x
Routing

Redback Beefs Up Its Router

Ericsson AB (Nasdaq: ERIC) subsidiary Redback Networks Inc. is launching its most ambitious edge router yet, hoping a combination of increased density and subscriber-related features will give it an advantage over rivals Cisco Systems Inc. (Nasdaq: CSCO), Juniper Networks Inc. (NYSE: JNPR), and Alcatel-Lucent (NYSE: ALU).

The SmartEdge 1200, announced today and set for general availability in August, is Redback's highest-density box, with 480 Gbit/s of switching capacity (that is, 240 Gigabit Ethernet feeds supported) in one fourth of a telecom rack. On a full rack basis, that appears to outdo most edge platforms on the market, with Juniper's MX960 being the notable exception. (See Redback Adds SmartEdge 1200 and Juniper Antes Up on Ethernet (Finally).)

Table 1: Density Wars
Company Platform Capacity* Size
Alcatel-Lucent 7750 SR-12 400 Gbit/s 1/3 rack
Cisco 7613 720 Gbit/s 1/2 rack
Cisco 12810 800 Gbit/s 1/2 rack
Juniper M120 256 Gbit/s 1/4 rack
Juniper MX960 960 Gbit/s 1/3 rack
Redback SE 1200 480 Gbit/s 1/4 rack
Source: Company literature
* Full duplex. That is, divide by 2 to get the number of simultaneous Gigabit Ethernets supported.


Equally dramatic is the laundry list of functions integrated. The box includes: security features such as intrusion detection, IPSec, and a firewall; a session border controller; and deep packet inspection capabilities for detecting peer-to-peer traffic. The box also includes some mobility features -- along the lines of fixed/mobile convergence --- that Redback isn't fully disclosing yet.

This has all been added to a platform that already includes Ethernet aggregation and the functions of a broadband remote access server (B-RAS). The SE 1200 uses the same operating system as other SmartEdge boxes and can use the same blades as well.

The new release shows that Redback isn't stagnating after its acquisition by Ericsson, which was completed early this year. (See Ericsson Offers $2.1B for Redback , IPTV Drives Ericsson to Redback, and Ericsson Completes Offer.)

So far, Ericsson has made good on keeping Redback's name alive and has begun intertwining its engineering efforts with that of the IP equipment firm. Those unspecified mobility functions stem from Ericsson expertise, for instance.

"It's a great step for Redback and a big win for Ericsson -- proof that Ericsson hasn't slowed them down," says Eve Griliches, an analyst with IDC .

Redback says the SE 1200 is a reaction to the number of applications that now rely on IP. Routers are being tasked to handle more jobs at once -- security, VOIP, the throttling-down of P2P flows -- and in that complexity, Redback thinks it sees a chance to outdo the industry's giants.

"It opens up the largest IP services market we've ever seen," says Arpit Joshipura, Redback's vice president of product management.

The concept isn't lost on other companies. Session border controllers, for example, are finding their way into Cisco and Juniper routers, arguably siphoning some of the market from Acme Packet Inc. (Nasdaq: APKT) and Veraz Networks Inc. (Nasdaq: VRAZ). (See Cisco Integrates Session Control and Juniper Kills Its Session Controllers.)

Griliches points out that Redback's melting pot of features is reminiscent of CoSine Communications, which also touted feature integration with its IP-based subscription management box. But it didn't work out, and CoSine eventually became better known for its agonizingly slow shutdown. (See CoSine Terminates Merger Agreement, CoSine Seeks New Blood, and Fortinet Scoops Up CoSine IP.)

CoSine's main problem was that its box slowed down if all the features got turned on, Griliches says. By contrast, Redback is claiming that the SE 1200's functions, such as security and P2P detection, will run at 10 Gbit/s without degrading the performance of the router.

"All those features are processor and memory hogs, but Redback made sure there were separate ASICs, processors, and memory carved out for each of them," IDC's Griliches says. "It also made sure each of those features happen in a certain order in the router. It's making sure that where the stuff gets processed isn't a pull on the overall system processing."

One key point is that Redback doesn't use up router slots for most of these features -- its session border controller, for example, sits on the card that handles all control-plane functions. Security and P2P detection is housed on a separate blade, and once, for instance, a P2P flow is detected, the system can forward all other packets in that flow to the appropriate linecard.

Even bypassing the features, the raw density of the box is impressive and useful to carriers, analysts say. The new box gives Redback "a huge speed and feed argument," says Andy Buss of Canalys.com Ltd.

In addition to the increased capacity, the SE 1200 will handle eight times the subscribers of its predecessor, the SE 800 -- that is, more than 500,000 subscribers, compared with 48,000 for the older box, says Redback's Joshipura. "Subscriber" in this case refers to individual services, so that one busy household running video, VOIP, and P2P downloading all at once would count as several "subscribers" inside the router.

