Software defined networking –approaches to network virtualization

Software Defined Networking –

Approaches to Network Virtualization

Balaji Sivasubramanian, Cisco

NET6390

#NET6390

Cisco Confidential 2 © 2013 Cisco and/or its affiliates. All rights reserved.

NET6390: Software- Defined Networking Approaches to Network Virtualization

Balaji Sivasubramanian, Director, Product Management, Cisco

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3

This presentation contains projections and other forward-looking statements regarding future events or the future financial performance of Cisco, including future operating results. These projections and statements are only predictions. Actual events or results may differ materially from those in the projections or other forward-looking statements. Please see Cisco’s filings with the SEC, including its most recent filings on Form 10-K and 10-Q, for a discussion of important risk factors that could cause actual events or results to differ materially from those in the projections or other forward-looking statements.


1 2 3

Software-Defined

Networking:

Industry

Approaches

Cisco Open

Network

Environment

(ONE)

Transforming

Data Center via

Application Centric

Infrastructure

Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 5

Industry Approaches


IS THE NETWORK READY?

Simplicity

Agility

Flexibility

Cloud Video Mobility Data Deluge


Private Cloud

Automation and

Reduce OpEX

Research/ Academia

• Research

OpenFlow/

SDN

components

for production

networks

Massively Scalable

Data Center

• Customize with

programmatic

APIs to provide

deep insight

into network

traffic

Service Providers

• Policy-based

control and

analytics to

optimize and

monetize

service delivery

Enterprise

• Virtual

workloads, VDI,

Orchestration of

security profiles

• WAN/Campus

Optimization

Cloud

• Automated

provisioning

and

programmable

infrastructure

Scalable

Multi-Tenancy

Network Flow

Management

Network

“Slicing”

Agile Service

Delivery

Diverse Programmability and Automation Requirements Across Segments


SDN Applications

1 Programmable APIs

Control Plane

Data Plane

Vendor-Specific APIs

Control Plane

Data Plane

CLI,

SNMP,

NetFlow,

…

Applications (Network

Management,

Monitoring,…)

Vendor-

Specific

(e.g.,

onePK)

Controller

Data Plane

OpenFlow,

PCEP,

I2RS

SDN Applications


2 Pure SDN

Vendor-

Specific

(e.g.,

onePK)

Controller

Data Plane

SDN Applications

OpenFlow,

PCEP,

I2RS

Control Plane


4 Hybrid SDN

Vendor-

Specific

(e.g.,

onePK)

SDN Applications

Virtual Switch

Overlay

Protocols

(e.g.,

VXLAN)

3 SDN –Network Virtualization


Controller

Data Plane

Control Plane


Open Flow

Standards:

Config, Hybrid,

Extensibility,

Futures/FPMOD/OF2

.0

802.1 Overlay

Networking Projects

Overlay Working Groups:

NVO3, L2VPN, TRILL, L3VPN, LISP, PWE3

API Working Groups/BOFs

NETCONF, ALTO, CDNI, XMPP, SDNP,

I2AEX

Controller Working Groups:

PCE, FORCES

New work items:

IRS – Interface to the Routing System

Open SDN

Framework

Open Source

Cloud

Computing

Projects

Initiatives:

Neutron

Donabe

Open Source

Configuration

Management

Tools


Platinum Gold Silver

Furthering the adoption and innovation of SDN through the creation of a common vendor supported framework.


