ARISTA WHITE PAPER

Cloudifying Data Center Monitoring The shift in the approach to networking driven by the emergence of cloud networks, rapidly evolving merchant silicon system on chip (SoC) and purpose built data center platforms has opened a significant gulf between the ability to provision large, high throughput, highly shared networks and the ability to monitor effectively and at a reasonable cost points. While many traditional higher-layer networking functions such as load balancing and security have developed distributed deployment models in both physical and virtual formats, the traditional box-centric role of network telemetry provisioning (or network packet brokering) has remained static in both scale and price. This status quo creates a ‘visibility cliff’, where either the underlying technology to meet the scale does not exist, is impractical to deploy at scale or is simply too expensive. The Arista Data Analysis strategy is designed to reduce costs and open up access to telemetry technology by deeply integrating many switch and packet broker features into the platforms while at the same time offering scale that was previously unattainable. This paper introduces a number of concepts that are unique to Arista Networks.

08 Fall  

ARISTA WHITE PAPER CLOUDIFYING DATA CENTER MONITORING 2

OPEN HYBRID MODE Traditional telemetry functions available in many of the widely deployed Ethernet switching products has struggled to keep pace with data-plane throughput and scaling. This has driven a box-centric industry approach that pushes the functionality to a dedicated overlay layer of devices, known variously as Network Packet Brokers (NPB), Tap Aggregators, Matrix Switches and Aggregation Taps.

Most startling to those entering the world of overlay telemetry are the start-up costs of building a dedicated monitoring network, the lack of feature commonality or open standards interfaces between vendors and a lack of transparency around feature and function performance.

These aspects look increasingly arcane in the modern, cloud-centric world where agility, scale, economics, and openness are the principles by which architectures are defined.

Figure 1: Traditional overlay monitoring is disproportionately expensive

Arista’s Data Analysis (DANZ) toolsets are designed to break down these limitations, by combining appropriate functionality from the NPB world into regular networking devices enabling users to:

- Derive robust telemetry information from in-band devices

- Couple telemetry scale to infrastructure scale, not box-scale

- Take advantage of the significant interface speed, density and cost differences between data-plane hardware and function specific NPBs.

- Control NPB functionality using the same open interfaces used to orchestrate the infrastructure

- Drive CAPEX and OPEX savings by deploying telemetry networks with the same systems as the production network

ARISTA WHITE PAPER SOFTWARE DRIVEN CLOUD NETWORKING 3

Figure 2: Hybrid modes and rich functionality enable scalable telemetry

FLOW ANALYSIS A key challenge in monitoring scaled shared networks carrying highly converged data is data overload - simply the inability to parse enough of the infrastructure at sensible cost and in appropriate timescales.

One solution is to take a two-tier approach, separating detection and identification from full capture and forensic analysis. In this model, a wide-ranging and coarse level of visibility is used to drive trend, anomaly and threat detection across a topology. Once areas or patterns of interest are identified, deeper capture techniques can be initiated to deep dive and root cause the behavior.

Achieving such goals requires three main capabilities:

- Ubiquitous flow export and analysis in-network

- The ability to retrofit matching flow analysis to non-capable devices or inspection points

- Open APIs to enable closed-loop transition from detection to full capture.

The universal capability within all Arista switches of sFlow (RFC 3716) on all interfaces, including platforms operating in both full- or hybrid- aggregation modes ensures the complete coverage of flow analysis under any network topology.

The pioneering Extensible Operating System (EOS) provides the stability, openness and rich API feature sets for integration with third party tools and orchestration platforms to aid in automation.

EOS also allows for locally deployed applications to take advantage of telemetry data - enabling not only automated but also autonomous identification and capturing of anomalous behaviors.

ARISTA WHITE PAPER SOFTWARE DRIVEN CLOUD NETWORKING 4

Figure 3: Automated linkage of coarse and fine grained monitoring tames modern traffic patterns

HIGHER CAPABILITIES, CONSISTENCY, AND SIMPLE LISTENING

Addressing the disparity between higher interface speeds and scaling up of production networks against monitoring/telemetry overlays is fundamental to removing the financial and practical barriers that create the visibility cliff.

With market leading density, a variety of form factors and simplified pricing, it is possible to support large numbers of TAP/mirror sources and tool facing interfaces in a single unit. The Arista 7500E Series supports mixed interface speeds of up to 1152 x 10G, 288 x 40G or 96 x 100G, which is up to 12x the density of contemporary offerings.

Since NPB features are implemented on the same Arista platforms with the performance used to build the world’s highest performing and most scalable data center networks; and feature licensing is based on a simple per-device model, administrators benefit from using consistent software images, platforms and reduced spares as well as simple low cost per-device licensing model.

