Linux distribution for modern networkingplay_circle_outline Introduction to Open Networking
Switches running Cumulus Linux provide standard networking functions such as bridging, routing, VLANs, MLAGs, IPv4/IPv6, OSPF/BGP, access control, VRF, and VxLAN overlays. You can use Cumulus Linux switches in the same places you would use a switch from a traditional supplier.Read more
Cumulus Linux embodies native Linux networking. Supercharged versions of the kernel and other networking related packages encompass the latest industry thinking in networking while retaining compatibility with the full range of software available in Debian. Your favorite tools for networking and operations are an `apt-get` away; networking can easily fit into your operational framework for configuration management, authentication, monitoring, logging, and automation.Read more
From OpenSSH to authentication, Cumulus Linux keeps your switches secure by offering both standard and unique security features.
In true Linux fashion, Cumulus Linux supports a broad ecosystem of global hardware partners giving you unprecedented access to cables, optics, silicon, and systems.
Cumulus Linux allows you to build and operate the right network for your company using the mind-set of the mega-scale pioneers.
The modern data center is the supercomputer reinvented. Some call it warehouse computing for the sheer scale of the systems.
The workhorse for host networking in modern workloads, Linux continuously evolves to address bare metal, virtual machine, and container deployments with rich functionality. If you think you’re not using Linux networking already, think again. Cumulus® Linux® preserves that goodness by leveraging the latest in networking silicon to hardware accelerate the native Linux data path for switching use-cases.
This implementation presents the high speed switching ports just like a NIC, preserving the Linux abstractions for user space applications and networking constructs such as interfaces, bonding, bridging, routing, tunneling, mpls, and vrf. A device driver, aptly named “switchd”, acts as a conduit between the kernel and the underlying networking silicon. It’s that simple.
No network switch is complete without the set of protocols that allow it to play nicely with its peers. The pure Linux API affords choice amongst a broad range of protocol offerings; we started with a set that provided a good mix of function and maturity and enhance them with improved performance and relevant features. You can use the world class protocols that come with Cumulus Linux or pick your own journey without fear. As an example, we’ve spent a ton of development effort hot-rodding the Quagga routing suite, yet we have a few customers that have written special purpose routing protocols.
The Linux operations eco-system has a rich and ever-evolving set of tools, de facto data exchange formats, and platforms for deployment, configuration, monitoring, troubleshooting, and orchestration. Again, the pure-play Linux system allows these mechanisms to be easily leveraged in Cumulus Linux; native Nagios/Sensu checkers Puppet, Chef, Ansible, and Salt configuration modules; and log management frameworks can all be used out of the box. As always, standard usage of the Linux filesystems like /etc, /sys, and /proc means that any extensions are a script away.
This purity-of-approach to Linux networking enables Linux system tools to exist unmodified in Cumulus Linux; which is not true of most of our industry peers. This means that enhancements, bug fixes, and most importantly security updates are available to you as soon as they are published.
In today’s webscale-IT world, you have to ask yourself “why NOT Linux”; we did that and Cumulus Linux is our answer.
Vendors on our hardware compatibility list include: Dell, Hewlett Packard Enterprise, Mellanox, Penguin, Quanta and Supermicro.
|Layer 3 Features||
Enhanced Quagga IPv4/v6 routing suite including OSPFv2, OSPFv3, BGPv4/v6.
Virtual Routing and Forwarding (VRF)
Equal-Cost Multi-Path (ECMP) and ECMP Resilient Hashing for IPv4 and IPv6 traffic.
Bidirectional Forwarding Detection (BFD) across all platform & interface types, IPv4 and IPv6, BGP and OSPF, VXLAN.
Protocol-Independent Multicast (PIM)
|Layer 2 Features||
Bridge management with STP (IEEE 802.1d), RSTP (IEEE 802.1w), PVRST, PVST, bridge assurance, BPDU guard, BPDU filter.
VLANs, VLAN trunks (IEEE 802.1q), LACP (IEEE 802.3ad), LACP bypass, unicast/broadcast storm control, LLDP, CDP, IPv6 neighbor discovery, IPV6 route advertisement.
MLAG (clagd daemon).
IGMPv2/v3 snooping, MLDv1/v2 snooping.
Virtual Router Redundancy (VRR - Active-active first hop redundancy protocol).
L2 Gateway integration with VMware NSX
VXLAN Head End Replication
VXLAN Active-Active bridging with MLAG
Controller-less Network Virtualization with LNV
Single command line tool to configure and operate the switch (NCLU).
Native Linux management tools such as OpenSSH, SCP, FTPS.
Automated install and provisioning: zero touch install and zero touch provisioning.
DHCP, v4/v6 DHCP relays.
Authentication with LDAP, authorization with sudo NTP.
Interface configuration management (ifupdown2).
Advanced management/orchestration through third party add-on packages.
Power management for external devices with PoE and PoE+
Snapshot and Rollback of the entire system to eliminate the risk from system upgrades.
|Operating System Install & Upgrade||
Server-style upgrade/patching across minor releases, server-style process restart/termination.
Support for zero touch OS installation using ONIE loaded on industry-standard switches.
Standard mechanism for Authentication, Authorization & Accounting with TACACS+
|Monitoring & Troubleshooting||
Traditional monitoring with SNMPv2 and network specific MIBs, hardware monitoring via watchdog, analytics with SPAN, ERSPAN, ACL-based counters, DOM optics data, thermal sensors, real time queue-depth and buffer utilization reporting.
Troubleshooting with dnsutils, syslog, reachability tools, hardware inventory, log files, server-style filesystem, and merchant silicon specific commands.
Advanced troubleshooting and ease of use with Prescriptive Topology Manager.
Access control lists (ACLs) L2-L4 classification through IP/EPtables, CPU protection through hardware enforced ACL-based rate limiting , DoS control.
Classification based on Class of Service (CoS) (IEEE 802.1p) or DSCP (queuing, scheduling (DWRR and Strict Priority), buffer allocation)*.
Ingress ACL-based classification/policing.
Priority flow control and Explicit Congestion Notification
Linux is the API — Any language supported in Linux today, including scripting with Bash, Perl, Python, Ruby.
The switch hardware abstraction layer accelerates Linux kernel networking constructs in hardware including the routing table, ARP table, bridge FDB, IP/EBtables, bonds, VLANs, VXLAN bridges.
Hardware management also includes jumbo frames support and environmental management.
Forwarding Table Profiles on the ASIC allows flexible partitioning of resources.
Extended support available for Cumulus Linux 2.5