Cloud Networking From Theory to Practice" Ivan Pepelnjak (ip@ioshints.info) NIL Data Communications"



Similar documents
Data Center Fabrics What Really Matters. Ivan Pepelnjak NIL Data Communications

Virtual Firewalls. Ivan Pepelnjak NIL Data Communications

Automating Network Security

Skip the Transitions, Jump Straight into IPv6

OpenFlow and SDN: hype, useful tools or panacea? Ivan Pepelnjak Chief Technology Advisor NIL Data Communications

BUILDING A NEXT-GENERATION DATA CENTER

Extending Networking to Fit the Cloud

VXLAN: Scaling Data Center Capacity. White Paper

VXLAN, Enhancements, and Network Integration

Outline. Why Neutron? What is Neutron? API Abstractions Plugin Architecture

Palo Alto Networks. Security Models in the Software Defined Data Center

OpenFlow and SDN: Hype, Useful Tools or Panacea? Ivan Pepelnjak Chief Technology Advisor NIL Data Communications

Analysis of Network Segmentation Techniques in Cloud Data Centers

Software Defined Network (SDN)

Network Virtualization

OVERLAYING VIRTUALIZED LAYER 2 NETWORKS OVER LAYER 3 NETWORKS

DCB for Network Virtualization Overlays. Rakesh Sharma, IBM Austin IEEE 802 Plenary, Nov 2013, Dallas, TX

Cloud Networking Disruption with Software Defined Network Virtualization. Ali Khayam

OpenFlow and Software Defined Networking presented by Greg Ferro. OpenFlow Functions and Flow Tables

White Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc.

Roman Hochuli - nexellent ag / Mathias Seiler - MiroNet AG

Why Software Defined Networking (SDN)? Boyan Sotirov

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Using Network Virtualization to Scale Data Centers

Network Virtualization Solutions

Architecture des plates-formes IaaS Etat des lieux et perspectives

STORMY WEATHER SECURING CLOUD COMPUTING. Russell Skingsley Director of Advanced Technology Data Centre and Cloud, APAC Juniper Networks

CloudEngine 1800V Virtual Switch

A Case for Overlays in DCN Virtualization Katherine Barabash, Rami Cohen, David Hadas, Vinit Jain, Renato Recio and Benny Rochwerger IBM

SDN CONTROLLER. Emil Gągała. PLNOG, , Kraków

Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre

Lecture 02b Cloud Computing II

How To Orchestrate The Clouddusing Network With Andn

Expert Reference Series of White Papers. vcloud Director 5.1 Networking Concepts

OpenFlow/SDN for IaaS Providers

Network Virtualization for the Enterprise Data Center. Guido Appenzeller Open Networking Summit October 2011

Data Center Infrastructure of the future. Alexei Agueev, Systems Engineer

Utility Computing and Cloud Networking. Delivering Networking as a Service

Cisco Prime Network Services Controller. Sonali Kalje Sr. Product Manager Cloud and Virtualization, Cisco Systems

How To Make A Vpc More Secure With A Cloud Network Overlay (Network) On A Vlan) On An Openstack Vlan On A Server On A Network On A 2D (Vlan) (Vpn) On Your Vlan

Virtualization, SDN and NFV

VXLAN Overlay Networks: Enabling Network Scalability for a Cloud Infrastructure

CONNECTING PHYSICAL AND VIRTUAL WORLDS WITH VMWARE NSX AND JUNIPER PLATFORMS

Overlay networking with OpenStack Neutron in Public Cloud environment. Trex Workshop 2015

Data Center Network Virtualisation Standards. Matthew Bocci, Director of Technology & Standards, IP Division IETF NVO3 Co-chair

VMware. NSX Network Virtualization Design Guide

OpenFlow and Software Defined Networking presented by Greg Ferro. Software Defined Networking (SDN)

HAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer

NSX TM for vsphere with Arista CloudVision

What is SDN? And Why Should I Care? Jim Metzler Vice President Ashton Metzler & Associates

SDN v praxi overlay sítí pro OpenStack Daniel Prchal daniel.prchal@hpe.com

Secure Cloud Computing with a Virtualized Network Infrastructure

CLOUD NETWORKING FOR ENTERPRISE CAMPUS APPLICATION NOTE

Nuage Networks Virtualised Services Platform. Packet Pushers White Paper

Network Virtualization with Dell Infrastructure and VMware NSX

Software Defined Networking A quantum leap for Devops?

