Cisco IOS-XE Evolution with Dave Zacks

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

so I'm gonna talk briefly about iOS 50 evolution because the software needs to evolve along with the hardware so one of the things we've seen is we have evolved over the last few years from that classic monolithic iOS into a modular iOS it's based on top of Linux we started this evolution with iOS XE we've continued this evolution with iOS 16 and one of the key things we've delivered in ICT is I take two elements which is the ability to containerize applications alongside iOS so this becomes really important when we start thinking about running security functions other functions elsewhere in a network think about how interesting it is on your network device if you're able to containerize applications and run them on the network device alongside iOS there's a lot of good applications especially around security where you want to involve that that application a containerized function as close to a source as close to the you know the source of the issue as possible so one of the things you're going to see when Mohamed comes up after some talks about cat 9k and what we're doing there is we dramatically oversize the control plane in cat 9k we went to an intent multi-core Intel CPU we put in more memory than we need to run things like you know spanning tree and running protocols and stuff because we know that where the future is we want to be able to run containerized apps on the device we've also gone this concept of a database so what the database is really there to do is to checkpoint functions inside the device so for example if I need to restart a process the process doesn't necessary have to relearn all state a network it could store it in the the internal database and just read it when when the process restart so is the direction on that exclusively containers or is the KVM functionality still in there so it containers so the KVM functionality we had continues but we think containerized apps are much more lightweight and they're really the way to go on this type of platform and it's going to stay l XE l XE are we looking at docker as well I like C for now but we're open to doing other things with some Intel CPUs so we could potentially do whatever we want on there right now LX c is where we're going so other things you see here is we have big focus on programmability we're going to talk a lot about this later we talked about automation but we need to enable us in infrastructure now I guarantee that all of you guys have used an API in our devices the API that you've used is a CLI right as an API and the device is optimized for human to machine interaction it's great for that right it's quite good for that but it's very poor it for machine to machine interaction we changed something on a CLI of breaks your expect scripts right there's problems with that so this is why you see an emphasis from us on gang data models Netcom rest comp because we need that machine to machine proper communication channel to be able to cleanly do automation in the environment so big focus on that containerized apps talked about these before we think this is kind of going to become very important as we go forward the other thing that's really interesting is your take a look at cat Nike and I'm sure Muhammad will every emphasize this point we run the same binary iOS image across all of our cat 9k platforms have never ever done something like this before we run the exact not just it's not the same image number the same binary file that runs on a stackable that runs on a chassis and the rent on a fixed aggregator download would I put them on all yes so sync I can find it again no downloadable and put them on all your download one city qualify and most important point is you qualify one yeah I need to put in all of them okay and that cool that's phenomenal like that it's a lot of heart indicated work to do that kind of thing but we thought it we thought it was awesome so last point I'll make about count nine cakes I know Muhammad's going to feel a lot more into this is the fact that we have built-in security what we call trustworthy system throughout the solution so one of the things we really done here is done things like secure boot image integrity verification image signing to make sure the hardware and software the platform has been tampered with right that you can be sure with this system which really is the heart of your network is is trustworthy and you can trust that hasn't been compromised in some way frankly one of the things are great your attention to you here is this concept of 64-bit ASOR SLRs address space layout randomization basically is a way of preventing or making very very difficult to execute buffer overflow attacks on the device right so if I overflow buffer into the adjacent memory the adjacent memory is randomized throughout the memory structure so it's very hard to execute a buffer overflow attack with that we've made that 64-bit so I'm going to sum up there because we're out of time what I I guess a major takeaway out of all this what does all this mean it really means that this combination of programmable hardware and innovations are driving software provides flexibility and adaptability what allows the network to evolve allows them network to evolve in place so we can spend our time and our treasure creating innovations to deliver to market the customers can actually consume because it they're implementable under hardware without necessarily having to do rep in their place I mean we'd love you to implement tat 9k switches they have a whole bunch of new additional hardware innovations because we're always adding stuff as peter showed with each generation but you know we want to provide that ability for the network to evolve and what you're going to see later today is when Shawn Bordeaux comes out and talks about software-defined access you can see how we're doing that we're evolving this concept of overlay underlay and allowing us to build out of overlay control plan based on list in SDA fabric and overlay level of encapsulation based on DX plan which can carry sgt tags and virtual network information end-to-end really key for delivering use cases like segmentation in the environment and the thing that we're most proud of down here is that this flexible silicon allows for adaptability you could have bought first 3850 off the line four and a half years ago and you're going to be able to influence da on it that's pretty cool to be able to go back to people and say you made a good investment in this product just look at all the additional stuff that I can give you so I'll sum up by basically just saying a six you can tell Peter and I get pretty excited about a six paintings really the foundation for products which are foundation for solution which is how we deliver benefits and this flexible silicon we believe is a huge innovation that Cisco isn't just introducing to market we've been shipping this for four and a half years so where others might be out there making noise about things we've been delivering us for quite some time so it's really about innovation all the way at the status ACH hardware software I hope that's what you see throughout today it's innovation from the hardware software protocols solutions yeah what we call geeks be good and that's it I'll stop there thanks guys questions if we have time you said if you bought a 38 50 yes five years ago or a half four and a half years ago yep you can implement sba on it now absolutely yes yes then that cool that is cool that isn't that clock so you didn't even know you're making that good investment but you know that's one of things we're very focused on now we're always going to deliver new stuff in each generation but that backwards compatibility is a critical element of what we want to provide other other questions other thoughts we firehose you with a traumatic informational this needed to boil down the value in you know custom Asics compared to merchants silicon engine like 30 seconds or less sir what would that be I would say that the value of a custom a6 is that we're able to deliver flexibility we're able to deliver adaptability we're able to deliver that delivery investment protection that's what contra MERS you're going to care about the most and this allows the innovations that we create to actually be consumable by customers okay as opposed to if you're on merchants to look at if you're at fix silicon my message view is always going to be hey I got a great new sweater and you need to rip it replace to get that functionality you're developing custom a6 to sell lists which is no more scope we're selling faster makes to deliver more switches because we're always going to be adding new stuff with each generation but we want to make sure that the innovations that we deliver is we make this transition to being a software oriented company that the software innovations we deliver are consumable on all the hardware footprint that's out there so we get maximum of adoption and that's really key good that makes sense absolutely it's not always what sell more stuff we don't want to sell less stuff we want to sell more stuff so really we want to make sure that the stuff we're selling has that capability to adapt to the ball so rather than doing the rip and replace once you've got this new flexibility syncing your network upgrade upgrade soccer get new function upgrade software get new functionality it changes the focus of innovation in the platform which is really key now that said we're always going to deliver a new ASIC functionality - yeah with each generation

Info

Channel: Tech Field Day

Views: 7,742

Rating: undefined out of 5

Keywords: Tech Field Day, TFD, Tech Field Day Extra, TFDx, Cisco Live US, Cisco Live, Cisco Live US 2017, CLUS17, Cisco, Dave Zacks, IOS, IOS-XE, programmability, containerization, linux, network programmability, API

Id: KWuiqX4TNTA

Channel Id: undefined

Length: 8min 45sec (525 seconds)

Published: Wed Jun 28 2017