ARISTA WHITE PAPER SOFTWARE DRIVEN CLOUD NETWORKING 5

LOWERING CONNECTION COSTS

A key component of any telemetry network is the cost of the fiber infrastructure and optical transceivers required to aggregate network TAPs and mirror interfaces. Often this is compounded by the rapid development of the monitored infrastructure which outpaces NPB innovation and drives a requirement for upgrades which add more costs.

While Arista’s hybrid modes and universal flow analysis address part of the scaling challenge, many infrastructures still require dedicated interfaces especially where passive inspection of optical networks is necessary. Arista offers a number of features to cost effectively deploy and scale optical connectivity:

AGILE PORTS Arista Agile Ports takes advantage of the inherently parallel nature of higher-rate interfaces such as 40GBASE-SR4, 40GBASE-PLR4 and 100GBASE-SR10 where links are comprised of multiple parallel fiber strands. While these multiple strands normally originate and terminate in a single optical transceiver (e.g. QSFP+ or CFP2), Arista has pioneered two technologies that allow SFP+ interfaces to be bonded to form true 40GbE and 100GbE interfaces using both parallel single mode and multi-mode fiber.

The first technique involves the ability to configure four adjacent SFP+ interfaces as a single 40G interface. Requiring nothing more than four similar optics (e.g. 10GBASE-SR or SRL) and an appropriate harness cable to connect to the link partner (perhaps MTP8 for QSFP based 40GBASE-SR4 or even another AgilePort) this technique allows users to migrate from 10G to 40G without forklift hardware upgrades and with no cost penalty for shifting interface speeds.

Figure 4: 7150 Agile Ports provides future proofing for 40G

The second innovation is the integrated parallel optical transceiver (as seen on 7500E and 7280E models). These systems present an MTP24 port interface (as shown below) that can be software configured to support a range of interface speeds and density including 12 x 10G, 3 x 40G or 1 x 100G per each MTP24 port.

ARISTA WHITE PAPER SOFTWARE DRIVEN CLOUD NETWORKING 6

Figure 5: MXP Optics enable 10/40/100G operation with no forklift

Migration between the three speeds requires just a software configuration change and if required the use of appropriate cabling. Since the optical interfaces are integrated into the system there is no requirement to replace or upgrade the optics.

These two innovations not only lead to a linear cost structure and simple migration from 10- to 40- and 100GbE, they are able to drastically reduce costs when compared to traditional approaches requiring dedicated pluggable transceivers or new network devices for each speed change.

UNIVERSAL 40GB ETHERNET TRANSCEIVERS

A unique innovation in reducing the cost of 40G networking, the Arista Universal transceiver is the first 40Gb transceiver that delivers 40Gbps connectivity over either multi-mode or single-mode fiber using just a single fiber pair and maintains full compatibility with existing single mode standards for 40GBASE-LR4. Not only does the Arista Universal Transceiver enable consolidation of 40Gbps networks onto fewer fiber pairs (one pair vs. the four required by the 40GBASE-SR4 standard), the ability to run over both single and multi-mode fiber means a reduction in the number of different transceiver types required.

Due to the reduction in fibers the Arista Universal transceiver substantially lowers the cost of 40G optical monitoring - a 75% reduction in fiber tails combined with 100% compatibility with existing multi-mode and single-mode optical splitter components reduces inventory, plant and training costs to a minimum when migrating from 10GbE to 40GbE or when deploying multi-mode or single-mode technology.

SUMMARY Arista’s no-holds barred approach to enhancing network visibility solutions continues to offer new levels of functionality and scale without introducing higher costs from unnecessary complexity. Applying the cloud scale and performance paradigm to the telemetry overlay networking delivers a number of tangible capital and operational benefits that enables organizations of all sizes to access granular network visibility regardless of size.

Innovations in density, performance, tool-sets, simple licensing, multi-speed ports and Universal optical transceivers simplify network monitoring, and remove the barriers to integrating monitoring to all network tiers and all interfaces.

Santa Clara—Corporate Headquarters 5453 Great America Parkway Santa Clara, CA 95054 Tel: 408-547-5500 www.aristanetworks.com

Ireland—International Headquarters 4130 Atlantic Avenue Westpark Business Campus Shannon, Co. Clare, Ireland

Singapore—APAC Administrative Office 9 Temasek Boulevard #29-01, Suntec Tower Two Singapore 038989

Copyright © 2014 Arista Networks, Inc. All rights reserved. CloudVision, and EOS are registered trademarks and Arista Networks is a trademark of Arista Networks, Inc. All other company names are trademarks of their respective holders. Information in this document is subject to change without notice. Certain features may not yet be available. Arista Networks, Inc. assumes no responsibility for any errors that may appear in this document. 07/14