Return to  Page 1.

It's the “write once, run many” principle.

McKeown: Exactly. We wrote a paper that will be at Sigcomm this year about: Why would you do this? Why would you have a P4 front-end to Open vSwitch?

Well, today, if you want to modify the behavior of Open vSwitch, you need to be a network protocol whiz, and you need to be a kernel hacker. There's not that many people in the world that have expertise in both. There's the Ben Pfaffs that do, for sure, but there's not many that have a combination of the two. And you have to touch thousands of lines of code in multiple kernel modules. This is a scary undertaking.

To boil it down into P4, you just need to have knowledge of the protocol. You describe it once in a tiny fraction of the code — maybe a fiftieth or a hundredth of the code — and the compiler will take care of the rest of it. If the compiler is doing its job, if the protocol description is correct, the implementation should be correct. So this can hugely reduce the time to add new features into the hypervisor switch.

Or even writing a program that starts to take middlebox functions [a.k.a. Layer 4-7 appliances]. There's a big deal here that I think will emerge over time.

We're unlikely to be the ones that figure out all of these middlebox functions. It'll be the people that want to eliminate the middleboxes from their networks that are highly motivated to do this. “I'm buying this really expensive middlebox, and I'm using one one-hundredth of its features. Well, why don't I write a P4 program?” If I can write myself a program to do that, I've just saved myself — not only a lot of money, but the management of that box. [With P4], it's just part of the plumbing.

Layer 4 load balancing was kind of an obvious one, because Layer 4 load balancing is just slightly more intelligent routing. Slightly more intelligent that what the box is already doing anyway, so it should be in the forwarding [plane]. Now, with Tofino, you can do that, no additional power or cost, and it's done at full line rate. You can eliminate full racks full of middleboxes.

People will identify other things that we won't think of. That's the nature of it. Intel doesn't think of all the Java programs people write for their CPUs. We won't think of all the programs we'll write.

What do you see as the ONF's role these days? Its mission was to evangelize SDN, but that's kind of completed. What now — does the ONF become a software group?

McKeown: Not become a software group necessarily.

It was very important to clarify what was meant by the separation of the control plane from the forwarding plane. As you say, word is out. It's not news any more.

The second thing in terms of helping that happen is to make available open source software that would help people get started. So, as you've seen, the ONF is taking on more and more open source projects. It will figure out the missing pieces or help to tie together the various things that people are doing — like with  CORD and ONOS. How do you make all this stuff work together? How can you get going easier, so that if I'm a network engineer, or an operator, and I'm sitting in a lab, I can download stuff and try it?

None of these things are quite there. We're getting there. We're like the first three years of Linux. That was not a pretty time for Linux. So, ONF has a role to play in helping, and that's an almost limitless task.

There certainly is a lot of open source out there in networking, all of a sudden.  

McKeown: If you just think of the amount of open source that's appeared —

That's the downside of open source. There's a lot — you get what you wish for!

McKeown: True. But if you were to put open source and networking together 10 years ago, people would have gone: “Hm? Sorry?”

They did. Even five years ago.

McKeown: And now — I keep this viewgraph of the open source networking projects. It's this ever-increasing graph. First of all, there was Open vSwitch and a couple of other things. Then, just in the last year, look at all the open source network operating systems. SONiC and FBoss and HPE OpenSwitch — all these things are just coming out of nowhere.

The great thing is, there are some now serious undertakings. Linux got serious when companies got behind it and put serious numbers of engineers behind it. And people are doing that now: ODL [the OpenDaylight Project], ONOS — all these things are getting serious.

Does it all play well together right now? Nah, not beautifully. But now people have put serious money on the table.

And the role it's fulfilling is the necessary but non-differentiating layer, like Linux does. Nobody wants to have to develop an operating system. Everybody needs one, but nobody wants to develop it.