Carrier Grade Linux: The OS of Choice for
Next-Generation Networks
Glenn Seiler, Director of Networking Strategic Initiatives
Wind River Systems
Table of Contents
Executive Summary............................................................. 1
Introduction......................................................................... 1
Industry Consortia’s Role in the Advancement
of CGL................................................................................. 1
Setting Specifications vs. Mandating Standards................. 2
CGL’s Seven Categories of Requirements........................... 3
Wind River’s CGL Solutions................................................. 3
Looking Forward................................................................. 4
References........................................................................... 4
Executive Summary
This paper discusses the maturation of Carrier Grade Linux
(CGL) and how open source and commercial off-the-shelf
(COTS) solutions are gaining ground by providing a strategic
advantage in the telecommunications industry.
Introduction
Telecommunications service providers are rapidly moving to
build out their network infrastructure to deploy and support
new revenue-generating services. Based on widely adopted
industry standards, the IP Multimedia Subsystem (IMS) was
architected for the highest standards in reliability and
maximum scalability. This enables the infrastructure to meet
the demands of Super 3G and 4G high-bandwidth
applications for fixed and mobile communications.
Most of the network elements that make up the IMS, and
even some that reside at the edge of the infrastructure, must
adhere to rigid carrier-grade requirements that mandate
extreme high availability—levels that consistently provide
99.9999% uptime. Telecommunications equipment
manufacturers (TEMs) and network equipment providers
(NEPs) have been tasked with building the carrier-grade
network elements to support this new IP-based infra-
structure. And with global competition and increased price
pressure, companies are being prompted to find ways to
deliver cost-effective and high-value solutions.
To meet this need for high availability in a competitive market,
many equipment providers are adopting open source and
standards-based COTS hardware and software solutions.
Virtually every NEP has created plans to move its operating
systems over to Linux, and specifically to a CGL platform. A
clear indicator of the success of CGL is the adoption and
support for Advanced Telecommunications Computing
Architecture (ATCA) solutions using CGL. A recent survey
conducted by the International Data Corporation (IDC)
showed nearly 100% of the respondents that are deploying
ATCA have either adopted Linux or will do so in the very near
future.
Industry Consortia’s Role in the Advancement of CGL
Over the past five years a number of telecommunications
industry consortia and special interest groups have joined
forces to support the creation, adoption, and advancement
of standards-based solutions. It has been one of the most
successful efforts by any industry to evolve technologies.
Each one of these organizations has a very clear boundary
around what they are creating standards or requirements for;
very often, the requirements include the integration of the
other standards. As an example, the CGL specification
includes a profile for ATCA that specifies requirements that
are unique to ATCA as well as a requirement for APIs based
on the Service Availability Forum’s (SA Forum) APIs.
Three of the most influential forces contributing to the
advancement and maturity of the CGL specification are the
Linux Foundation (formerly the Open Source Development
Lab), the SCOPE Alliance, and the SA Forum. The Linux
Foundation manages the definition and prioritization of the
requirements that are included in the CGL specification. The
SCOPE Alliance creates profiles for how the equipment
providers should use a standard or specification to build
network elements. One of the biggest advancements in the
latest CGL specification, version 4.0, is the incorporation of
prioritized requirements identified in a SCOPE profile.
Basing the CGL specification on SCOPE profiles ensures that
by utilizing CGL in their solutions, equipment providers and
service providers are meeting requirements specified by the
leading equipment providers. The tight alignment and
cooperation by the industry consortia has resulted in broader How CGL Is Different from Enterprise Linux
support of CGL standards and specifications, significantly CGL is capable of being configured as embedded Linux,
accelerating the adoption of COTS solutions. supporting the cross-development of applications on a
host environment with the run-time on a target device.
Setting Specifications vs. Mandating Standards But CGL can also be used in a standard server-based
Now in the fourth generation of its evolution, CGL was configuration, installing on typical x86-based server
deliberately planned as a specification rather than a standard. blades. CGL has the advantage of being used on multiple
This designation as a “specification”—a set of agreed upon types of processor architectures, not just x86. There are
common requirements—rather than a “standard” is an also differences in how CGL handles security. Oftentimes,
important distinction and a key component of the success telecommunications devices do not even have hard drives
CGL has enjoyed since its inception in January 2002. and may need to boot from flash memory. This means
Standards tend to be binary. For example, APIs are either that a carrier-grade system often needs hardware
included in software or they are not. With a specification, a management and monitoring support. In the end, CGL is
requirement can be approached from a number of different much more flexible than an enterprise operating system
ways. This provides maximum flexibility within the open because it can be configured for any kind of network
source community, and typically the best implementation will device and networking architecture. CGL is often the
be the one that is adopted. This type of environment fosters operating system of choice for equipment providers who
innovation and drives technology forward. By design, CGL need to save costs and standardize on a single
guidelines have been created so that different Linux providers distribution for all their devices.
can meet the specification in a number of different ways.
Today there are approximately 250 requirements in the CGL
ensures that the specification is viable and can actually be
4.0 specification. Each requirement, through the help of the
implemented by Linux providers. Many of the requirements
SCOPE Alliance profile, has been separated into priorities:
identified in the CGL specification have become mainstream
P1, P2, and P3. P1 requirements are mandatory and must exist
technologies for network equipment of all kinds. In fact, many
for CGL distribution to be in compliance with the specification.
of the original top priority requirements in the earlier CGL
All the P1 and P2 requirements in the specification have at
specifications have been integrated into the Linux kernel itself.
least one project that can be found in open source. This

