Advancing Software Defined Networking Simplifying Datacenter Network management Improving Network...

Rethink networkingWindows Server 2012 R2Andrew McMurrayTechnical Evangelist – Windows@MaccaMSOz

Advancing Software Defined

Networking

Simplifying Datacenter

Network management

Improving Network

Performance

Delivering Continuously

Available Applications

Scenario summary

Networking in the Hybrid

Cloud

Just the facts

Delivering Continuously Available Applications

Advancing Software Defined Networking

Hyper-V Extensible Switch

Hyper-V Network Virtualization

DHCP FailoverSMB Multichannel

Quality of Service

Simplifying Datacenter Network

Management

IP Address Management (IPAM)

Remote Live capture

Network Management using

Virtual Machine Manager

Network Monitoring using

Operations Manager

Microsoft Windows PowerShell

Networking in the Hybrid Cloud

Extending to Azure

Extending to Service Providers

Cross premise connectivity

Improving Network Performance

vRSS

Single Root I/O Virtualization (SR-

IOV)

NIC Teaming

SMB Direct (RDMA)

Dynamic VMQ

Inbox HNV GatewayVirtual Machine

Manager Enhancements

Windows Server 2012 R2: Overview

Server virtualization

Windows Server 2012 R2 capabilities

Storage Networking

Web & application platform

Access & information protection

Virtual desktop infrastructure

Server management & automation

IT demands

Windows Server 2012 R2 delivers

Simplified use of network resources in a multi-tenant, cross-premises environment

Continuously available and resilient network infrastructure

Greater control and more extensibility

Software-defined network infrastructure.

• Hyper-V Network Virtualization and multi-tenant site-to-site VPN gateway inbox

• Standards-based switch configuration

High-performance networking.

• Single root I/O virtualization with support for live migration and HA

• NIC teaming with increased load-balancing performance

Improved manageability and diagnostics.

• Resource metering

• Virtual IP address management

• QoS management

• DNS traffic management

Hybrid networking with breakthrough levels of flexibility and performance

Networking

Open, Extensible and Standards based

Built-in and production ready

Innovation in software and hardware




Inbox Gateway

Management with System Center Virtual Machine Manager

Customer problems with networking

BACKGROUND• Network virtualization lags behind compute and

storage• Administration within the data center may be

soiled

THE CHALLENGES• Physical network configuration is not flexible• Workloads tied to underlying hardware

configurations• Configuration changes are manual and

cumbersome• Diverse network infrastructure requires vendor-

specific management and control• Greater VM mobility and density difficult to

achieve

VLAN tags

AggregationSwitches

VMs

ToRToR

What is Software Defined Networking?Enables software to dynamically manage the network by:

Enabling integrated policies that span physical and virtual networks

Abstracting workloads from the physical network

Controlling datacenter traffic flow

Abstracting Workloads Controlling TrafficIntegrating Policies

What the Hyper-V Switch does:

Provides L2 layer connectivity for VMs

Extends the network edge to the host

FeaturesIsolation

Traffic Shaping

Security

Diagnostics

Switch Extensibility

Physical Network

Hyper-V Host

Virtual Switch

VM NIC VM NIC

Virtual Machine Virtual Machine

Physical NIC


Hyper-V Switch as the policy edge

Host NIC


Hyper-V Extensible Switch architecture

• Extends virtual switch functionality by adding switch extensions

• Provides open platform supporting third-party plug-ins to add functionality

• Lets customers manage virtual network the same way they would manage a physical network

• Helps monitor the security of virtual machine to virtual machine traffic

• Provides unified management and enforcement of plug-ins with Virtual Machine Manager across entire datacenter

• Includes NDIS filter drivers, WFP callout drivers, Ingress filtering, Destination lookup and forwarding and Egress filtering extensions

