Category Archives: FreeBSD

LineRate’s L4-7 Pitch Tailored to Cloud

I’ve written previously about the growing separation between how large cloud service providers see their networks and how enterprises perceive theirs. The chasm seems to get wider by the day, with the major cloud shops adopting innovative approaches to reduce network-related costs and to increase service agility, while their enterprise brethren seem to be  assuming the role of conservative traditionalists — not that there’s anything inherently or necessarily wrong with that.

The truth is, the characteristics and requirements of those networks and the applications that ride on them have diverged, though ultimately a cloud-driven reconvergence is destined to occur.  For now, though, the cloudy service providers are going one way, and the enterprises — and most definitely the networking professionals within them — are standing firm on familiar ground.

It’s no surprise, then, to see LineRate Systems, which is bringing a software-on-commodity-box approach to L4-7 network services, target big cloud shops with its new all-software LineRate Proxy.

Targeting Cloud Shops

LineRate says its eponymous Proxy delivers a broad range of full-proxy Layer 4-7 network services, including load balancing, content switching, content filtering, SSL termination and origination, ACL/IP filtering, TCP optimization, DDoS blocking, application- performance visibility, server-health monitoring, and an IPv4/v6 translation gateway. The product has snared a customer — the online photo- and video-sharing service Photobucket — willing to sing its praises, and the company apparently has two other customers onboard.

As a hook to get those customers and others to adopt its product, LineRate offers pay-for-capacity subscription licensing and a performance guarantee that it says eliminates upfront capital expenditures and does away with the risks associated with capacity planning and the costs of over-provisioning. It’s a great way to overcome, or at least mitigate, the new-tech jitters that prospective customers might experience when approached by a startup.

I’ll touch on the company’s “secret sauce” shortly, but let’s first explain how LineRate got to where it is now. As CEO Steve Georgis explained in an interview late last week, LineRate has been around since 2008. It is a VC-backed company, based in Boulder, Colorado, which grew from research conducted at the University of Colorado by John Giacomoni, now LineRate’s chief technology officer (CTO), and by Manish Vachharajani, LineRate’s chief software architect.

Replacing L4-7 Hardware Appliances 

As reported by the Boulder County Business Report, LineRate closed a $4.75 million Series A round in April 2011, in which Boulder Ventures was the lead investor. Including seed investments, LineRate has raised about $5.4 million in aggregate, and it is reportedly raising a Series B round.

LineRate calls what it does “software defined network services” (SDNS) and company CEO Georgis says the overall SDN market comprises three layers: the Layer 2-3 network fabric, the Layer 4-7 network services, and the applications and web services that run above everything else. LineRate, obviously, plays in the middle, a neighborhood it shares with Embrane, among others.

LineRate contends that software is the new data path. As such, its raison d’être is to eliminate the need for specialized Layer 4-7 hardware appliances by replacing them with software, which it provides, running on industry-standard hardware, which can be and are provided by ODMs and OEMs alike.

LineRate’s Secret Sauce

The company’s software, and its aforementioned secret sauce, is called the LineRate Operating System (LROS). As mentioned above, it was developed from research work that Giacomoni and Vachharajani completed in high-performance computing (HPC), where their focus was on optimizing resource utilization of off-the-shelf hardware.

Based on FreeBSD but augmented with LineRate’s own TCP stack, LROS has been optimized to squeeze maximum performance from the x86 architecture. As a result, Georgis says, LROS can provide 5-10x more network-performance than can a general-purpose operating system, such as Linux or BSD. LineRate claims its software delivers sufficiently impressive performance — 20 to 40 Gbps network processing on a commodity x86 server, with what the company describes as “high session scalability” — to obviate the need for specialized L4-7 hardware appliances.

This sort of story is one that service providers are likely to find intriguing. We have seen variations on this theme at the big cloud shops, first with virtualized servers, then with switches and routers, and now — if LineRate has its way — with L4-7 appliances.

LineRate says it can back up its bluster with the ability to support hundreds of thousands of full-proxy L7 connections per second, amounting to two million concurrent active flows. As such, LineRate claims LROS’s ability to support scale-out high availability and its inherent multi-tenancy make well qualified for the needs of cloud-service providers.  The LineRate Proxy uses a REST API-based architecture, which the company says allows it to integrate with any cloud orchestration or data-center management framework.

Wondering About Service Reach?

At, which has 23 million users that upload about four million photos and videos per day, the LineRate Proxy has been employed as a L7 HTTP load balancer and intelligent-content switch in a 10-Gbps network. The LineRate software runs on a pair of low-cost, high-availability x86 servers, doing away with the need to do a forklift upgrade on a legacy hardware solution that Georgis said included products from “a market-leading load-balancing vendor and a vendor that was once a market leader in the space.”

LineRate claims its scalable subscription model also paid off for Photobucket, by eliminating the need for long-term capacity planning and up-front capital expenditures. It says Photobucket benefits from its “guaranteed performance,” and that on-demand scaling has eliminated risks associated with under- or over-provisioning. On the whole, LineRate says its solution offered an entry cost 70 percent lower than that of a competing hardware-appliance purchase.

When the company first emerged, the founders indicated that load balancing would be the first L4-7 network service that it would target. It will be interesting to see whether its other early-adopter customers also are using the LineRate Proxy for load balancing. Will the product prove more specialized than the L4-7 Ginsu knife the company is positioning?

It’s too early to say. The answer will be provided by future deployments.

