Networking

Run Linux on your Cisco router with Cisco's new AXP module

David Davis explains how Cisco's new AXP module works to allow third-party applications to run "on the router." Find out how this leap forward in "network virtualization" can be good news for net admins looking for cost-savings and other efficiencies.

Cisco has been talking about the "network as a platform" for a long time, but what does that actually mean, and what does the AXP network module have to do with it?

What is the AXP?

The Cisco Application eXtension Platform (AXP) is made up of a hardware card (three different models), modified Linux software that runs on the card, and a program for software developers. You could also say that the AXP represents "network virtualization."

In 2007, I wrote the article, "Server Virtualization, Network Virtualization, and Storage Virtualization Explained." I explained the difference between these three concepts. Server virtualization is what we all think of when we talk about "virtualization." However, what Cisco's AXP offers is network virtualization (NV). With NV, you are moving applications that typically run on a server into the network.

To make this work, Cisco AXP provides an open Linux development environment. That's right -- the AXP is a card that goes into your Cisco router and that card runs a hardened version of Linux, customized by Cisco. So, you aren't running Linux on your current Cisco router CPU, RAM, and Flash or in the IOS. You are running Linux on a card that is inserted into the router.

Once you have this card and the Linux OS, you can then run third-party applications on that platform. Think about that for a minute. What if you could run a protocol analyzer like Ethereal or an IPS like SNORT "in your router?" What if you could run WAN Compression, performance monitoring, and network management software 'in your router?" Wow -- that would be amazing!

The AXP card that goes in your router will work in Cisco ISR Routers. Specifically, the models that it works in are the 1841, 2800, and 3800 series routers. This card is a standard network module (NME) or AIM card, depending on the router you are using.

This AXP card has its own memory, CPU, and Flash HD (and GB Ethernet in the case of the NME).

AXP is the first example I've seen that really lives up to the idea of Cisco's "network as a platform" solution. With the AXP, the router becomes a platform, not only to route packets, but also to provide a platform to run any application you want -- whether it is a network-related application or an application that is tailored to your business.

What are the specs for the AXP?

AXP has its own Linux CLI, error messages, debugging, and virtualization capabilities. It can run applications in various languages -- C, Python, Perl, Java. You can even read and write router configuration through APIs and receive info about the status of the router. An application running in the AXP could know if the router was taking errors on the serial interface.

Take a look at the architecture of the AXP and how it communicates with the Cisco IOS, as shown in Figure A.

Figure A

AXP architecture

In fact, here are some examples of communications that the AXP could make to and from the Cisco IOS:

  • Network interface up / down
  • Performance issues
  • CLI command entry
  • Adjusting QoS
  • Creating dynamic WAN tunnels
  • Starting a 3G WAN interface
  • Accessing specialized devices attached to the router

In other words, you can really create and run "network-aware" applications such as: open source network monitoring; desktop and server management; tracking assets and patching PCs; unified messaging to provide call recording during WAN outages; and many specialized applications. For example, there is a doctor's office application that leverages router security and router hardware to encrypt patient data and authenticate users via hardware connected to the router. Another application works with oil companies to provide local real-time monitoring and analysis, locally on the router.

If you think about it, it really makes sense to run apps locally, and at the same time, save money because you don't have to have a server. You could choose to transmit low priority data when the network is not busy.

For more information on Cisco AXP applications, see the Cisco AXP Solutions Web page for links to applications in particular verticals : healthcare, retail, utilities, and financial services; and horizontal solutions such as remote monitoring, fax over IP, desktop and server management, workforce management, and real-time information management solutions.

If you want to write your own applications, check out Cisco's Partner Program Web page.

There are three models of the Cisco AXP: two NME cards and one AIM card.

  • The AIM card (AIM-APPRE-102-K9) offers an Intel 300Mhz processor, 256MB RAM, and 1GB compact flash storage.
  • The NME-APPRE-302-K9 NME card is a 1Ghz Intel Celeron, 512MB RM, and 80GB hard drive.
  • The NME-APPRE-522-K9 is a 1.4Ghz Intel CPU, 2GB RAM, and a 160GB hard drive.

Additionally, there are software SKU's that go with each of these products. They are: AIM-APPRE-102-K9, NME-APPRE-302-K9, and NME-APPRE-522-K9, respectively.