Parent Partition

Extension C

Extension D

Extension A

Extension Miniport

Extension Protocol

Virtual Switch

Capture Extensions

Filtering Extensions

Forwarding Extension


VM NIC VM NIC


Physical NIC

Host NIC

Extending the Extensible Switch

Hyper-V Extensible Switch architecture

Parent Partition

Extension C

Extension D

Extension A

Extension Miniport

Extension Protocol

Virtual Switch

Capture Extensions

Filtering Extensions

Forwarding Extension

VM NIC VM NIC


Physical NIC

Key Features

• Extension monitoring & uniqueness

• Extensions that learn VM life cycle

• Extensions that can veto state changes

• Multiple extensions on same switch

• VMM for Unified Management

Several Partner Solutions Available

• Cisco – Nexus 1000V & UCS-VMFEX

• NEC – ProgrammableFlow PF1000

• 5nine – Security Manager

• InMon - SFlow

Build Extensions for Capturing, Filtering & Forwarding


How network virtualization works• Overlays multiple virtual networks

on shared physical network

• Uses industry standard General Routing Encapsulation (NVGRE) protocol

Problems solved• Creates VM mobility across

datacenter, hoster cloud or Azure without network constraints

• Provides ability to import customer IP addresses and network topology

• Helps remove VLAN constraints

• Helps eliminate hierarchical IP address assignment for virtual machines

Abstracting workloads with Hyper-V Network Virtualization

Physical server Physical network

VIRTUALIZATION

Blue virtual machine

Yellow virtual machine Blue network Yellow network

Abstracting WorkloadsControlling Traffic Integrating Policies

• Tenants with overlapping IP Address range share same physical network

• Policies enforced at host level using PowerShell or System Center Virtual Machine Manager

• DHCP servers can be part of virtualized network to enable locally assigned IP addresses

• Supports guest clustering

SQL Server Web

Orange sees

SQL Server Web

Blue sees

SQL Server SQL Server Web Web

Hyper-V 2Hyper-V 1

192.168.2.12192.168.1.10

10.1.1.1

192.168.1.10

10.1.1.2

192.168.2.12What’s really happening

192.168.n.n

PROVIDER ADDRESS SPACE (PA)

10.1.1.1 192.168.1.10

10.1.1.2 192.168.2.12

10.1.1.210.1.1.1

10.1.1.1 10.1.1.2

CUSTOMER ADDRESS SPACE

10.1.1.1

192.168.1.10

10.1.1.2

192.168.2.12

10.1.1.1

192.168.1.10

10.1.1.2

192.168.2.12

10.1.1.1 192.168.1.10

10.1.1.2 192.168.2.12

10.1.1.1 192.168.1.10

10.1.1.2 192.168.2.12

10.1.1.1 10.1.1.2

10.1.1.1 10.1.1.2



HNV moves into the switch

Supports richer switch extensions Extensions can view CA and PA

addresses inside the switch Requires extension upgrade to NDIS

6.40 Changes forwarding logic

HNV packets are flagged for native forwarding

Other packets forwarded by forwarding extension, if present

Enables packet header modification Forwarding extensions can modify

packet headers on both ingress and egress Windows Server

2012Windows Server 2012

R2

3rd PartyFwd Ext

Extension

Extension

Extension

vSwitch

Ingre

ss

Egre

ss

NativePolicies

EgressACL

pNIC

LBFO IM

MSForwarding

Ingre

ss

Egre

ss

WNV

3rd PartyFwd Ext

Extension

Extension

Extension

vSwitch

Ingre

ss

Egre

ss

NativePolicies

EgressACL

pNIC

LBFO IM

MSForwardingWNV

Ingre

ss

Egre

ss


Network Virtualization Packet Flow

IP VirtualizationPolicy Enforcement

Routing

Hyper-V Switch

VSID ACL Enforcement

10.10.10.10Blue1

VSID 5001

192.168.5.12

MACPA2

10.10.10.11

Blue2

VSID 5001

Network Virtualization Packet FlowBlue1 sending to Blue2

1. Where is 10.10.10.11?2. Blue1 sends ARP Packet to locate

10.10.10.113. Hyper-V Switch broadcasts ARP on VSID

50014. Hyper-V Switch then broadcasts ARP to the

rest of the network, but intercepted by NV Filter

Note: ARP not broadcast on physical network5. NV Filter checks its Policy Table and

responds with Blue2 MAC6. NV Filter sends ARP Response back into

Hyper-V Switch and on to Blue1

Network Virtualization

ARP TABLE

34:29:af:c7:d9:1210.10.10.1134:29:af:c7:d9:12

192.168.2.10

MACPA1

Where is 10.10.10.11?