POLICY ANALYTICS

Orchestration

Network

Harvest Network

Intelligence

Program for Optimized Experience

Automation Visibility Flow Management


Hardware + Software Physical + Virtual Network + Compute

a

SDN-Applications

Platform

APIs:

onePK

Integrated

Network

Overlays:

N1K

Controllers

and Agents:

XNC

www.cisco.com/go/one


Seamless Interaction Across Physical and Virtual Network Services

Tenant 1

vWAAS

VSG ASA 1KV

Tenant 3

ASA 55xx

Physical Workloads

Physical

Network VXLAN

Gateway

Virtual Workloads (Overlay and Non-Overlay)

Tenant 2

CSR 1KV

Hypervisor (VMware, Microsoft, Xen, KVM)

Nexus 1000V

vPath VXLAN

VSM Cluster

REST API

Nexus


REST API

Cisco Prime

DCNM

Networking for Enhanced

Efficiency at Scale

Fabric Management for Ease

of Operations

Automated Provisioning

Cisco Prime

Network

Services

Controller

L3–L7

Services

Integration

Hypervisor

Agnostic

(Nexus

1000v)

Simplified Management for Ease of Operations

MAN


Operational Simplicity Through Superior Integration


Lowering TCO

Configuration

and Policy

Implementation

Application and

Service Migration

Dynamic

Configuration Security


Dynamic Instantiation

and Removal

Increasingly Non-

Virtualized

Infrastructure

Independent

Scale-Out/Multi-Node

Multi-Cloud Models

Application-Awareness for Agile

Deployment and Placement

Physical/Virtual/Cloud

Integration and Visibility

Dynamic Shared

Resource Pool

Increasing Performance

1/10/40/100G and Scale

Secure and Multi-Tenant

Aware

Cloud and Big Data Are Driving a Paradigm Shift

Distributed

Virtualized

Bare-metal

Cloud


Server Virtualization Software-Based Network

Virtualization

CPU

Memory Net I/O

Stor I/O

Virtualization of the Hardware per

VM Tenant; Replication of Hardware

Constructs as Virtual Hardware

No Virtualization of Hardware;

Encapsulation of Traffic on

Existing Infrastructure

Virtual Topology

Physical Topology Physical | L2 | L3

VM VM VM VM

Server


Software Simulation of Network is Moving the Problem and Increasing Complexity Instead of Solving the Problem

VM VM

Virtual Switching

…

VM VM

Virtual Switching

…

VM VM

Virtual Switching

…

VM VM

Virtual Switching

…


Logical

Network

Physical

Network

Apps

Software

Overlay

QoS

Routing

Spanning Tree Protocol (STP)

VLANs

Physical Infrastructure

Visibility


A New Model Is Required

Application Centric Infrastructure

Existing Infrastructure Model

Existing Application Model

Simplification

Complete Network Automation and Programmability

Software Flexibility With Hardware based Performance and Visibility

Eliminate 1st generation SDN limitations

Extensible to Storage and Compute

Network of Boxes Software-Based

Network Virtualization

Centralized Automation, Security, and

Application Profiles

App

Centric

Lack of transparency and visibility to physical infrastructure

Siloes for physical and virtual domains

Per Hypervisor Integration overhead

Multiple Management Points



Infrastructure

Dynamic provisioning of Application

Connectivity Requirements

Application Connectivity

Requirements

Directly maps the application

connectivity requirements to the

Infrastructure

Control & Audit Connectivity

(Security – Firewall, ACL, …)

IP Address, VLAN, VRF

Enable Connectivity

(The Network)

Application Requirements

IP Addressing


Requires Manual Mapping and

Configuration of Independent Services

Redirect and Load Balance

Connectivity



Infra

stru

ctu

re E

lem

en

ts

UNIFIED API - UNIFIED INFORMATION MODEL (RESTFUL XML/JSON API)

Open APIs, Open Source, Open Standards

COMMON POLICY DRIVEN OPERATIONAL MODEL

Hypervisor Network Services

ASA

Network Management, Automation,

Orchestration

Efficiency Scale Optimization Telemetry Application

Awareness

Network

Services

Security Storage Compute Network


Common Platform—

Integration of Physical, Virtual,

and Cloud

Common Policy,

Management and Operations

(Network, Security, and Applications)

Application Velocity. Any Workload. Anywhere.

