• Share
  • Email
  • Embed
  • Like
  • Private Content
GigaOm Structure 2013: The True Potential of Network Virtualization, Dimitri Stiliadis, Co-Founder and Chief Architect
 

GigaOm Structure 2013: The True Potential of Network Virtualization, Dimitri Stiliadis, Co-Founder and Chief Architect

on

  • 1,162 views

While much has been said about network virtualization, current solutions remain limited to simplistic use-cases, restricting services within boundaries of single datacenters or virtualized islands. ...

While much has been said about network virtualization, current solutions remain limited to simplistic use-cases, restricting services within boundaries of single datacenters or virtualized islands. We describe a novel approach that fulfills the promise of massively scalable network virtualization, and enables seamless interconnection of cloud services with existing enterprise environments.

Statistics

Views

Total Views
1,162
Views on SlideShare
1,154
Embed Views
8

Actions

Likes
1
Downloads
21
Comments
0

2 Embeds 8

https://twitter.com 7
http://moderation.local 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    GigaOm Structure 2013: The True Potential of Network Virtualization, Dimitri Stiliadis, Co-Founder and Chief Architect GigaOm Structure 2013: The True Potential of Network Virtualization, Dimitri Stiliadis, Co-Founder and Chief Architect Presentation Transcript

    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONTrue Potential of NetworkVirtualizationDimitri Stiliadis (@dstiliadis)JUNE 14th, 2013
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONSDN: THE ACRONYM•Open Networking Foundation (ONF):- Software Defined Networking• Internet Engineering Task Force (IETF):- Software Driven Networking- MEF, ATIS, OMG, ETSI, …Still Don’t kNow• Industry cognoscenti:- Seemingly Different Network,- Somewhat Debatable Notion,- Spawning Dedicated Networks,- Self Defined Networking,- Still Doing Nothing…
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONAnd then, Network Virtualization6/21/20133L2 ServiceVirtualization
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONAnd then, Network Virtualization6/21/20134Promise of Nirvana
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONAnd then, Network Virtualization6/21/20135The devil is in the details
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONAnd then, Network Virtualization6/21/20136What is Network VirtualizationNetwork Virtualization =? Server VirtualizationWhat isn’t Network Virtualization
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONA Matter of Perspective6/21/20137APPLICATION-CENTRIC VIEW“BLACK BOX”Application attributesUser ExpectationsApplication performanceAPPLICATIONSNETWORK
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONA Matter of Perspective6/21/20138APPLICATION-CENTRIC VIEW“BLACK BOX”Application attributesUser ExpectationsApplication performanceAPPLICATIONSNETWORK• Network is on the way• No APIs• Manual provisioning• Must depend on networkadmin• Network as CodeApplication Developer View
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONA Matter of Perspective6/21/20139NETWORK-CENTRIC VIEW“BLACK BOX”Network TopologyProtocolsService stabilityAPPLICATIONSNETWORK
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONA Matter of Perspective6/21/201310NETWORK-CENTRIC VIEW“BLACK BOX”Network TopologyProtocolsService stabilityAPPLICATIONSNETWORK• What do applicationswant?• Can’t trust users• Security• Network stability• Operations, tools ?Network Admin View
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONA Matter of Perspective for the Solution6/21/201311Application Driven Solution Network/Protocol Solution
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONBut the problem is different6/21/201312
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONWe Started with VLANs6/21/201313Server & Storage ArraysService AppliancesDC CoreNetworkSERVER & STORAGE INFRASTRUCTURE10.1.1.2 10.1.1.3 10.1.1.4 10.1.1.410.1.1.310.1.1.2• VLAN scalability• L2 core scaling issues• Management complexity• Network stabilityISSUES & LIMITATIONS
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONNetwork Guy:Didn’t We Solve This Problem Before?6/21/201314MPLS L2/L3 VPNsEdgeMPLS VPNs operational for 15 yearswith 1000s of end pointsRich experience and toolsetsBut:• Not optimized for automatic provisioning• Not scaling to data center sizes• Perception of complexity
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONNetwork Guy:Didn’t We Solve This Problem Before?6/21/201315MPLS L2/L3 VPNsEdgeMPLS VPNs operational for 15 yearswith 1000s of end pointsRich experience and toolsetsBut:• Not optimized for automatic provisioning• Not scaling to data center sizes• Perception of complexity
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONNumber of endpointsNetworking for ISPs Networking for the CloudNature of connectionsConnection longevityService Requirements Simple DynamicNetworking for Applications
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONApp Guy:Bringing Network Virtualization to the DC6/21/201317Service RequestL2-SegmentVM VM VMHypervisorHypervisorHypervisorHypervisorHypervisorHypervisorIP Network FabricRouter VMConfined in single administrative domains
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONApp Guy:Bringing Network Virtualization to the DC6/21/201318Service RequestL2-SegmentVM VM VMHypervisorHypervisorHypervisorHypervisorHypervisorHypervisorIP Network FabricRouter VMConfined in single administrative domains
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONApplications Requirements6/21/201319Source: http://docs.oracle.com/cd/E12839_01/core.1111/e12037/overview.htmREALITYSIMPLE VIRTUALIZATION VIEWStorageL2-SegmentVM VM