Routing

Hyper-V Switch





Routing

Hyper-V Switch




Routing

Hyper-V Switch



Network Virtualization Packet Flow10.10.10.10Blue1

10.10.10.11

Blue2

VSID 5001

Network Virtualization Packet FlowBlue1 sending to Blue2

7. Blue1 starts to construct its packet for Blue2 and sends it to the Hyper-V Switch

MACB1 -> MACB2

10.10.10.10 -> 10.10.10.11

8. Hyper-V Switch attaches the VSID

5001

MACB1 -> MACB2

10.10.10.10 -> 10.10.10.11

9. NV Filter checks to see if Blue1 is allowed to contact Blue2, then constructs GRE Packet and sends it across the physical network

MACP1 ->MACP2

192.168.2.10 ->192.168.5.12

5001

MACB1 ->MACB2

10.10.10.10 ->10.10.10.11

10.On receiving host, opposite process takes place – NV Filter strips GRE, pulls out the VSID information, passes packet to Hyper-V Switch, where VSID removed and packet sent to Blue2 VM

VSID 5001

Packet

GREPacke

tVSI

D

192.168.5.12

MACPA2

192.168.2.10

MACPA1

Packet

VSID

GREPacke

tVSI

D

Packet

VSID


Multi-tenant VPN GatewayChallenges• Hoster wants to provide isolated networks for

tenant VMs with integral S2S VPN and NAT• Enterprises have virtualized networks split

across different datacenters or virtualized networks (NVGRE aware) communicating to physical networks (NVGRE unaware)

Solution• Multi-tenant VPN gateway in Windows Server

2012 R2 • Integral multitenant edge gateway for

seamless connectivity • Guest clustering for high availability• BGP for dynamic routes update• Encaps/Decaps NVGRE packets• Multitenant aware NAT for Internet access

SPS VPN

SPS VPN

Host Datacenter Network Virtualization Fabric

HostHost

Internet

FabrikamContoso

DNSSQL DC

Multi-tenant VPN Gateway

Bridge Between VM Networks & Physical Networks


Controlling Datacenter traffic flowWhat it means:• Provides ability to control physical network

hardware directly from applications

• Enforces routing policies on the fly

• Requires programmable hardware that uses a standard protocol like OpenFlow, Cisco OnePK and so on.

Challenges:• Adds complexity to the application

• Creates challenges in heterogeneous environment

Is it production ready?• Applicable to certain classes of applications like

Microsoft Lync, Network diagnostic tools, high fidelity video games

• Most Line of Business applications and workloads may not need this level of control

Abstracting Workloads Controlling Traffic Integrating Policies

AggregationSwitches

ToRToR

VM VMApplication

Application

Managing SDN with System Center 2012 R2 Virtual Machine ManagerChallenges

Manage a large number of physical and virtual switches

Integrate management of physical and virtual networks

SolutionLogical Network

Organizes and simplifies network assignments for hosts, virtual machines and services

Integrated physical and virtual switch VLAN policy

VM Network Creation/deletion of isolated virtual network overlay (HNV) on physical network

VM Network

Logical NW

Physical Network

VLA

N 2

5S

ub

net

10

.0.0

.0/2

6

Fab

ric

Vir

tual

ExtensionExtensionExtension

VM Network

Logical NW

Managing SDN

ChallengesAllow seamless migration of VM while maintaining network policy

SolutionLogical Switch

Single logical entity spanning hosts

Consistent policy and configuration

Management of Hyper-V Extensible SwitchInstallation and configuration of switch extensions

Configuration of network policies

Network policies automatically move with the VMIncludes 3rd party extensions

VM Network

Logical NW

Physical Network

VLA

N 2

5S

ub

net

10

.0.0

.0/2

6

Fab

ric

Vir

tual

ExtensionExtensionExtension

VM Network

Logical NW

Managing SDN

Managing SDN with System Center 2012 R2 Virtual Machine Manager

Network switch management with OMI

Communicating using

WS-MAN

PowerShell CIM Cmdlets

OMI OMI OMI

How switch management worksStandards-based CIM model

Switches running Open Management Infrastructure (OMI)

