could not?

(It's late, so just to be sure, I'm not trolling)

~~~
ju-st
It's just like the usual IOS or JunOS. It's just open source, thats the only
new thing I suppose. This has nothing to do with SDN.

~~~
standel
Actually, to the contrary. It's all about SDN.

It provides open interfaces to interact with the switch through several means
like OVSDB, REST API ... or CLI. OpenFlow is not supported yet although will
be in near future.

Since it's open source, it also gives you the opportunity to run other agents
in the switch control plane ... which is hardly possible with IOS or JunOS.

------
mrmondo
In my experience HP has never been good at software or networking - that their
two weak points. Will be interesting to see how this pans out.

~~~
cenal
I disagree. HP Networking is a great mid market solution.

If you want a bad network solution check out the LG IPECS line of network
gear.

------
cchip
I was recently polling for some hp Openflow switches; which are not supported
here...

Isn't this just another move to sell more switches?

Will there ever be code for some of the older MIPS based switches?