Keep in mind that Cisco isn't the only network virtualization solution out there. While I don't know who actually came first, I have been hearing about 3Com's Open Network (ON) Initiative long before Cisco. For more on 3Com's solution, see eWeek: 3Com Advances Open Network Initiative and the 3Com ON Network.

Why the AXP module is good for your network

I believe that Cisco's AXP solution is just the first wave of network virtualization solutions. Perhaps one day your refrigerator will be running Linux as well (maybe yours already is, I don't know). Still, as Cisco customers, we can only benefit from solutions like these. By allowing us to run specialized industry-specific applications on hardware that may be already in place, we are creating cost savings and efficiencies. Plus, when you consider the power of having network analysis application "on the network and in the routers," those applications are going to run much faster and network admins like us will gain huge benefits. I hope that you will either check out Cisco's AXP solution or at least keep an eye out for some of the amazing network virtualization solutions to come.

For more information on the Cisco AXP, see:

Want to learn more about router and switch management? Automatically sign up for our free Cisco Routers and Switches newsletter, delivered each Friday!

9 comments
fitifiti
fitifiti

Is it possible to run Connect:Direct or NDM (-i.e. an application that runs on standard linux) on AXP?

dan.aronson
dan.aronson

Virtualization is one of the hottest topics in today???s IT world for several reasons. One of which is that every major company (and many SMBs) have placed their Green Initiatives front-and-center in their corporate messaging -- and the AXP module fits beautifully into this space. Now you don't need that extra server to run your fax-over-IP, network monitoring, or call recording application. And to clarify, the larger version of the AXP will itself be virtualize-able, so you will actually be able to have a virtualized server running on within a virtualized network! So not only are you talking about a solution that is way more cost-effective, but one that also requires a mere fraction of the rack space, power consumption, and cooling than its server-based counterparts. The AXP module will definitely have its competitors ???green??? with envy.

gseto
gseto

Sagem-Interstar, the global leader in Fax over IP (FoIP) since 2002, has announced that its XMediusFAX FoIP solution is the first IP fax software platform to operate natively on the Cisco AXP platform. XMediusFAX, is also the market's first fax solution to run inside a Cisco Integrated Services Router (ISR). More info at: www.sagem-interstar.com or Cisco's AXP web page: http://www.cisco.com/en/US/prod/collateral/routers/ps9701/data_sheet_c02_459083.html

b.sikkes
b.sikkes

the concept is certainly nice and has a lot of potential, but i am wondering about the price. i couldn't find that information, anyone know something about that?

Harry.Hiles
Harry.Hiles

Overall this is very interesting and I can see a lot of potential for what is essentially a Linux server running in a router. However, not being a network engineer, I wonder about security issues related to opening up access to the IOS. What would happen if the AXP card is compromised by malware? If an AXP application crashes or has some other operational problems, how is the router affected?

dslam24
dslam24

Good read David, thanks. I am looking forward to seeing some of these in production. Hopefully they will eventually have some of these add-ons on L3 switches.

Andrew Pach
Andrew Pach

AXP is a big step forward for Cisco to open up what has been a very closed platform in terms of working directly with IOS via programming languages such as Java. I have spent many years building a product that enables Java applications the ability to read/change/update router configurations via IOS commands and AXP finally provides a more open platform to run applications such as these. I'm curious if anybody else has written their own network management applications that interface with the router directly at the IOS level and what their opinions are regarding the AXP module and how it may change the way network management applications are written in the future. Thanks for the great information! - Andrew Pach Fox Smart, Inc. www.foxsmart.com

Duncan_Bloome
Duncan_Bloome

The NME-APPRE-522-K9 lists for about $3.5K, with the software listing for about $1.5K. Your average corporate purchaser, of course, would get a significant discount. That is, of course, NOT price competitive with similar stand alone hardware (though, your average corporate purchases isn't likely to be purchasing a *server* with those specs, these days.)

ddavis
ddavis

Thanks to everyone who commented on this article! Concerning security, if the AXP were compromised then so would be the router, in my opinion, because the AXP has so much access to the router IOS. However, I am told that the AXP is a modified and hardened Linux kernel. Because of that it should be very secure. Still, security is always a very valid concern! Thanks! David www.happyrouter.com www.vmwarevideos.com

Editor's Picks