Cisco Blogs

Cisco Open Network Environment, Explained

June 13, 2012 - 0 Comments

Let’s cut to the chase–you have probably wondering “what is Cisco going to do about SDN and OpenFlow?”

Well, probably more than you expect, but before we get into that, I would respectfully suggest you are asking the wrong question.

Cisco Open Network Environment (Cisco ONE) was created to deliver a specific capability to our customers: providing direct programmatic access to Cisco infrastructure.  As we were vetting this concept with customers, two things quickly became apparent: 1) customers were extremely receptive to the concept and 2) there was a was wide variance in what customers were looking for.  It turned out that OpenFlow and what ONF defines as SDN (in essence control plane/data plane separation) represented one approach to network programmability, but other customers were looking for to accomplish things that had nothing to do with control plane/data plane separation.  For example, we see a number of universities asking for the typical OpenFlow/SDN functionality to support their R&D environments and for “network slicing”.  We talked to service providers who viewed programmability as the ability to run their own code on a box–say a custom-tuned version of BGP.  Finally, we talked to hyperscale data center operators who viewed programmability as the ability to get direct programatic access into the switching silicon to pull very specific and detailed information–say the port error counters–that they could fed directly into their homegrown OAM tools. At the end, it was clear we need to offer OpenFlow and SDN capabilities but we also needed to deliver more–hence the broader, more technology-agnostic concept of network programmability. So, I would offer that, instead, it might be better to ask “What is Cisco doing to make the network more programmable?”

The answer is, with Cisco ONE, quite a bit, actually.  At its essence, Cisco ONE allows you to build upon the things that already work with your network (scale, availability, security, etc) and add the programmability you need to help you deal with things like cloud. mobility, etc with more agile infrastructure, simpler operations and application awareness.

Cisco ONE has a three-fold strategy behind it:

1) Harvest Network Intelligence through deep full-duplex programmatic access to Cisco devices and software

  • A rich set of APIs and development kits across IOS, IOS-XE and NX-OS
  • Tie together analytics and policy/orchestration

2) Explore emerging technologies through joint partnerships with industry, academia and standards-bodies

  • Early stage SDN controllers and OpenFlow agents
  • OpenStack for cloud computing

3) Build Scalable multi-tenant cloud infrastructures with operational experience between physical and virtual

  • Consistent environment across physical and virtual for L2-7 with sophisticated policy
  • Flexible deployment options

With this strategy, we have the ability to give customers the flexibility to pick and choose from the three major deployment models for programmability that we see in the marketplace:

The left pillar is for those folks that are happy with their infrastructure and capabilities of their existing infrastructure, but want to layer on the programmability they need to address new application needs.  The middle pillar is for folks that want to play with agents and controllers and explore things like control plane separation.  Finally, the right pillar is for those folks that really want to abstract away their infrastrcture altogether as they look to deploy things like cloud and virtualization.  Bear in mind, there is no “one right answer” here–its more a matter of finding the right tools for the problem at hand.

With Cisco Open Network Environment, we have incorporated all three pillars together into a single, flexible framework for delivering programmability.

A couple of things worth pointing out about Cisco ONE. First, behind it is the a portfolio with unmatched breadth.  Few if any companies are in a position to draw on leadership potions in hardware and software, physical and virtual environments, and both network and compute infrastructure. Second, the underlying approach provides a much more granular view of the network–this allows developers much finer control as well as the ability to pull much greater and more detailed information.

Underpinning Cisco ONE, today, we announced technologies in three areas:

one Platform Kit (onePK)

Cisco One Platform Kit (onePK) enables software developers to access, extend or customize the rich set of software functionality provided by Cisco routers and switches.  OnePK provides an API along with training, documentation, support and a tool chain.  Developers will have access to complete libraries for data path, policy, routing, element, discovery, security and management functions.

Controller and Agents

As part of the Cisco ONE announcement, Cisco will be release proof-of-concept OpenFlow agents and a proof of concept SDN controller.  These are released specially for the folks out there that want to experiment with SDN and OpenFlow.  They also provide us with a basis to work with customers to understand what they will need as they look to deploy real-world solutions.

Virtual Overlay Solutions

In this space, we will continue to build upon the strength of the Nexus 1000V, which has been shipping for a few years and has racked up over 6,000 customers and proven itself in production environments.  In terms of enhancements to the N1KV, we are announcing a number of things:

  • Broader hypervisor support –in addition to vSphere and Hyper-V, we are announcing support for open source options, both Xen and KVM
  • Northbound interfaces–integration into OpenStack via the Quantum API and RESTful interfaces
  • A VLAN/VXLAN gateway to seamlessly link existing physical VLANs with virtualization-driven VXLAN
  • More sophisticated support for virtualized services with vPath 2.0, especially a cool technology called service chaining
So, I am hitting about 900 words, here, so I think I will wrap things up for this post–for those of you reading this, thanks for sticking with me.  In terms of getting more info, keep watching this space, I’ll continue to dig into ONE over the next few days.  Beyond that, check out these links:

Finally, if you are here at CiscoLive in San Diego, you can see a lot of this technology in action (and maybe win an iPad in the process):

  • Network Fault Diagnostics (MTU mismatch): An example of how tools can be built with onePK to quickly identify and resolve network problems.
  • Routing for Dollars: Another example of how the information exposed by onePK can be used to adjust routing policy using different mechanisms from traditional routing protocols.
  • Cisco Nexus 1000V on OpenStack with KVM: See the Nexus 1000V integrated into OpenStack, running on top of KVM.
  • Campus Slicing: See how to partition a production network into logically isolated subsystems, or slices, while maintaining consistent policy enforcement across the slices through integration with conventional network policy and security managers.
  • Topology Independent Forwarding: How to execute network forwarding plane changes across physical network devices using a centralized logical topology view of the network and a flow spec based policy scheme.
  • Application Slicing, FTP Example: Demonstrates the ability to slice a network based on specific application characteristics.
  • Hadoop Optimization: Learn about the automation of the otherwise static identification and management of data block placement within the Hadoop Rack Awareness activity.

Anyway, that’s it for now. I would love to hear your comments and questions and definitely stay tuned for more details.


In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.