Switch Management PowerShell Cmdlets

Problems solvedCommon management

interfaceacross multiple network vendors

Automate common network management tasks

Logo Program enables customers to find/buy switches that “just work”

Managing SDN

SDN partner ecosystem

OMI-basedtop-of-rack switch

Hyper-V switchextensions

Chipsetextensions

Gateway appliances


http://www.cisco.com/

http://www.cisco.com/

• Migrate workloads seamlessly across clouds

• Preserve policies, VM settings, and IP addresses

• Move from test to production with minimal network configuration

• Reduce Opex related to networking

• Simplify datacenter consolidation and mergers and acquisitions

• Extend datacenter into hybrid cloud environment without specialized networking gear

• Enables customers to bring their own IP addresses and DHCP servers

• Realize scalable multi-tenancy

• Simplify connectivity to customer datacenter

• Provide flexible VM placement without reconfiguration

• Decouple server and network admin roles to increase agility

• Enforce unified policy across entire datacenter from a single management plane

To Workload Owners To Enterprises To Hosters

To Private/Public Cloud Datacenter

Admins

Software Defined Networking Benefits

Abstracting Workloads Controlling Traffic Integrating Policies

DHCP failover

Quality of Service

SMB Multichannel

Networking solutions that deliver continuous application availability

Embrace a multi-vendor ecosystem

Provide consistent bandwidth for services

Run services without interruption

Automatically remediate issues with no human intervention NIC Teaming


Network fault tolerance with SMB Multichannel

• Automatic detection and use of multiple network connections between SMB client and server

• Helps server applications be resilient to network failure

• Transparent Failover with recovery of network failure if another connection is unavailable

• Improved throughput

• Bandwidth aggregation through NIC Teaming

• Multiple nodes/CPUs for network processing with RSS-capable network adapters

• Automatic configuration with very little administrative overhead


NetworkSMBclient

SMBserver

Filecopy

NIC NIC

NIC NIC

Filecopy

Highly Available DHCP Service

• Automatic DHCP failover based on DHCP failover IETF spec

• Provides multi-site IP address continuity to clients by helping eliminate single points of failure

• Provides in-box support for failover, without the need for clustering

• Uses a failover setup consisting of two servers located across different geographic locations

• Includes active/active or active/passive behavior

• Simple provisioning and configuration of DHCP server using PowerShell

Hot standby DHCP failover in a hub-and-spoke deployment

Load-sharing DHCP failover in a single site with a single subnet


• Helps guarantee predictable network performance and fair sharing during congestion

• Supports bandwidth floors and bandwidth caps

• Helps enforce customer SLAs and maximum pricing caps

• Sets QoS for virtual machine or traffic type

• Uses software built into Windows Server 2012 R2 or hardware capable of Data Center Bridging (DCB) to assign minimum QoS settings

• Supports dynamic change of QoS settings through PowerShell without any downtime

Predictable performance with Quality of Service

Runtime bandwidth demand (gigabits per second)

ServiceReservation

T1 T2 T3

Virtual machine

30% 4 4 2

Storage 40% 5 5 6

Live migration

20% 0 3 2

Cluster Shared Volume

10% 0.5 1 0

T2

3

4

1

T3

2

6

2

T1

4

5

0.5

Actual bandwidth usage by service

When bandwidth is available, each service takes as much as it can

When the link is congested, each service takes its fair share

When bandwidth becomes available, each service takes as much as it wants

2


NIC Teaming

Virtual adaptersVirtual adapters

NIC Teaming

Team network adapter


Operating system• Provides network fault tolerance and continuous availability when network adapters fail by teaming multiple network interfaces

• Supports all vendors in-box

• Facilitates local or remote management through Windows PowerShell or UI

• Enables teams of up to 32 network adapters

• Aggregates bandwidth from multiple network adapters

• Includes multiple nodes: switch dependent and independent

8 x 1Gb NICs – 8Gb throughput


Dynamic NIC Teaming

NIC Teaming

Virtual adaptersVirtual adapters



TCP streams or "flows” are generally not continuous

Groups of packets sent between flows are called “flowlets”

Dynamic load balancing detects breaks in a flow of sufficient length to minimize possibility of packet reordering

Flows can be moved to other team members on flowlet boundaries to rebalance traffic

Dynamic LBFO maximizes resource utilization in teamed NICs by balancing loads across all NIC team members

Ideal when there are fewer VMs per team

Operating system

Large TCP flow

Flowlet

Small TCP flow

Flowlet (swaps NICs)


Demo

DHCP FailoverNIC Teaming

vRSS

Dynamic VMQ

SR-IOV

SMB Direct (RDMA)

High-performance networking with current and next-generation hardware

Gain predictable performance

Scale automatically as demand increases

Help ensure that networking is no longer the bottleneck

Deliver high-speed data transfer on industry-standard hardware

Improving NetworkPerformance

File Client

SMB ClientSMBBuffe

r

File Server

Application

NIC Driver

Transport Protocol Driver

With RDMA

Improved network performance through SMB Direct (RDMA)

Without RDMA

Application

NIC Driver

SMB ServerSMB client

Transport Protocol Driver

NIC Driver

TransportProtocol Driver

AppBuffe

r

SMBBuffe

r

OSBuffe

r

Driver

Buffer

SMBBuffe

r

OSBuffe

r

Driver

Buffer

SMB Server

NIC Driver

TransportProtocol Driver

AppBuffe

r

SMBBuffe

r

rNIC rNIC NIC AdapterBuffer NICAdapter

BufferAdapterBuffer

AdapterBuffer

iWARP

InfiniBand

• Higher performance through offloading of network I/O processing onto network adapter

• Higher throughput with low latency and ability to take advantage of high-speed networks (such as InfiniBand and iWARP)

• Remote storage at the speed of direct storage

• Transfer rate of around 50 Gbps on a single NIC port

• Compatible with SMB Multichannel for load balancing and failover


Dynamic Virtual Machine Queue

Without VMQ

• Hyper-V Virtual Switch is responsible for routing & sorting packets for VMs

• This leads to increased CPU processing, all focused on CPU0

With VMQ

• Physical NIC creates virtual network queues for each VM to reduce host CPU

With Dynamic VMQ

• Processor cores dynamically allocated for a better spread of network traffic processing

Increased efficiency of network processing on Hyper-V hosts Hyper‑V Host

CPU0 CPU1 CPU2 CPU3

Without VMQ

Hyper‑V Host

CPU0 CPU1 CPU2 CPU3

With VMQ

Hyper‑V Host

CPU0 CPU1 CPU2 CPU3

With DVMQ


Virtual RSS

• vRSS provides near line rate to a VM on existing hardware, making it possible to virtualize traditionally network intensive physical workloads

• Extends the RSS functionality built into Windows Server 2012

• Maximizes resource utilization by spreading VM traffic across multiple virtual processors

• Helps virtualized systems reach higher speeds with 40 Gbps and 100 Gbps NICs

• Requires no hardware upgrade and works with any NICs that support RSS


Node 0 Node 1 Node 2 Node 3

2

2

3

3

1

1

0

0

Incoming packets

RSS

vProcvProcvProcvProc

VirtualMachine

vNIC

vRSS

Without

Without

Single Root I/O Virtualization (SR-IOV)

• VM traffic bypasses virtual switch and performs I/O directly to NIC

• Ideal for high I/O workloads that do not require port policies, QoS, or network virtualization enforced at the end host virtual switch

• Most 10Gbps and in-box NICs SR-IOV capable

Benefits

• Maximizes use of host system processors and memory

• Reduces host CPU overhead for processing network traffic (by up to 50%)

• Reduces network latency (by up to 50%)

• Provides higher network throughput (by up to 30%)