CERN Cloud Infrastructure. Cloud Networking

Underneath OpenStack Quantum: Software Defined Networking with Open vswitch

Implementing and Troubleshooting the Cisco Cloud Infrastructure **Part of CCNP Cloud Certification Track**

Network Virtualization for Large-Scale Data Centers

VMware Network Virtualization Design Guide. January 2013

Architecting Data Center Networks in the era of Big Data and Cloud

CLOUD NETWORKING THE NEXT CHAPTER FLORIN BALUS

May 13-14, Copyright 2015 Open Networking User Group. All Rights Reserved Not For

WHITE PAPER. Network Virtualization: A Data Plane Perspective

White Paper. Advanced Server Network Virtualization (NV) Acceleration for VXLAN

Datacenter Network Virtualization in Multi-Tenant Environments

VMware NSX Network Virtualization Design Guide. Deploying VMware NSX with Cisco UCS and Nexus 7000

Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud

Multitenancy Options in Brocade VCS Fabrics

Ethernet-based Software Defined Network (SDN) Cloud Computing Research Center for Mobile Applications (CCMA), ITRI 雲 端 運 算 行 動 應 用 研 究 中 心

Network Virtualization and Software-defined Networking. Chris Wright and Thomas Graf Red Hat June 14, 2013

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Visibility into the Cloud and Virtualized Data Center // White Paper

Cloud Networks Uni Stuttgart

Quantum Hyper- V plugin

Software Defined Networking using VXLAN

Bring your virtualized networking stack to the next level

Using SouthBound APIs to build an SDN Solution. Dan Mihai Dumitriu Midokura Feb 5 th, 2014

Simplify IT. With Cisco Application Centric Infrastructure. Barry Huang Nov 13, 2014

ConnectX -3 Pro: Solving the NVGRE Performance Challenge

SDN and Data Center Networks

Softening the Network: Virtualization s Final Frontier

CS244 Lecture 5 Architecture and Principles

Understanding Cisco Cloud Fundamentals CLDFND v1.0; 5 Days; Instructor-led

Accelerating Network Virtualization Overlays with QLogic Intelligent Ethernet Adapters

Cisco Virtual Security Gateway for Nexus 1000V Series Switch

Aerohive Networks Inc. Free Bonjour Gateway FAQ

Multi-Tenant Isolation and Network Virtualization in. Cloud Data Centers

Networking in the Era of Virtualization

Software Defined Environments

Definition of a White Box. Benefits of White Boxes

Open Source Network: Software-Defined Networking (SDN) and OpenFlow

How Linux kernel enables MidoNet s overlay networks for virtualized environments. LinuxTag Berlin, May 2014

Connecting Physical and Virtual Networks with VMware NSX and Juniper Platforms. Technical Whitepaper. Whitepaper/ 1

Creating Overlay Networks Using Intel Ethernet Converged Network Adapters

SOFTWARE DEFINED NETWORKING: INDUSTRY INVOLVEMENT

Cisco Virtual Topology System: Data Center Automation for Next-Generation Cloud Architectures

Transcription:

Cloud Networking From Theory to Practice Ivan Pepelnjak (ip@ioshints.info) NIL Data Communications

Who is Ivan Pepelnjak (@ioshints) Networking engineer since 1985 Consultant, blogger (blog.ioshints.info), book and webinar author Currently teaching Scalable Web Application Design at University of Ljubljana Focus: Large-scale data centers and network virtualization Networking solutions for cloud computing Scalable application design Core IP routing/mpls, IPv6, VPN 2 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

Disclaimers This presentation is an analysis of currently available virtual networking architectures It s not an endorsement or bashing of companies, solutions or products mentioned on the following slides It describes features not futures The crucial question: Does It Scale? 3 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

Cloud Services Taxonomy 101 SaaS Web application (PHP/Java/Ruby) PaaS Scripting environment DBaaS Web server Database Interesting: IaaS Others run over TCP Key ingredients Scalability Orchestration On-demand Storage-aaS (S3) Operating system IaaS CPU/RAM File system Storage-aaS (EBS) Block Storage 4 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

What IaaS Service Will You Offer? What is your added value? Differentiator from Amazon and Rackspace? Enterprise apps or new-world (scale-out) apps? Low-cost or feature-rich? Technical questions: Simple compute capacity or app stack support? TCP or UDP cloud? IP Multicast support? 5 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

IaaS Lite: Multi-Tenant Isolation Making life easier for the cloud provider Customer VMs attached to random L3 subnets VM IP addresses allocated by the IaaS provider Predefined configurations or user-controlled firewalls Multi-tenant isolation options Packet filters (ex: iptables) Private VLANs in vswitch Virtual firewalls? Host Xen/KVM/Containers Scalability: unlimited (see also: Internet) 6 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

