CLOUD NETWORKING - Nanog

CLOUD NETWORKING THE NEXT CHAPTER FLORIN BALUS

COMMON APPLICATION VIEW OF THE NETWORK Fallacies of Distributed Computing 1. The network is reliable. 2. Latency is zero. 3. Bandwidth is infinite. 4. The network is secure. 5. Topology doesn't change. 6. There is one administrator. 7. Transport cost is zero. 8. The network is homogeneous. Peter Deutsch - Sun Fellow, 1994

net’wûrk’: Unspeakably huge, complex, mysterious, stuffy network thing that nobody understands* 2

* = Gluecon Keynote “Smarting the Dumb Pipes” by Ross Turk. www.youtube.com/watch?v=tjtnmwZXM0c

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

CLOUD NETWORK PERFORMANCE H. Ballani, P. Costa, T. Karagiannis, A. Rawstron, “Towards Predictable Datacenter Networks, Microsoft Research”, ACM SIGCOMM 2011, MS Research MapReduce Task

Enterprise DC

Popular Cloud

4 hours ($100)

10-16 hours ($250-$400)

Network performance can be a key obstacle to cloud adoption 3

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

DATA CENTER NETWORK VIRTUALIZATION

L2 Service Virtualization

The devil is in the details Promise of Nirvana 4

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

1st GENERATION – L2 SERVICE (VLANs) SERVER & STORAGE INFRASTRUCTURE

ISSUES & LIMITATIONS Service Appliances

DC Core Network

•  VLAN scalability •  L2 core scaling issues •  Management complexity

10.1.1.2

10.1.1.3

10.1.1.4

10.1.1.4

•  Network stability

10.1.1.3

Server & Storage Arrays

10.1.1.2

5

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

L2 NETWORK VIRTUALIZATION APPROACH (L2 over IP tunnels: VXLAN/NVGRE) SERVER & STORAGE INFRASTRUCTURE

Service Request

ISSUES & LIMITATIONS

DC GWs

•  Does not address enterprise use cases

IP Core

L2-Segment

VM

•  Bandwidth and routing inefficiencies

VM

TORs

•  Core network complexity •  Operational complexity

Storage

VMs

6

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

ENTERPRISE APPLICATIONS CURRENT NETWORK VIEW

REALITY

L2-only virtualization

L2-Segment

VM

VM Storage

7

Source: http://docs.oracle.com/cd/E12839_01/core.1111/e12037/overview.htm

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

1. REAL ENTERPRISE USE CASES Enterprise

Enterprise

VM

DC

Site A

Subnet 1

Firewall

W

W

Firewall

DMZ designs Multi-tier Applications

BL

VRF/Router

Subnet 1 VM

Subnet 2

L2 VPN Service

L3 VPN Service

VRF/Router

BL

VM

Subnet 1

VLAN 11

VM

VM

VM

VM

VM

Subnet 2 VM

DC Service

DC Service

Hybrid Clouds

L2/L3 Multi-DC - DR Services

8

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

VM

2. BANDWIDTH AND LATENCY ISSUES L3-L4 services only in certain locations (VMs or ToRs) DC GWs

L3 10

L3

L3

Core Nodes

L3 GW TORs

12

V-Switches

L3 GW L3

12 11

11 B

VMs

L3

10 Core Nodes

10 11 12

DC GWs

W

B

12 W

10

11

L3

11

TORs

11

12

L3

11

L3 GW

V-Switches

12 11

12

W

L3 GW L3

B

11

11 B

VMs

B

12 W

Centralized gateways result in sub-optimal bandwidth utilization, performance issues, and choke-points 9

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

11 B

2. BANDWIDTH AND LATENCY ISSUES Using hardware-based routers WAN Service Enterprise Site

Enterprise Site

DC

L3

L3

DC GW

WAN Service Core

VRF/Router

L2 service

TENANT 1 VLAN 12 VM

Aggregation

VLAN 11

VM

VM

VM

Access

Storage

DC Gateways fail to solve the L3 service problem 10

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

3. NETWORK COMPLEXITY Translation to L2 VLANs required

Enterprise Site

Enterprise Site

L3 VPN Service L3 VPN Service

DC GW

TENANT 1 Subnet 1 VM

VLANs Spanning Tree

Subnet 12

VM

VM

VM

Backup

Storage

VM Router

External connectivity requires VLAN toolset and configuration 11

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

Router

3. CORE NETWORK COMPLEXITY VXLAN Implementations require Multicast (PIM and IGMP) at the Core

Per-Tenant multicast group

VXLAN requires per-tenant state in the core network 12

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

4. INTERFACING TO EXISTING SERVICES OSS Nightmares Interface ?

Cloud Mgmt

SP OSS

VLAN

MPLS-based WAN Service (Administrative Domain B)

Data Center (Administrative Domain A)

Significant costs and complexity in interfacing between different operational models and administrative domains 13

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

NETWORK SERVICE REQUIREMENTS L3 Scalability

•  No per-tenant state

L2 Multi-tenancy

•  Full tenant traffic isolation

L2 & L3 Services

•  Support

VPN Service Extension

for real application topologies

• Hybrid and extended clouds

SDN Programmability

•  Rapid

service deployment

14

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

DIDN’T WE SOLVE THIS PROBLEM BEFORE?

CONTENT STORAGE & DISTRIBUTION

Issues and Limitations •  Not optimized for data center designs

SERVICE EDGE (ETHERNET, IP / MPLS)

•  Unfamiliar protocols for IT organizations

IP CORE NETWORK

But,

INTERNET

Rich toolkit of technologies and lessons learned

CLOUD STORAGE AND COMPUTE

15

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

SOLUTION: DISTRIBUTED L2-L4 SERVICES Enterprise Site Enterprise Site

WAN Service

DC PE WAN Service

Simple IP Core

VRF/Router

TENANT 1 VLAN 12 VM

VM

Network Virtualization Edge (NVE)

VLAN 11 VM

VM

L2-L4 Services Distributed on all Edge Forwarding Elements of the DC 16

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

CONTROL AND DATA PLANE INTERACTIONS Service Management

SP OSS

Cloud Management

APIs

Control Plane

MP-BGP

MP-BGP

MP-BGP

SDN/NVO3 Enterprise

Compute &

Site

Storage

Data Plane

Gateway

IP Core

MPLS VPN Services

NVO3 Tunnels NVE/OVS

17

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

MULTI-DC AND MULTI-VENDOR SERVICES Consumer Services

Enterprise Services

IP/MPLS Core MP-BGP Control Plane

BGP-MP

BGP-MP

Cloudstack

Openstack

DC

Controlled

Openstack

DC

BGP interoperability enables federation of multi-vendor cloud services 18

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

DRIVING TOWARD INTEROPERABILITY

•  IETF – NVO3 Working Group

•  Openflow Specification 1.3

-  Problem statement - 

draft-etf-nvo3-problem-statement

-  Framework -  draft-ietf-nv03-framework

-  Data plane requirements -  draft-bl-nvo0-dataplane-requirements

-  Control plane requirements -  draft-drake-nvo3-evpn-control-plane

-  Federation of SDN Controller -  draft-sb-nv03-sdn-federation 19

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

CLOUD NETWORK SERVICES RAPIDLY EVOLVING TO MEET ENTERPRISE NEEDS MPLS VPN

L2 Hybrid Clouds

L3

Virtualization

Services

Service Chain (FW,LB)

Performance SLAs

20

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.

21

COPYRIGHT © 2012 NUAGE NETWORKS. ALL RIGHTS RESERVED.