Systems Approach

Open APIs, Open Source,

Open Standards

Lower Total Cost of Ownership

5 6

Designed from Ground-Up to be Application Centric

1 2 3 4


INFRASTRUCTURE

APPLICATION

App

Tier

DB

Tier Web

Tier

DB

Tier

Web

Tier

Web

Tier

Web

Tier

Web

Tier

App

Tier

DB

Tier

1

• Flexibility of software model with performance and visibility of hardware

• Enables rapid application and services deployment, move, and tear down

• Decouples application connectivity requirements from physical placement

• Ensuring consistent performance beyond day 0

Each device

dynamically

makes the

required

changes based

on the policies

Application

connectivity

definition drives

policy

requirements


Penalty-Free Overlay – Encapsulation, Performance and Visibility

INFRASTRUCTURE

Any Hypervisor

Any Encapsulation

802.1Q NVGRE VXLAN 802.1Q 802.1Q

Any Application

2

• Application placement policy independent of Hypervisor choice

• Normalize endpoint access - eliminate additional gateways

• Higher performance and optimized forwarding

• Real-time visibility - direct correlation overlay and physical

• Consistent policy - any combination of access


APPLICATION

SECURITY

INFRASTRUCTURE

Web

Tier

App

Tier

DB

Tier

Truste

d

Zone

DB

Tier

DMZ

Externa

l Zone

Application Admin

Security Admin

Network Admin

3


INFRASTRUCTURE

SECURITY

Truste

d

Zone

DB

Tier

DMZ

Externa

l Zone

APPLICATION

Web

Tier

App

Tier

DB

Tier

COMMON POOL OF RESOURCES

3

Application Admin

Security Admin

Network Admin


Full Visibility

to Application

Fabric

Management

Cohesive

Visibility

We

b

Tier

App

Tier

DB

Tier

We

b

Tier

App

Tier

DB

Tier

4

Box-by-Box to Service Level

56 100


Extending Cisco Open Network Environment (ONE)

5

Comprehensive

Programmability

and System Access

Centralized Automation

and Management

RESTful XML/JSON

• Rapid Integration with existing management frameworks

• OpenStack networking

• Tenant and application-aware

• Published data model

• Open source framework

• Enables application portability

OPEN

ECOSYSTEM

FRAMEWORK

Hypervisor Network Services

ASA

Network Management, Automation and

Orchestration


Leveraging the Best of Merchant and Custom Silicon

General Purpose

Custom Innovations

Accelerated Innovations with Lowest

CapEx and OpEx

= +

• Commonly Available Capabilities

• Basic Forwarding

• Standards-based

• Standards + Innovation

• ACI Innovations: Optimal Forwarding, Telemetry, Visibility

• Optics Innovations:

Reuse of existing cabling plant, driving 75% lower costs

• Best Technology Available

• Fastest Innovation Adoption

• System Scale: Non-blocking 1/10/40/100GE, 1M+ endpoints, 10s of Thousands of Tenants, Scalable Multicast

• Best-in-class Cost, Power, Cooling

6



Infrastructure

Dynamic provisioning of

Application Connectivity

Requirements

Application Requirements Application Connectivity

Requirements

Directly maps the application

connectivity requirements to the

Infrastructure

• Security is ‘always’ enabled

• Fabric is application aware

• Services inserted dynamically

Control & Audit Connectivity

(Security – Firewall, ACL, …)


Enable Connectivity

(The Network)


IP Addressing


Requires Manual Mapping and

Configuration of Independent Services

Redirect and Load Balance

Connectivity



Increasing Complexity

Multiple Management Points

Slower Innovation Cycles

Lacks Visibility Across Physical and Virtual

Network of Boxes

Software Based Network Virtualization

Advantage

Simplified

Infrastructure and

Operations

Automated, Unified

Management Model

Agile Security,

Hardware

Performance

Penalty-Free Network

Virtualization

Lowest Total Cost

of Ownership

Cisco

Thank you.

THANK YOU

Software Defined Networking –

Approaches to Network Virtualization

Balaji Sivasubramanian, Cisco

NET6390

#NET6390

Software defined networking –approaches to network virtualization

Technology

Transcript of Software defined networking –approaches to network virtualization