• Full support for Live Migration

HostVirtual Machine

VM Network Stack

Synthetic NIC

Hyper‑VExtensible Switch

SR-IOV NIC VF

Traffic Flow

Virtual Function

VF

Traffic Flow

VF


Operational efficiency through simplified manageability

Provide an easy-to-use, robust automation framework

Monitor resource usage

Manage IP address space and consolidate external tools

Simplify management in multisite environments

Management with Virtual Machine Manager

IP Address Management

Windows PowerShell

Resource Metering

Monitoring with Operations Manager

Simplifying Datacenter Network Management

IP Address Management (IPAM)IPAM distributed architecture

Domaineurope.corp.woodbridge.com

IPAM Server (UK)

DHCP, DNS, DC, and NPS

servers

IPAM Server (Bangalore)


servers

Domainfareast.corp.woodbridge.com

IPAM Server (Hyderabad)


servers

Site: HyderabadBranch office

Site: BangaloreBranch office

Site: UKBranch office

Domaincopr.woodbridge.com

IPAM server (Redmond)


servers

Site: RedmondHead office

• Inbox feature for integrated management of IP addresses, domain names, and device identities

• Tightly integrates with Microsoft DNS and DHCP servers

• Provides custom IP address space display, reporting, and management

• Audits server configuration changes and tracks IP address use

• Migrates IP address data from spreadsheets or other tools

• Monitors and manages specific scenario-based DHCP and DNS services


IP Address Management (IPAM)

• Manages virtual address space in addition to physical address space

• Imports and exports network configurations automatically through plugin for System Center Virtual Machine Manager

• Enables synchronization of Active Directory Sites and subnets information with IPAM

• Supports large scale enterprise deployments

• Uses SQL Server to store IP address information

• Lets admins define user roles, access scope and access policy through role-based access control

Integration PluginRole Based Access

Control

IPAM Client Win vNext

IPAM Server WS vNext

VMM Server SC vNext

Server Discovery

Server Configuration

Address Utilization

Event Collection

Server Availability

Server Monitoring

Address Expiry

DHCP Server WS08

DNS Server WS08 R2 & SPs

DC Server WS8

NPS Server WS vNext

Data collection tasks

WCF PS/WS Man

Network Administrator

Fabric Administrator

System Administrator

Forensics Investigator

MS SQL Server SQL 2008 R2, SQL 2012

IPAM Administrator

IPAM ASM Administrator

IPAM MSM Administrator

IPAM Users

IPAM Audit Administrator

Security Groups


Comprehensive coverage with more than 400 cmdlets related to networking

Windows PowerShell

Remote machine management support

Integrated object model


Resource Metering

Metrics

A two-tenant environment built with Hyper-V in Windows Server

2012 R2

• Average CPU use

• Average memory use

• Minimum memory use

• Maximum memory use

• Maximum disk allocation

• Incoming network traffic

• Outgoing network traffic

• Storage IOPS

VM 1Customer

1

VM 2Customer

1

VM 3Customer

1

VM 1Customer

2

VM 2Customer

2

VM 3Customer

2

Virtual Machine Resource Metering20 10

Resource Pool Internet Resource Metering10 5

3045 2540

Resource poolInternetCustomer 2

30 55

Resource poolInternetCustomer 1

0

0 0

0

Benefits

• Tracks and meters resource usage and provides infrastructure to build chargeback solutions

• Tracks resource usage of individual virtual machines or virtual machine pools

• Metering not affected by virtual machine movement

• Uses active control lists (ACLs) from network metering port

• Provides complete Windows PowerShell support

1015202530354045505152025


Remote Live Monitoring

Server or client withMicrosoft Message

Analyzer

Windows Server 2012 R2

WMI to configure the filters and truncation

WMI starts/stops the session

Truncated network traffic redirectedETW events

Remote Live Monitoring provides remote packet and ETW event capture from any

host in the datacenter, enabling low-touch diagnostics at high scale

• Remote monitoring of network traffic on a in Windows Server 2012 is not simple

• Windows Server 2012 R2 makes it easy to mirror and capture network traffic for remote and local viewing

• Provides integrated GUI experience with Message Analyzer

• Collects offline traffic captures from remote computers

• Provides filters to select packets by IP addresses and VMs

• Captures ETW events for remote and local viewing


Development Production

Datacenter one Datacenter two

Networking and isolation in the private cloud using SC VMM

Logical and standardizedDiverse infrastructure

Cloud abstraction

Delegated capacity

Standardized services

Development

Production

Logical Networks

VM Networks


System Center Virtual Machine Manager Network provider support

Load balancersSwitch extension

managersNetwork virtualization

gateway

• Connects to load balancer through hardware provider

• Assigns to clouds, host groups, and logical networks

• Configures load balancing method and adds virtual IP on service deployment

• Manages in-box andthird-party gateway devices from interface

• VMM template for deploying Inbox Gateway

• Supplies network objects and policies to VMM

• Applies virtual switch extensions to appropriate Hyper-V hosts

• Enables self-service users to choose port classifications based on extensionsExamples:

F5 BIG-IP, Brocade Server, Iron ADX, Citrix NetScaler, Microsoft network load balancer

Examples: Cisco Nexus 1000v, inMon sFlow, 5nine, NEC

Examples: Windows Server Inbox Gateway, IronNetworks, F5, Huawei


Network monitoring using System Center Operations Manager• Uses SNMP to discover network devices

List of network devices with extended monitoring

capability

Monitors physical network routers and switches Interfaces and ports/virtual local area networks

(VLANs) Hot Standby Router Protocol (HSRP) groups Firewalls and load balancers Increases visibility into your network infrastructure Identify failures in critical services and applications

that were caused by the network Show how the network connects to servers


Network monitoring: Comprehensive end to end view of network

Health view for each network device Network dashboard view


http://blogs.technet.com/cfs-file.ashx/__key/communityserver-blogs-components-weblogfiles/00-00-00-46-16/3225.DeviceDiagramView.jpg

Demo

IPAM

Networking in Hybrid Cloud

Seamlessly extend Datacenter to Azure

Inbox Gateway to extend beyond private cloud

Extending your private cloud to hosters

Extending your private cloud to Azure

Cross-premises connectivity

VPN site-to-site tunnelIKEv2-IPsec



Cross-premises connectivity

Hosted Cloud

Contosoprivate cloud

Woodgroveprivate cloud

Subnet1

Subnet2

Subnet1

Subnet2

ContosoLondon branch

Subnet3

ContosoNew York branch

Subnet4

WoodgroveBrazilian branch

Subnet3

Subnet4

Windows Server 2012 R2 remote access site-to-site VPN server

Industry standard IKEv2-IPsec router

VPN site-to-site functionality in remote access:• Provides cross-premises connectivity

between enterprises and hosting service providers

• Connects to private subnets in hosted cloud networks

• Provides connectivity among geographically separate enterprises


Hybrid Networking in WS 2012 R2

Blue Corp Site

1

Blue Corp Site

2

Green Corp Site

Orange Corp site1

Orange Corp site2

S2S TunnelS2S Tunnel

S2S Tunnel

S2S Tunnel

S2S Tunnel

Internet

Blue Virtual Network

Green Virtual Network

Orange Virtual

Network

Hoster’s datacenterRemote sites

MultitenantGW

BGP

Active-Standby

Provides multitenant S2S gateway for hybrid cloud connectivity

Includes guest clustering for HA

Uses BGP for dynamic routes update

Provides multitenant-aware NAT for Internet access

Multi-tenant VPN for access to cloud from internet


Virtual Network

Your datacenter

On premises

Connecting Private Cloud with Azure

Subnet 1 Subnet 2 Subnet 3 DNS Server

Individual computersbehind corporate

firewall

VPN Gateway

VPN Device

Site-to-SiteVPN

Remote workers

VPN Device

Extend your datacenter to Azure by creating VMs in private networks

Connect individual computers to Azure VMs and virtual networks using Point to Site connectivity without VPN device

Windows inbox gateway to connect virtual networks in private cloud and Azure


Advancing Software Defined

Networking

Simplifying Datacenter

Network management

Improving Network

Performance

Delivering Continuously

Available Applications

Scenario summary

Networking in the Hybrid

Cloud

Get started

© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Advancing Software Defined Networking Simplifying Datacenter Network management Improving Network...

Documents

Transcript of Advancing Software Defined Networking Simplifying Datacenter Network management Improving Network...