The estimable Ivan Pepelnjak offers his perspective, including astute commentary on how and where the LineRate Proxy is likely to find favor.

Not Just a Marketing Overlay

Ivan pokes gentle fun at LineRate’s espousal of SDNS, and his wariness is understandable. Even the least likely of networking vendors seem to be cloaking themselves in SDN garb these days, both to draw the fickle attention of trend-chasing venture capitalists and to catch the preoccupied eyes of the service providers that actually employ SDN technologies.

Nonetheless, there are aspects to what LineRate does that undeniably have a lot in common with what I will call an SDN ethos (sorry to be so effete). One of the key value propositions that LineRate promotes — in addition to its comparatively low cost of entry, its service-based pricing, and its performance guarantee — is the simple scale-out approach it offers to service providers.

As Ivan points out, “ . . . whenever you need more bandwidth, you can take another server from your compute pool and repurpose it as a networking appliance.” That’s definitely a page from the SDN playbook that the big cloud-service providers, such as those who run the Open Networking Foundation (ONF), are following. Ideally, they’d like to use virtualization and SDN to run everything on commodity boxes, perhaps sourced directly from ODMs, and then reallocate hardware dynamically as circumstances dictate.

In a comment on Ivan’s post, Brad Hedlund, formerly of Cisco and now of Dell, offers another potential SDN connection for the LineRate Proxy. Hedlund writes that it “would be really cool if they ran the Open vSwitch on the southbound interfaces, and partnered with Nicira and/or Big Switch, so that the appliance could be used as a gateway in overlay-based clouds such as, um, Rackspace.”

He might have something there. So, maybe, in the final analysis, the SDNS terminology is more than a marketing overlay.

For Microsoft, China Forecast is Cloudy

Trying to discern what’s happening in China — in technology, in politics, and where the two frequently converge — is a difficult endeavor.  Much of what occurs there is reported partially, inaccurately, or not at all.  You have to read the entrails and sift the tea leaves to follow the game, and there’s always a possibility you’ll misinterpret the signals.

That’s why, with China and technology, stories seem to emerge from nowhere. Developments percolate in unseen back rooms or in secret laboratories, then they spring into the public realm, catching some people (yes, I am raising my hand) by surprise.


This morning, for instance, I read that Microsoft has struck an agreement with a Linux operating system provider, China Standard Software Co. Ltd., to  jointly develop, market, and sell solutions for China’s cloud-computing market.  According to a Microsoft press release, the two companies will jointly develop solutions that will allow customers to adopt virtualization and cloud-based IT infrastructures.  The partners will focus on certification of China Standard’s NeoKylin Linux-based operating system on Windows Server 2008 R2 with Hyper-V, creating Microsoft Systems Center management packs for NeoKylin application workloads, and incorporating support for NeoKylin within the Hyper-V Cloud architecture.

The companies also have signed a “mutually beneficial customer legal covenant agreement.”

When I read the press release, I wanted to know more about NeoKylin. There’s not a lot of background material on the Internet, but I was able to learn that the operating system first received public mention toward the end of last year. At that time, China Standard Software and China’s National University of Defense Technology (NUDT) signed a strategic partnership to launch NeoKylin as an operating system that will be used for national defense and across key strategic sectors of China’s economy.

Ironic Turn

Before the advent of NeoKylin, China Standard developed the NeoShine Linux desktop distribution, whereas academics at NUDT produced Kylin, a secure FreeBSD-based alternative to Windows and other foreign operating systems.

There’s a certain irony in today’s announcement, because it’s clear that China wants to become less dependent on Western software purveyors by developing a domestic software industry capable of delivering home-grown operating systems.

China’s IT Aspirations and Concerns

China is pursuing this strategy for two reasons. First, it wants to develop a thriving software industry that refocuses its IT efforts upmarket, from lower-value manufacturing to higher-value research and innovation. But China also is pursuing its software strategy because of security concerns, including that software from Microsoft might be used against it — perhaps through backdoors and trojans — in the event of escalating tensions with the US and the West.

In that context, let’s cast our minds back to late 2008, when Microsoft’s anti-piracy strategy, undertaken as an outgrowth of its Windows Genuine Advantage initiative, included turning Windows desktop screens black when pirated copies of the operating system were detected.   This gambit not only resulted in howls of outrage and lawsuits from Chinese consumers, but it caused China’s authorities to wonder what else Microsoft might be able to do remotely to Windows-based computers.

Earlier in the last decade, Microsoft chose to espouse a tolerant approach to software piracy in China. Microsoft wasn’t happy about the practice, to be sure, but it felt it was better to build a user base that might be persuaded to pay for the software later than to clamp down hard on piracy and drive users to Linux or other open-source alternatives.  By 2008, though, Microsoft’s heart had hardened toward software piracy, and it took a more aggressive tack, resulting in the “black screen” and renewed fears in China about dependence on Windows.

Microsoft’s Mixed Results

It also has resulted in mixed results for Microsoft. Matt Rosoff reported at Business Insider earlier this year that Microsoft derives revenue of about $1.25 billion from China — one-fiftieth of the company’s total take. Microsoft does much better in India than in China, and it believes that its China revenue could grow to $7.5 billon if the authorities there would take a harder line against software piracy.

Apparently China has other plans.

So, now, in a bid to get a piece of what apparently is a burgeoning cloud-computing market in China, Microsoft will work with an operating-system developer whose government-mandated charter is to dislodge Windows from desktops and servers spanning the country’s key industries.