Copyright 2013 Alcatel-Lucent. All rights reserved. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION True Potential of Network Virtualization Dimitri Stiliadis (@dstiliadis) JUNE 14 th , 2013
42
Embed
GigaOM Structure 2013: The True Potential of Network Virtualization, Dimitri Stiliadis, Co-Founder and Chief Architect
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
True Potential of Network Virtualization Dimitri Stiliadis (@dstiliadis) JUNE 14th, 2013
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
SDN: THE ACRONYM
•Open Networking Foundation (ONF):
Software Defined Networking
• Internet Engineering Task Force (IETF):
Software Driven Networking
MEF, ATIS, OMG, ETSI, …
Still Don’t kNow
• Industry cognoscenti:
Seemingly Different Network, Somewhat Debatable Notion, Spawning Dedicated Networks, Self Defined Networking,
Still Doing Nothing…
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
And then, Network Virtualization
6/21/2013
3
L2 Service Virtualization
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
And then, Network Virtualization
6/21/2013
4
Promise of Nirvana
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
And then, Network Virtualization
6/21/2013
5
The devil is in the details
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
And then, Network Virtualization
6/21/2013
6
What is Network Virtualization Network Virtualization =? Server Virtualization
What isn’t Network Virtualization
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
A Matter of Perspective
6/21/2013
7
APPLICATION-CENTRIC VIEW
“BLACK BOX”
Application attributes User Expectations
Application performance
AP
PLI
CA
TIO
NS
NET
WO
RK
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
A Matter of Perspective
6/21/2013
8
APPLICATION-CENTRIC VIEW
“BLACK BOX”
Application attributes User Expectations
Application performance
AP
PLI
CA
TIO
NS
NET
WO
RK
• Network is on the way
• No APIs
• Manual provisioning
• Must depend on network admin
• Network as Code
Application Developer View
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
A Matter of Perspective
6/21/2013
9
NETWORK-CENTRIC VIEW
“BLACK BOX”
Network Topology Protocols
Service stability
AP
PLI
CA
TIO
NS
NET
WO
RK
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
A Matter of Perspective
6/21/2013
10
NETWORK-CENTRIC VIEW
“BLACK BOX”
Network Topology Protocols
Service stability
AP
PLI
CA
TIO
NS
NET
WO
RK
• What do applications want?
• Can’t trust users
• Security
• Network stability
• Operations, tools ?
Network Admin View
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Network Guy: Didn’t We Solve This Problem Before?
6/21/2013
14
MPLS L2/L3 VPNs
Edge
MPLS VPNs operational for 15 years with 1000s of end points Rich experience and toolsets But: • Not optimized for automatic provisioning • Not scaling to data center sizes • Perception of complexity
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Network Guy: Didn’t We Solve This Problem Before?
6/21/2013
15
MPLS L2/L3 VPNs
Edge
MPLS VPNs operational for 15 years with 1000s of end points Rich experience and toolsets But: • Not optimized for automatic provisioning • Not scaling to data center sizes • Perception of complexity
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Number of endpoints
Networking for ISPs Networking for the Cloud
Nature of connections
Connection longevity
Service Requirements Simple Dynamic
Networking for Applications
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
App Guy: Bringing Network Virtualization to the DC
6/21/2013
17
Service Request
L2-Segment
VM VM VM
Hypervisor
Hypervisor
Hypervisor
Hypervisor
Hypervisor
Hypervisor
IP Network Fabric
Router VM
Confined in single administrative domains
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
App Guy: Bringing Network Virtualization to the DC
6/21/2013
18
Service Request
L2-Segment
VM VM VM
Hypervisor
Hypervisor
Hypervisor
Hypervisor
Hypervisor
Hypervisor
IP Network Fabric
Router VM
Confined in single administrative domains
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
“Step 3: Work with a partner in the AWS Partner Network (APN) to help you establish network circuits between an AWS Direct Connect location and your data center, office, or colocation environment, or to provide colocation space within the same facility as the AWS Direct Connect location. For the list of AWS Direct Connect partners who belong to the AWS Partner Network (APN), go to http://aws.amazon.com/directconnect/partners.?
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
“Step 3: Work with a partner in the AWS Partner Network (APN) to help you establish network circuits between an AWS Direct Connect location and your data center, office, or colocation environment, or to provide colocation space within the same facility as the AWS Direct Connect location. For the list of AWS Direct Connect partners who belong to the AWS Partner Network (APN), go to http://aws.amazon.com/directconnect/partners.?
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
The Design of the Right Tool
6/21/2013
27
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Properties of Network Virtualization
6/21/2013
28
Current (1st Gen)
Equivalency From an application perspective, virtual network provides same
services as before
Efficiency Statistically dominant fraction of
packets forwarded without physical network translations
Network Resource Control Controlled by physical network
Decouple services from transport Tunneling as a means of abstraction Intelligent edge ACLs, QoS, Access Control IP underlay transport Distributed L2/L3/L4 processing
App
App
App
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
But What Control Plane?
6/21/2013
34
HV
IP Transport
HV
HV App
App
App
HV
IP Transport
HV
HV
Controller
App
App
App
Large complexity of end points
Ctrl
Ctrl
Ctrl
Scale, interoperability, reliability?
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Federated SDN Controllers
6/21/2013
35
HV
IP Transport
HV
HV
Controller
App
App
App
Controller MP-BGP
?
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
But this solves a larger problem
6/21/2013
36
Edge
IP Transport
Edge
Edge
Controller
IP Network
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Overlay and Underlay
6/21/2013
37
HV
IP Transport
HV
HV
Controller
App
App
App
Lack of visibility in underlay Can lead to service disruption No means to detect or react
?
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Overlay and Underlay Event Correlation
6/21/2013
38
HV
IP Transport
HV
HV
Controller
App
App
App
!
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION
Distributed Policy Based Networking
6/21/2013
39
Edge
IP/MPLS Transport
Edge
Edge
Controller
Policy System
App
• Pull model • Application requests trigger network action • Network validates requests and assigns resources • Controllers implement in a distributed manner
Copyright 2013 Alcatel-Lucent. All rights reserved.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION