Networking can’t change its protocols. Everyone knows that BGPv4 and OSPF were designed for a different computing epoch and have limited relevance to the modern era, but we can’t change them.
Unchangeable Distributed Protocols
There are two basic architectures – centralized and distributed. Each architecture has different capabilities. Neither one is necessarily better than the other because each has trade-offs, compromises, and strengths/weaknesses.
Before SDN, all network architecture was distributed such that each device was autonomous in the whole system. Why?
- To overcome unreliable network connections
- To enable interoperability between different products and vendors
- To simplify software to small, repeatable elements
- To strive for partial operation in event of significant failure
That’s why we have protocols such as Spanning Tree, OSPF, IS-IS, and BGP. They are low power, simple, and predictable. They use basic math algorithms that can be run reliably across low-power, low-memory hardware.
Unchangeable Network Protocols
Network protocols are enormously resistant to change. Could we change the IP packet format? Unlikely, because
- ASICs that process IP handling in hardware and would need to be redesigned for new devices
- Device operating systems would require redevelopment and testing
The good news is that the IP packet format is really that important. There isn’t any need to change except to increase the size of the addressing fields, and look at how successful IPv6 adoption has been in the last 20 years. The absolute requirement to upgrade to IPv6 has been resisted at every step.
As a generic terms for all sorts of network appliances like firewalls, NAT gateways, proxies etc, middleboxes are a serious problem in the public network.
Ownership & Lifecycles
Customers keep using their network assets way past the End of Life and End of Service from vendors.
For the first time in five years, networks are getting younger. 58% of devices are now current, an 11-percentage point increase from last year. Companies are starting to refresh equipment earlier in its lifecycle. Source: Network Barometer Report 2016 – Dimension Data
The report suggests that more than 40% of network devices have been EOL or EOS by their vendor but remain deployed. After several years of increase, there has finally been a decrease.
From the same report, the software isn’t being kept up to date:
Despite the higher refresh rate, networks are getting less secure, primarily due to neglected patching. 76% of network devices have at least one known security vulnerability, the highest figure in five years, and up from 60% last year.
For whatever reason, network devices are not replaced on a regular cycle and often run for years past their intended lifespan. Without regular replacement, new protocols cannot be adopted.
Complexity, Skills & Importance
The network isn’t important. Literally. In corporate IT budgets, the network comes low on the list for ‘investment’.
Second, the network is expensive across many dimensions–acquisition, maintenance, update/operations. However you measure ROI, networking is a massive cost center (especially WAN charges and vendor maintenance).
Networks are brittle and the blast radius is huge. When something goes wrong, the business impact is likely to be substantial and is likely to affect several functions/lines of business.
These factors form a negative spiral where:
- Good people avoid networking to take more interesting roles
- Complexity increases over time as maintenance is avoided
- Brittle system failure prevents day-to-day change
The EtherealMind View
We can change small parts of the network with sufficient effort, money, and time. But a distributed system is inherently resistant to change. It’s extremely difficult to replace existing unreliable, brittle, and expensive technology.
We can tinker around the edges or make minor adaptions. Look at QUIC as an example; replacing TCP with UDP for HTTPS connection improves performance and capability by avoiding middleboxes.
More than that, its the ONLY place that the network can move forward. That’s why many SDN solutions, especially in the SD-WAN market, focus on edge appliances and use the core network for connectivity only.
We can’t change the network. We can only fiddle with the edge.