ID Name Category Priority

SEC. 4.6 PKI Certificate Authority (CA) Security P1
Description: OSDL CGL specifies that Carrier Grade Linux shall provide a basic PKI CA service. This service shall conform to the
IETF PKIX standards, specifically RFC 2527, 3279, and 3280. Support for the management of certification revocation lists (CRLs) is
required. Certificate management and request protocols as defined by RFC 2527, 3279, and 3280 are not requirements.
Objectives Satisfied: O.APPLICATION-TOOLS, O.NETWORK
Security Objective Description
O.APPLICATION-TOOLS The system must provide a reasonable, up-to-date set of security tools and libraries for use by
applications.
O.NETWORK The system must be able to meet its security objectives in a distributed environment.
Proof of Concept Reference
OpenSSL: www.openssl.org
OpenCA Project: http://sourceforge.net/projects/openca
pyCA: www.pyca.de
TinyCA: http://tinyca.sm-zone.net
Example of a Priority 1 Security Requirement and Proof of Concept (POC) References (Source: The Linux Foundation)

2 | Carrier Grade Linux: The OS of Choice for Next-Generation Networks

CGL’s Seven Categories of Requirements
The carrier-grade specification covers seven areas of
functionality:
1. Standards: Standards are a key requirement for driving
COTS-based applications. The Linux Standards Base (LSB)
is a set of APIs, libraries, and profiles defined by the Linux
Foundation designed to enable application binary
portability. The LSB ensures that applications written to it
will run on any CGL distribution. Another key within this
category is the specification of many key POSIX-based
standards. Since many of the current systems have
migrated to Linux from Solaris, the POSIX UNIX-based
operating system has been retained to support many of
those system calls and POSIX-based functions. Other
standards address the networking, communications, and
platform needs of carrier environments.
2. Availability: These requirements address the robustness
of a single computing node and focus on software
reliability and the elimination of single points of failure in
hardware and software. Single node requirements in this
category cover issues such as application monitoring at
the kernel level and user space and storage and volume
management, as well as the forced unmount of disks and
applications. These requirements are designed to
maintain the integrity of networking and the integrity of
the disk storage, all within a single system.
3. Clustering: The most important aspect of these
requirements is the adoption of the SA Forum Application
Interface Specification (AIS). This identifies the key areas of
a clustering system, such as membership services and
checkpointing. These types of functions ensure inclusion
of service availability APIs for application availability.
4. Security: The security category is one of the newest
additions to CGL, added in the 3.2 specification. The
primary focus of these requirements is on areas of security
that are different from those in an enterprise system. In an
enterprise system, for example, multiple users might log
on to use a customer relationship management (CRM)
application or to use an enterprise resource application.
In a carrier-grade embedded environment, especially in
the core and the edge, the type of security requirement is
very different. Instead of users, there would typically be a
black box that is only accessed by maintenance users and
administrators. Where there is concern is within
applications. By segmenting applications with wings of
security or trust zones, applications can only execute and
access certain resources. Since the threats are different,
there needs to be more security around resource
management that delineates who can actually access
different devices and different resources on the system.
3 | Carrier Grade Linux: The OS of Choice for Next-Generation Networks
5. Serviceability: Put simply, this is the ability to provide
service to a system. Telecommunications carriers
frequently say that for every $100 that they spend on high
availability, they spend $1,000 on serviceability, because
it’s one thing to keep the system up, it’s another thing to
get it back up once it’s gone down. These specifications
cover issues such as boot cycle detection when a system is
trying to reboot. If it takes too long, the reboot will fail and
another system will boot up. What’s most important is that
the system is running again as soon as possible.
Another key part of serviceability is gaining access to
application crash information and debug. It also enables
the patching of an application in the field so that the
system can either continue running or get up and running
very quickly.
6. Performance: Although key to any system, performance of
CGL functionality has certain unique characteristics.
