Skip Links

Network World

Michael Morris

Too Many IOS Versions, Something's Gotta Give Soon

By michaeljmorris on Mon, 06/01/09 - 1:49am.

Back when I worked in network operations at AT&T, I was (strangely) proud that I knew all the different versions, feature sets, and varieties of Cisco IOS. It was one of the things I could use quickly when dealing with bugs and outages. However, now, all the different versions of IOS are making me sick. Especially now being a manager having to deal with all of them.

Let's take a short stroll down IOS lane...

Best I can tell there are nine varieties of IOS:

  1. Regular IOS - the old warhorse running the routers.
  2. IOS for 6500s and 7600s - this is different than "regular IOS" since it has specific versions and release tracks. (12.2(33)SXI is the latest strain.)
  3. Modular IOS for 6500s and 7600s - same as above, but now "modular".
  4. IOS for 3750 and 3550s - again, IOS-like but with a completely different release model and versions.
  5. IOS XE for the ASR line - an abstracted version of IOS that runs the IOS shell in a process along with all other hardware functions.
  6. IOS XR for the BFRs
  7. NX-OS for the new Nexus line of switches - based on SAN-OS, but used in Ethernet switches. It actual has two different lines - one for the Nexus 7000 and another for the Nexus 5000.
  8. Cisco IOS for ASAs
  9. IOS for CSM, ACE, and other service blades

So, that's nine different varieties of IOS. Then, of course, you can divide each line into its various versions. In good old IOS there's the ISRs, the 7200s, and 7300s. For each hardware line there's a version line - 12.1, 12.2, 12.3, and 12.4 (or vice-versa, for each version line there is a hardware line). Inside the versions there's mainline, T-code, and special releases. There are also qualifiers like FCS, LD, GA, and GD...but, last year, those went away and now we have MD.

So, just for regular IOS, let's do some math:

4 versions * 3 hardware lines * 3 release modes * 5 qualifiers = 180 different versions

AHHHHHH!

Oh, wait, I forgot the feature sets. You know, the very clear and simple to understand different capability varieties you can order - Enterprise, Advanced Enterprise, Advanced IP Services, IP Services, Advanced Security, IP Voice, plus crypto versions. Probably a good 10 different varieties here. That brings us to 1,800 different versions....just for "regular IOS".

Now, why am I picking on Cisco? Well, it's just gotten out of control. Many will say, "Sure, it's a lot, but no one runs all of these in their networks. You only need to track some." True, my medium-enterprise network deals with only 7 out of the 9 varieties of IOS listed above! We use something in each of the nine versions except modular 6500/7600 (but that will change in a year) and IOS XR (because, alas, my boss will not give in and buy the CRS-1 for us). It's gotten too much to handle. I do not have the labor resources nor the contracting dollars to constantly research, evaluate, bug scrub, and test IOS versions in many different hardware lines. Pretty soon I will need to hire a "Software Manager" to track all the different version of code we rely on. Trust me, senior management doesn't understand, nor want to understand this problem. They just expect it to work....very well.

Cisco needs to consolidate their software lines. Come out with IOS 20.0 and announce all hardware lines (ok, 95%) will be able to run from this single code base. Set a goal of 2012. Then greatly simplify the release model with regimented, regular releases based on three modes: (1) Early Release, (2) General Release, (3) Maintenance Release. Cut the feature sets to three: (1) Base, (2) Normal, (3) Advanced. That should give us this:

1 version * 1 hardware lines * 3 release modes * 3 feature sets = 9 different versions

Much better.

Even after 21.0 and 22.0 come out, it would still only be:

3 version * 1 hardware lines * 3 release modes * 3 feature sets = 27 different versions

After three versions are out (in the example above 20.0, 21.0, and 22.0) pull the earliest release and stop updating it. That keeps the system at 27 versions.

Come on Cisco...other have/are doing it. Time to step up and simplify this for customers.

More >From the Field blog entries:

(Network) Engineering a Merger

Applying Accounting Measures to Data Networking Financial Performance

Is RTP Becoming a Favored Location for Data Centers?

Next Round of CCDE Practical Results Coming Today

Today's Incredible International Submarine Cable Systems

The Incredible International Submarine Cable Systems

  Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more.

Vendor OS Wars

0
By Lloyd Andrew (not verified) on Mon, 06/01/2009 - 3:20am.

Michael, I think Juniper could use you in their next marketing campaign. :-) I've seen so many slides about JunOS and it's single OS vs. Cisco's spreadsheet that has boxes connecting to other boxes indicating trains of IOS.

Seriously though, I couldn't agree with you more. Their software methodology is just a disaster. However in the end, I don't see too many customers saying I want to jump ship to JunOS because of this. Still too much familiarity with IOS.

Only a handful of Juniper

0
By Anon (not verified) on Mon, 06/01/2009 - 8:40am.

Only a handful of Juniper products actually share the same code base: EX, MX, M, T, J, and SRX.

Everything else runs on different code. HAHAHAHAHA... JunOS has their challenges too though. I think they are cleaning it up... I hope so.

uhhh - if by handful you mean all their routers, switches and...

