CS244 Lecture 5 Architecture and Principles

CS244 Lecture 5 Architecture and Principles Network Virtualiza/on in Mul/- tenant Datacenters, NSDI 2014. Guido Appenzeller

Background Why is SDN Happening?

CLOSED & PROPRIETARY NETWORKING EQUIPMENT Vertically Integrated Systems Have Changed Little Over the Past 15 Years Feature 1 Feature 2 Provisioning and Management Static, manual configuration Low feature velocity Proprietary Network OS Operating Systems Few API s, only CLI (closed OS) Not externally programmable Proprietary System Hardware Systems Lock-in to a particular vendor Proprietary Silicon System Silicon Slow innovation cycles Expensive, no economies of scale

CONTRAST WITH SERVER EQUIPMENT Open Architecture Choice of Vendors Innovation Velocity Low TCO Network Boot Central Configuration Automated Patch Mgmt Provisioning & Management Network Boot Centralized Configuration & Mgmt Linux Windows VMware KVM Xen Operating System Open or closed source Virtualized or bare metal Many support models Dell HP Super Micro Hardware Systems Fierce competition Branded or white box Intel AMD System Silicon Competition and rapid innovation

EVOLUTION OF SERVER PROVISIONING: 1996-2013 Server provisioning has made huge gains through automation. 1996 2013 Step 1 Step 2 Step 3

EVOLUTION OF NETWORK PROVISIONING: 1996-2013 Network provisioning has not evolved. 1996 2013 Terminal Protocol: Telnet Terminal Protocol: SSH

COMPUTE EVOLUTION NETWORKING EVOLUTION SSH

WHAT DO THESE SWITCHES HAVE IN COMMON? Arista 7050S- 64 IBM BNT Rackswitch G8264 Alcatel Lucent 6900 Juniper QFX 3500 Cisco Nexus 3064 Quanta T3048- LY2 Dell Force 10 S4810 HP5900af 48xg Edge Core AS5600-52X

WHAT DO THESE SWITCHES HAVE IN COMMON? Arista 7050S- 64 Juniper QFX 3500 IBM BNT Rackswitch G8264 Switching Chip: BRCM Trident(+) Same L2/L3 Table Sizes Same number of ACLs Same throughput Cisco Nexus 3064 Largely iden/cal feeds & speeds Alcatel Lucent 6900 Quanta T3048- LY2 Dell Force 10 S4810 HP5900af 48xg Edge Core AS5600-52X

Network Virtualization in Multi Tenant Data Centers

GLOSSARY Based on your feedback Network Virtualization Software Defined Networking Tenant Virtual Switch Network Hypervisor STTP VXLAN GRE ACL

GOALS Allow Tenants to move workloads from enterprise networks to service providers while retaining the same network configuration

How?

NETWORK VIRTUALIZATION Virtual Machine Virtual Machine Virtual Machine Virtual Network Virtual Network Virtual Network Hypervisor Network Hypervisor Physical Server Physical Network

NETWORK VIRTUALIZATION V M V M V M V M V M V M V M V M V M vswitch Hypervisor vswitch Hypervisor vswitch Hypervisor Virtual Network (via Overlay) Physical Network (via Overlay)

"The discussion of changing network infrastructure needs seemed very important, especially with regards to changing hardware. However, I m not too familiar with what exactly these changing needs are. I can t really imagine what needs an application might have of a network beyond relatively low latency and a steady link. Isn t the whole point of IP to abstract away the physical network?" -- Reid Watson

ABSTRACTIONS What abstractions do we need to provide? L2 (Switches) L3 (Routers) L4-7 (Firewalls, Load Balancers) Address Spaces Mobility for VM s, independent of subnet Bring your own IP Address Management Duplicate IP addresses IP v4 vs. IP v6

OPERATIONS Agility Network provisioning takes months Does it really take that long? Dozens of production environments.

SECURITY "Since NVP is an enabler for scaling multiple cloud computing services over the same physical network, it would be interesting to understand how security is managed.. " -- Kim Truong

VIRTUAL SWITCHES What are the differences between vswitches and pswitches? Pipelines Advantages/Disadvantages? Multicast Gateways vswitch Optimizations HW support, STTP, VXLAN Flow caches OpenFlow What are the pro s and con s of OpenFlow in this architecture?

PERFORMANCE & RELIABILITY How hard is it to build a control plane? ONIX Sharding State Replication Failover/Leader Election Nlog Example: Containers

The design uses a pre-computed data-path table to control packet forwarding on a per-flow basis, which is quite similar to source routing. On one side, it emphasizes on control and management of the virtualized network. But on the other side, it also results in heavy work load in the control cluster.... Even if the target is only medium scale enterprise network, the control algorithm seem to have un-proportional high workload. " -- Xiaoxi Zhu

BIG PICTURE: NETWORKING IS CHANGING Two major trends Overlays Traditional Networking Model Bare Metal

BIG PICTURE: VIRTUAL INFRASTRUCTURE Networking, Services, Storage, Compute Applica/ons and End Hosts Virtual Infrastructure Physical Network Infrastructure Internet L2 L3 Firewalls Load Balancers

THANK YOU!