Carrier-grade systems often have to support tens of
thousands of calls or transmit hundreds of thousands of
packets through a single network element, which requires
a high degree of responsiveness that may not be required
in an enterprise or customer resource management
system. These include the ability to provide predictable
CPU scheduling, latencies, and protection against priority
inversion. Resource scheduling and the actual scheduler
itself are very critical to a carrier-grade class of system.
7. Hardware: Although systems are including more and more
high-end multicore devices, the hardware requirements in
the specification support a range of scalability. For
example, a carrier-grade class system might actually be a
small access device that doesn’t have a lot of memory or
CPU power. A network element can range from a very
small device with only 4 or 8 megabytes all the way up to a
large core switch. CGL must support each of these
different types of devices while also providing equal
performance and scalability as systems grow. In addition,
the carrier-grade specification acknowledges that there is
not a single hardware standard that should be used. ATCA,
rack mount servers, and proprietary form factors are all
supported by the carrier-grade specification.
Wind River’s CGL Solutions
Wind River has taken a leadership position to define and
drive the advancement of the CGL specification. The
company is an active, contributing member of both the Linux
Foundation and the SCOPE Alliance.
Wind River is committed to delivering commercial-grade
solutions that conform to the CGL speciation. Wind River
Platform for Network Equipment is the first Linux distribution
to register as CGL 4.0–compliant. Platform for Network
Equipment is the most advanced and comprehensive CGL
solution available for network application developers today.
The platform is based on the 2.6.21 version of the Linux
kernel. It includes the P1 and many of the P2 and P3
requirements in the CGL 4.0 specification, as well as open
source packages for advanced networking and security.
Platform for Network Equipment is fully integrated with the
industry-leading open development environment, Wind River
Workbench.
References
Linux Foundation, http://www.linux-foundation.org/
en/Registration.
Mountain View Alliance, http://www.mountainviewalliance.org/.
SCOPE Alliance, http://www.scope-alliance.org/index.html.

Platform for Network Equipment has been integrated, Wind River, http://www.windriver.com/products/platforms/
optimized, and validated with the leading networking network_equipment/.
hardware and processor systems and platforms, as well as a
broad array of software and middleware technologies. Wind
River offers integrated solutions through partnerships with
leading companies, including Emerson, Kontron, RadiSys, Sun
Microsystems, Cavium, Freescale, Intel, Enea, GoAhead, and
OpenClovis.

Wind River has the deepest and broadest device software

experience in the networking industry. Wind River is the only
company to offer a dual carrier-grade OS solution—Linux
and VxWorks—to meet the complex and dynamic
requirements for networking. Wind River’s comprehensive
device software solutions are backed with industry best
practices, expert support, and global services capabilities.

Because of Wind River’s deep expertise in both hardware and

software support, Platform for Network Equipment has
become the platform of choice for leading industry
equipment manufacturers and suppliers. Companies such as
Nortel, Motorola, Airvana, Itatel, Avaya, and other leading
Tier 1 and 2 TEMs and NEPs have standardized their CGL
operating systems with the Wind River product.

Looking Forward
As the adoption of CGL 4.0 gains momentum and matures,
the Linux Foundation is starting to define the specification
for a 5.0 version. The great benefit of these CGL refinements
is how easily they can be introduced into current systems.
With telecommunications companies and individuals working
together with industry consortia, evolving specifications
make it easier for all the major players to work together
toward meeting a common goal: creating products that
can scale to meet growing demand for global telecommuni-
cations services.

Wind River is the global leader in Device Software Optimization (DSO). We enable companies to develop,
run, and manage device software faster, better, at lower cost, and more reliably. www.windriver.com
© 2008 Wind River Systems, Inc. The Wind River logo is a trademark of Wind River Systems, Inc., and Wind River and VxWorks are registered trademarks of Wind River Systems, Inc.
Other marks used herein are the property of their respective owners. For more information, see www.windriver.com/company/terms/trademark.html. Rev. 02/2008