0
By Anon (not verified) on Tue, 06/02/2009 - 10:59am.

All Junipers routers and switches as well as firewalls run JUNOS. There are some smaller products that don't like WAN compression but by and large everything that's important to an an enterprise runs a single train of JUNOS.

Firewalls Run ScreenOS outside of SRX

0
By ScreenOS (not verified) on Tue, 06/02/2009 - 9:57pm.

The firewalls primarily run ScreenOS, and now Juniper is trying to force its way into enterprise routing/switching by pushing JunOS in favor of ScreenOS of which sucks. ScreenOS is outsstanding and to be quite honest with as many things that i like about JunOS it is a bit cumbersome to deal with especially as a firewall.

The Netscreens and ScreenOS will soon be EOL

0
By Matthew Hoke (not verified) on Wed, 06/03/2009 - 12:23pm.

The SRX Firewalls run JunOS. We just purchased a HA pair of SRX 3600's and they are fantastic! They run the same JunOS as out EX4200's.

Moron

0
By Anon (not verified) on Sat, 06/06/2009 - 12:10pm.

Did you not read my post? Yes the SRX is what they are pushing for JunOS based FWs and they don't hold a candle to ScreenOS and have reliability issues.........

Sorry but ScreenOS was

0
By Anon (not verified) on Sat, 06/06/2009 - 10:30pm.

Sorry but ScreenOS was purchased for their feature sets, not because of their operating system. All the features from ScreenOS are being incorperated into Junos, ALGs, IDP/Deep Inspection, WebSense, stateful firewall etc. ScreenOS is easy because of their web interface plain and simple. But its also a binary based OS. Junos runs modular, and its processes run in protected memory preventing run away processes from destroying your forwarding engine.

Nobody here should doubt how easy Netscreen was to manage and use, but were not just using firewalls here folks. Its the age of the consolidated edge, firewall, router, switch, idp, applications all in one. Soon to be application acceleration but don't tell Juniper I mentioned this. Remember the DX? Speculate to see some of its features slip into Junos here soon.

Saying all Juniper routers,

0
By Anon (not verified) on Wed, 06/03/2009 - 2:44pm.

Saying all Juniper routers, switches, and firewalls run JUNOS is no more accurate than saying all Cisco routers, switches, and firewalls run IOS. JUNOS is a well-marketed, umbrella brand name for the multiple OSes that Juniper offers. If you do not believe this, try loading the JUNOS from firewall into your multichassis T1600 where you need rich BGP and MPLS support.

Low-level device drivers are

0
By Anon (not verified) on Wed, 06/03/2009 - 10:27pm.

Low-level device drivers are different for different platforms, thus you have different builds. All of the code for BGP, MPLS, LACP, etc, etc, etc is the same JUNOS code.

You wouldn't want to load all of the features for the M onto the J...

Contrast that with Cisco. Even with "IOS" across platforms features are implemented differently a lot of times. Not to mention that core devices all run different OSes.

Not so with Juniper.

You are misrepresenting the facts.

How well are you

0
By Anon (not verified) on Thu, 06/04/2009 - 1:16am.

How well are you representing IOS as the concept you describe pertains to it as well. IOS trains, 12.2S for example, have a common platform-independent code base. Snapshots of that common code base are then ported to various products that use that train as their base and have platform dependent features added -- you wouldn't want BRAS features in a switch not intended to be a BRAS, or wiring closet features in a router not intended for the wiring closet. The IOS in Catalyst switches, the 7600, and the ASR1000 all are based on the platform independent code of 12.2S.

You are perpetuating the myth of one JUNOS across the Juniper product lines; hasn't there been JUNOS, JUNOSe, JUNOS ES, ScreenOS, WXC OS, and IVE OS to name a few. Just a couple of months ago, Juniper announced the EX2500 switch -- an OEM product that does not run JUNOS. If you narrow the Juniper product line enough, you can claim that they all run JUNOS (albeit with different builds), just like if you narrow Cisco product lines enough, you can claim they run the same OS.

123next ›last »

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • You can use BBCode tags in the text.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <p> <strong> <i> <br /> <br> <ul> <ol> <li> <dl> <dt> <dd> <blockquote>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Welcome, visitor. Register Log in
About From the Field

Michael Morris is a communications engineering manager at a $3-billion high-tech company. His background is in enterprise WANs working with telcos and developing large-scale routing designs. He has worked on networks at government and corporate organizations, including networks at two Fortune 10 companies. In his current role, he leads a team of 10 engineers responsible for large-scale IT networking projects and architectural standards for data networks, storage area networks, IP telephony, contact centers, and security. Michael is CCIE #11733 and recently became one of the first three Cisco Certified Design Experts (CCDE) ever (#20080002). He has 11 years experience in networking and communications, including four years as a paratrooper in the U.S. Army. He has a bachelor's degree in MIS from the University at Buffalo and is working on his MBA from NC State University. In 2008, he was awarded the Network Professional Association (NPA) Professional Excellence and Innovation Award for his work on network architecture, templates and enterprise MPLS design.

Contact him.