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONHybrid Clouds and Existing Services ?6/21/201321L3 VPNServiceMulti-DC & Hybrid CloudsNet 1 Net 2VM VM VMVMRouterEnterpriseSite ADC Zone 1 DC Zone 2EnterpriseSite AL2/L3 VPNServiceDisaster Recovery & L2 VPNsSubnet 1 Subnet 2VM VM VMVMRouterAvailability ZoneVM VMEnterprise Site 1 Enterprise Site 2Availability Zone
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONState of the Art – Amazon VPC6/21/201323http://aws.amazon.com/articles/0639686206802544Do it yourselfComplex router configurationsIP addresses, IPSec tunnelsConfiguration in both sitesManual complex steps
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONState of the Art – Amazon VPC6/21/201324http://aws.amazon.com/articles/0639686206802544Do it yourselfComplex router configurationsIP addresses, IPSec tunnelsConfiguration in both sitesManual complex steps
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONAWS VPC & Managed VPNs6/21/201325http://docs.aws.amazon.com/directconnect/latest/UserGuide/Welcome.html“Step 3: Work with a partner in the AWS Partner Network (APN) to help youestablish network circuits between an AWS Direct Connect location and yourdata center, office, or colocation environment, or to provide colocation spacewithin the same facility as the AWS Direct Connect location. For the list ofAWS Direct Connect partners who belong to the AWS Partner Network (APN),go to http://aws.amazon.com/directconnect/partners.?
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONAWS VPC & Managed VPNs6/21/201326http://docs.aws.amazon.com/directconnect/latest/UserGuide/Welcome.html“Step 3: Work with a partner in the AWS Partner Network (APN) to help youestablish network circuits between an AWS Direct Connect location and yourdata center, office, or colocation environment, or to provide colocation spacewithin the same facility as the AWS Direct Connect location. For the list ofAWS Direct Connect partners who belong to the AWS Partner Network (APN),go to http://aws.amazon.com/directconnect/partners.?
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONThe Design of the Right Tool6/21/201327
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONProperties of Network Virtualization6/21/201328Current (1st Gen)EquivalencyFrom an application perspective,virtual network provides sameservices as beforeEfficiencyStatistically dominant fraction ofpackets forwarded without physicalnetwork translationsNetwork Resource ControlControlled by physical network(hypervisor), minimizing cross-talk(noisy neighbours)
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONProven Principles6/21/201329End-to-end Principle• Simple core• Intelligent edges• Fate sharingNetwork of networksBGP• Service FederationMobile• Policy Driven• Soft Handoff• State distribution
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONThe Internet Principles6/21/2013302. … the end-to-end argument, suggests thatfunctions placed at low levels of a system may beredundant or of little value when compared withthe cost of providing them at that low level.Steve Deering, 1998, “Watching the waist of the protocol hourglass”1. Thin waist
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONThe Network of Networks6/21/201331Picture from the “Salinas Union High School District”: http://www.salinas.k12.ca.us/
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONMobile Networks – Policy Driven Automation6/21/201332Soft handoff for fast mobility
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONNetwork VirtualizationSimple Core – Intelligent Edge6/21/201333HVIP TransportHVHVDecouple services from transportTunneling as a means of abstractionIntelligent edgeACLs, QoS, Access ControlIP underlay transportDistributed L2/L3/L4 processingAppAppApp
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONBut What Control Plane?6/21/201334HVIP TransportHVHV AppAppAppHVIP TransportHVHVControllerAppAppAppLarge complexity of end pointsCtrlCtrlCtrlScale, interoperability, reliability?
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONFederated SDN Controllers6/21/201335HVIP TransportHVHVControllerAppAppAppControllerMP-BGP?
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONBut this solves a larger problem6/21/201336EdgeIP TransportEdgeEdgeControllerIP Network
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONOverlay and Underlay6/21/201337HVIP TransportHVHVControllerAppAppAppLack of visibility in underlayCan lead to service disruptionNo means to detect or react?
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONOverlay and Underlay Event Correlation6/21/201338HVIP TransportHVHVControllerAppAppApp!
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONDistributed Policy Based Networking6/21/201339EdgeIP/MPLS TransportEdgeEdgeControllerPolicy SystemApp• Pull model• Application requests trigger network action• Network validates requests and assigns resources• Controllers implement in a distributed manner
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONMulti-DC, multi-Provider, multi-Vendor CloudNetworking6/21/20134040NetworkClosed Black Box
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONMulti-DC, multi-Provider, multi-Vendor CloudNetworking6/21/20134141HypervisorVirtualRouting &SwitchingServicesControllerOpenFlowDecouple control & data planeBGP federationFederate control plane across domains/vendorsOld and new worldsVirtualizedServicesDirectoryXMPPDecouple policy management & control plane
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONAbstractions6/21/201342WAN ServiceEnterprise SiteHypervisorHypervisorHypervisorHypervisorHypervisorHypervisorIP Network FabricVirtual Network DomainBGPService DefinitionMy NetworkZone 2Zone 1App Tier 1 App Tier 2Enterprise SitePublic Internet
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTIONSolving the Puzzle6/21/201343L3ServicesMPLSVPNFirewallsHybridCloudsL2VirtualizationPerformanceSLAs
    • Copyright 2013 Alcatel-Lucent. All rights reserved.CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOWPROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION 6/21/201345THANK YOU