The SE 1200 is based on a new generation of Redback-designed ASICs. New I/O cards being built for the box include one with four ports of 10-Gbit/s Ethernet, and another for 20 lines of Gigabit Ethernet. The box has 12 slots for such cards and another two reserved for controller cards.

Redback says Taiwan's national carrier Chunghwa Telecom Co. Ltd. (NYSE: CHT), which has already deployed the SE 800, will be the first operator to use the new platform. (See Chunghwa Deploys Redback Gear .)

— Craig Matsumoto, West Coast Editor, Light Reading

<<   <   Page 4 / 4
rodolg 12/5/2012 | 3:07:19 PM
re: Redback Beefs Up Its Router
in this table i only see Alcatel, Cisco , Juniper and Redback... but what about Huawei and Foundry?

In fact if we think of Smart Edge Routers we should consider the God Box of Huawei: ME60. Cisco does not have such a box like this neither Alcatel...
Have you heard about Cisco or Alcatel integrating DPI in the edge router?
ipLogic 12/5/2012 | 3:07:17 PM
re: Redback Beefs Up Its Router metroman, you touched very good point of GǣLoose couplingGǥ of people/intellect/cultures and innovationGǪ

e.g. GǣDid NetscreenGs development team got better (innovative, faster developing, profitable, motivated etc) GǣTightly CoupledGǥ under Juniper management (and interdepependent with M/T development team), or whould Netscreen guys have been better (innovative, faster developing, profitable, motivated etc) as GǣLoosely CoupledGǥ (partnership, or similar)Gǣ.

and as I understand it, seems Chambers (probably experienced with his long years m&a) is trying to solve this problem with his GǣCommand/Control->Collaboration/CommunicationGǥ philosphy, i.e. builds organisational-culture where he Gǣwants them AllGǥ Gǣthe Best of eachGǥ under one roof/logo/(collect all profits) but still GǣLoose CoupleGǥ them so that they can each Innovate/Scale/Develop in the best way without the burden (and without the limits they impose between each other) if GǣTightly CouplingGǥ them together;

(GPChambers on the CouchGǣ http://www.lightreading.com/do...
http://www.interop.com/lasvega...

and if we assume: developer-team-quality(motivation/innovation)=product-quality->

-> there you have the conclusion if you want to buy Security from Router vendor, or Routing from Security vendor; where ChamberGs phylosophy seems to be looking for a model to bring together GǣNetworking vendorGǥ by (as) loosely-coupling them together (as possible).

based on (the correctness of) this philosophy L3-Router and L4-7-Firewall should be as Loosely coupled as possible i.e. different boxes is good, or even if you put them in the same box they should Not share anything more than the Power Supply. (and even if possible let each one of them be developed by separate GǣLoosely coupledGǥ development teams, if you want to have the best of both of them)
all for the benefit to get the best of their innovation (profitablity if youGre telco, or better service if youGre subscriber)

so it comes to two issues:
- on one side we have the GǣLoose CouplingGǥ of people/cultures/intellect/innovaton;
- on the other side we have the GǣLoose CouplingGǥ of Technologies/Paradigms in this case L3 with L4-7 in the same box;


The technical part (L3 and L4-7) was touched by metroman, chook (and Mark should run this through his Interdependece model chook's N**2 problem of sub-systems in the same box)


L3 and L4-7 are fundamentally different and it is a challenge (will be dangerous) bringing them together in the same box, although it is Gǣnecessary evilGǥ to bring them somehow together to get the GǣfullySecure-fullConnectivityGǥ i.e. the ultimate goal,


1) Hw point of view: can you reuse L3 chips to do L4-7, or opposite ?
L3=IP/FIB-lookup is something else than L4-7=DPI/TCP-UDP-flow-analysis/signature/anomaly-detection, and as metroman said, reusing L3 lookup hardware for L4-7 will always bring compromise in performance to the platform that tries to combine them;
different FIB-vs-Signature match algorithms, different memory access requirements, different tree-search, different buffer requirements, (L3 does by packet where L4-7 buffers to get the full stream), L3 hierarchical addressing vs per-Flow, etc.
Router summarizes N-users->1-FIB-entry;
Firewall expands N-users*M-flows/user->M*N-Flow-table;

2) L3=IP-Router/BRAS operations is completely different than L4-7=Firewall operations
- you upgrade L3-Router sw once on 6-9(12) months, only after GǣheavyGǥ trials and tests (for 500.000 subscriber BRAS even GǣheavierGǥ);
- you GǣupgradeGǥ L4-7-Firewall Sw(signature/protocolanomaly-database) (more or less) daily, and you donGt really have the time to test or trial, but rather you are in a hurry to put that update to the box as soon as possible, before the bad-guys get you.
(Can you really ever enough test behaviour of L4-7 signatrure/protocol-anomaly under 500,000 subscribers each subscriber doing something else)

so what is the $$ price (and stress, and operations guys nerve) with the (almost daily) risk for 500,000 BRAS subscribers loosing-connectivity, if, while upgrading the Signature-database on the Firewall there might be a bug in only one of the signatures ?