What Customers Want Outside Web servers App servers DB servers Requirements Multiple logical segments Load balancing and firewalling Usually one NIC per VM Unlimited scalability and mobility Implementation decisions VM mobility? L2 or L3 segments? Support for IP MC and L2 flooding? Virtual or physical appliances? 7 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

Solution Space and Scalability Scalability VLANs VM-aware Networking (Arista VM Tracer) Edge Virtual Bridging (EVB, 802.1Qbg) vcdni VMware (L2 over L2) EVB with PBB/SPB (L2 over L2) VXLAN (Cisco) / NVGRE (Microsoft) L2 over IP Nicira NVP (L2 over IP + Control Plane) Amazon EC2 (IP over IP + Control Plane) 4096 segments Emerging Theoretical No control plane 8 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

Architectural Models VLANs: Stupid edge + Stupid core Stupid edge + Smart core VM-aware networking, EVB (802.1Qbg) With sufficient thrust, pigs fly just fine RFC 1925 Can we afford the fuel costs... And who wants to fly pigs anyway? Randy Bush Smart edge + simple core vcdni (L2 core), VXLAN, NVGRE, Nicira NVP, Amazon End-to-end protocol design should not rely on the maintenance of state inside the network RFC 3439 9 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

VLANs: Bridging Has Failed Before Your vendor has a solution: Two core switches and MLAG aggregation: ~ 1900 ports (Arista) QFabric Juniper (~ 6000 ports) FabricPath Cisco (over 10K ports) Reality checks: VMware vds supports 350 hosts (Nexus 1000V: 64) We still have only 4K VLANs L2 network = single failure domain You can run away from Spanning Tree, but broadcasts will eventually kill you 10 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

VXLAN/NVGRE: Where Is Control Plane? L2 (Ethernet) vsphere 5 host vds port group VNI: 1 VNI: 2 VXLAN VXLAN VNI: 2 VNI: 3 VXLAN Nexus 1000V VMkernel interface VTEP IP UDP IP / IP-MC VTEP IP IP network Virtual L2 segments over L3 transport UDP/LISP- or GRE-based encapsulation Dynamic MAC learning with L2 flooding over IPMC Large broadcast domains or enormous amount of (*,G) and (S,G) state Dynamic MAC learning through flooding does not scale 11 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

Open vswitch With Nicira NVP (OpenFlow) L2-over-IP with control plane OpenFlow-capable vswitches IP tunnels (GRE, STT...) MAC-to-IP mappings downloaded with OpenFlow Third-party physical devices Benefits No reliance on flooding No IP multicast in the core Open vswitch Xen/KVM IP network Open questions L2 flooding within the virtual subnets (ARP proxy?) GRE OVSDB Xen/KVM OF 12 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

Rule-of-Thumb Guidelines 100s tenants, 100s servers à VLANs 1000s tenants, 100s servers à vcdni or Q-in-Q Few tenants per server à VM-aware networking Few 1000s servers, many tenants à VXLAN / NVGRE More than that à L2 over IP with control plane Scale low-end solutions by splitting DC in availability zones 13 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

First Steps Start: Business requirements and service definitions Build-or-buy decision Select the orchestration tools è might dictate hypervisors and networking technologies Finally: Design the network First time: Get help 14 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

Reference: Virtualization Webinars Coming in 2012 Coming in 2012 vsphere 5 Update Virtual Networking Security Spring 2012 VXLAN Deep Dive OpenFlow VMware Networking Cloud Computing Networking Introduction to Virtualized Networking Availability Live sessions Recordings of individual webinars Yearly subscription Other options Customized webinars ExpertExpress On-site workshops Inter-DC More information FCoE has @ very http://www.ipspace.net/webinars limited use and requires no bridging 15 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

Reference: Blogs and Podcasts Packet Pushers Podcast & blog (packetpushers.net) The Cloudcast (.net) Network Heresy (Martin Casado, Nicira) RationalSurvivability.com (Christopher Hoff, Juniper) High Scalability Blog it20.info (Massimo Re Ferre, VMware) NetworkJanitor.net (Kurt Bales) BradHedlund.com (Brad Hedlund, Dell Force 10) Yellow bricks (Duncan Epping, VMware) Twilight in the Valley of the Nerds (Brad Casemore) blog.ioshints.info & ipspace.net (yours truly) 16 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

Questions? 17 ipspace.net / NIL Data Communications 2012 Cloud Networking From Theory to Practice

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information