Cisco Blogs

An eloquent update on NX-OS

February 18, 2008 - 5 Comments

Michael Morris who is a frequent blogger on Network World’s site just wrote this analysis of the NX-OS operating system. Michael’s Article.I agree with Michael about the VDC’s and their role as one of the key differentiating technologies in the SW stack. What is neat to analyze is, “What does it take to do this?” i.e. if another company wanted to release this type of feature and technology into their product line what would it take? In business school they would call this “sustainable competitive advantage”. Something every business wants to have :)In order to build VDCs it would generally take a complete re-architecture and redesign of the entire software stack and operating system. Given NX-OS has 6 Million lines of code (I always picture Doctor Evil from Austin Powers with his pinky at the corner of his mouth when I say this…) this would be a 3-4 year project for almost any company. They would have to implement an OS with endian-independent code, modular processes, multi-threaded processes for scalability, and the software engineering diligence to develop the stateful process restart technologies. (the diligence is the real hard part)dg

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. ‘Dave’, do want to remind you, that as a network professional web-sites and such log the IP address, its fun to see the exact same IP address posting under different names such as ‘Dave’ and ‘Brian’ within minutes of each other both with rather pointed commentary. Not that I have a problem answering it, and not to question ‘Joe’ and his experience in coding but it does help me to know what level to answer Joe at so I don’t waste his time.Lot’s of code can equal lot’s of bugs, totally agree. But implementing fully modular processes that run in the user space keeps the fault isolation within the process, especially when coupled with a separate process to check for rogue/zombie processes and then for all stateful processes implementing a checkpoint memory recovery system with separate processes for each memory state machine for stateful processes (like OSPF, EIGRP, BGP, etc) that require a memory table to be managed. Also, as we have indicated NX-OS is based on Linux. As a point of reference I would ask, is Linux stable? If we can agree ‘yes’ that a 2001 Red Hat 7.1 Linux distribution, as an example, is stable it is worth noting that it has over 30 million lines of code. Another point of reference would be that the Linux 2.6.x kernel, as an example had 5.76 million lines of code in December 2004 and grew to 6.03 million in July 2005 while at the same time ‘bugs’ declined by 2.2 percent.So I think this is illustrative of how proper SW architecture, modular coding, and the right processes in the engineering organization can lead to significant development and growth of a code-base while providing fault isolation, containment, traceability, and thus better code altogether.Hope this answers your question ‘Dave’ and ‘Brian’ and ‘Joe’. dg

  2. Joe, I am not sure how much software development you have done before, maybe a bit more in your name, email, etc would help us evaluate how to take your comment :)As is, NX-OS has a Linux core, fully multi-threaded, modular processes, stateful memory protection, XML API, command interpreter, and is endian independent. It has a compelte checkpointed memory management set of processes for all table management. This type of infrastructure is complex, but is something we had to do for storage networks in the first place and the common infrastrucutre comprises about half of the software developed.The Layer-3 code for example is another 1.5M lines of code. This includes all routing protocols, QoS, Security, etc…I am not sure what you are drawing a comparison to, if you can help us out with that am happy to answer anything I can to help clarify why building innovative software capabilities into a core network device designed for maximum uptime takes lots of software to do it right…dg

  3. Are we getting source code set for particular binary portions – AFAIK under GPL

  4. Douglas – Instead of questioning Joe’s credentials, perhaps you could answer the question without that passive-aggressive tone you’re known for?After all, lot’s of code can equal lots of bugs. For a comparison, just ask your new partner, Microsoft.

  5. Wow. Six million lines of code. I wouldn’t exactly boast about that for a network device. Six million lines of code equals sheer complexity which in turn will manifest itself in a huge number of bugs and vulnerabilities.Instead of being impressed with six million lines of code, one should be concerned.