3) L3=Router/BRAS run wide/global communication, (OSPF from the whole network, or BGP from other side of the world, AAA with the Radius server), where L4-7=Firewall should be GǣinvisibleGǥ to the world (bump-in-the-wire);
What happens if some OSPF, BGP, DHCP, PPP bug Gǣopens the doorGǥ to the Firewall/DPI in the same box ?
suddenly you are not just in connectivity problem, but you also lost your security that GǣshouldGǥ protect your box, and prevent the problem from increasing.

So "same box" is Ok as long as they (L3, L4-7) share no more than the chassis itself, and would be good to be developed by different, Loosely-coupled teams.

Cheers
konafella 12/5/2012 | 3:07:15 PM
re: Redback Beefs Up Its Router ipLogic, you are right on the mark. Loosely couple everything and focus each team on making the best (loosely coupled) individual widgets and you will have dominance with the best collection of widgets the market has to offer. But unfortunately you will be stuck conquering a dying market in each individual category as the larger market moves toward integration.

Who makes the best pager? The best standalone-PDA? Best pure-mp3 audio player? You get the picture. It's not about being the best. It's about offering the most integration for the best price and doing it well (e.g. RIM, Apple, etc).

Sure, the terminal market and the network market have different market forces and different needs, but you can't oppose the trend for too long.

The features that defined the so-called "god box" in optical networking (such as ethernet, MPLS, ADM, cross-connect, etc) from the bubble era are becoming the table stakes features of today.

Ideally, I respect your opinion. Practically, the business and market forces defeat good engineering practice time and time again :(

kf
ipLogic 12/5/2012 | 3:07:14 PM
re: Redback Beefs Up Its Router konafella,
also thanks for your opinon !
and I really donGt mind; as said in that video Gǣif you all agree, I have failedGǥ :-)

but the gadgets you mentioned never really worked as promissed in the first couple of generations, and as you say they were terminal market;
people donGt loose jobs if the integrated camera on the handy takes low-res pictures, but people do loose jobs if you drop 500.000 subscribers because there was bug when you updated the Signature database. (just the thought of it is creepy)

now with L3 and L4-7 in the same box ??
I don't want to blamed being against progress :-)
maybe in 3-5(7) years things change, but now there is lack of manpower to cover it. First you talk to Mr.MPLS who gives you deep dive in VPNs, but cannot spell DPI, then you have Mr.IDS who spells correctly DPI, but doesnGt know the meaning of GǣiGǥ and GǣeGǥ in iBGP and eBGP.

And you need them both (necessary evil),
but When your (integrated) network burns who do you talk to ?


ItGs just separate people (still) and if Gǣintegrated peopleGǥ doesnGt work, how will the Gǣintegrated solutionsGǥ work ?

Once (if) production of integrated Mr.MPLS/IDS starts, then we can speak integrated solutions. Would you comfortably claim yourself being Mr.MPLS/IDS ? Would someone volunteer and take this burden on his back to claim it ? it's quite a bit of learning and expertise dispersed from L3 up to L7, is it achievable for one guy ? how many of those experts you can produce ? they keep complaining that IP is complex, what will happen when L4-7 gets into the game ?

How many people you know are really experts in Sonet header, and could simultaneously comfortably chat BGP policy expressions ? versus how many people you know that are recognised experts in Only One of the above ?

And I still keep that technically L4-7 is different Hw/ASIC architecture than L3; and fully separate blades sharing just power supplies is Ok (no interaction, separate Sw releases, and no performance compromise), but nothing more than that. You just have to clearly know which one failed, and whether you call Mr.MPLS or Mr.IDS. (and the rest of the box must keep working while one of those gentlemen plays in your life network with his part of the blades)

And finally there should be one Big red GǣFirewall On/OffGǥ button that really momentarily works when things go wrong.


Do you have the swiss knife ? do you really use it for your steak ? And be honest :-) have you thrown out your (non-integrated) camera and (non-integrated) mp-3 ? I haven't... I do beleive we all will, some day ?soon?

Cheers
<<   <   Page 4 / 4
HOME
Sign In
SEARCH
CLOSE
MORE
CLOSE