Midokura A Briefing Note by Lori MacVittie Midokura A Briefing Note by Lori MacVittie Company: Midokura (www.midokura.com) Market: SDN Products: MidoNet Summary: MidoNet is a Software-‐Defined Networking solution attempting to address the limitations of competing controller-‐based models through a shared state, fully meshed virtual overlay network architecture. MidoNet is designed to overlay existing L2/L3 networks and provides a highly dynamic and flexible virtual network defined solely through roles and policies. The resulting architecture expands seamlessly to inter-‐domain network architectures, enabling federated hybrid cloud implementations.
Midokura A Briefing Note by Lori MacVittie Market Overview The market for SDN (Software-‐Defined Network) is just beginning to emerge into an early adoption state as organizations begin to refocus their virtualization efforts on the network and explore ways to realize benefits similar to that achieved in server infrastructure with network infrastructure. As with any emerging, highly disruptive technology, SDN is already plagued by diasaporic definitions. At least three major views of SDN are accepted by this nascent market: 1. Network Virtualization Network virtualization focuses on the implementation of virtual overlay networks to provide the dynamism and policy-‐based networking required to manage high rates of change, particularly in cloud computing environments. It is particularly well-‐suited to federated hybrid cloud models in which disparate networks must be managed as a singular network. 2. Protocol-‐based Virtualization Protocol-‐based virtualization is the expansion of existing L2 and L3 network domains through the use of virtualization-‐friendly protocol extensions such as VXLAN, NVGRE, STT, and VPLS. Protocol-‐based virtualization address challenges with physical and topological location associated with highly mobile virtual applications and services as well as scalability limitations on existing network protocols. 3. Centralized Control-‐Based Networks Centralized control-‐based networks are those implementing a centrally controller model for management and routing decisions that subsequently disseminate routing paths via an open, standards-‐based protocol such as OpenFlow. OpenFlow-‐based SDN models are currently viewed as most favorable due to its ability to reduce operational reliance on human capital and introduce a higher level of resiliency due to the controller’s ability to automatically reroute around failures. The market is dominated by protocol-‐based virtualization with a secondary focus on centralized control-‐ based networks. The need to overcome intra-‐environment challenges associated with virtual machine mobility, high-‐rates of change, and operational complexity are driving early adoption of both models in the enterprise. Standards are, at this juncture, clustered around protocol-‐based virtualization with the exception of OpenFlow. Though its supporters are non-‐trivial (Deutsche Telekom, Facebook, Google, Microsoft, Verizon, and Yahoo! are founders of the Open Networking Foundation (ONF) where standardization efforts are currently ongoing) and the base of OpenFlow-‐enabled hardware is quite broad, it remains to be seen whether OpenFlow will survive a mostly vendor-‐driven standards process. Midokura Overview Midokura has chosen to focus its SDN efforts in network virtualization with its MidoNet product, a fully meshed, P2P tunnel-‐driven, layer 2-‐4 virtual network overlay model. Implementation takes advantage of commoditized x86 hardware running a MidoNet agent that connects to an Open vSwitch deployed on a
Midokura A Briefing Note by Lori MacVittie Linux-‐based host. Each host becomes a node in the MidoNet virtual overlay network and each host can be assigned a variety of roles, each able to apply relevant L2-‐4 service policies. Using a scalable shared network state database, MidoNet enables a completely distributed execution model that can be deployed atop existing L2/L3 networks. Flows are routed through the overlay network using P2P tunnels between every other MidoNet agent endpoint, which creates a fully meshed virtual network topology. Remote MidoNet-‐enabled endpoints can provide inter-‐domain network normalization by leveraging the VPN service. Multi-‐tenancy can be extended across inter-‐domain boundaries by assigning the appropriate role to the endpoint. Midokura supports limited L4 services, specifically targeting load balancing, NAT, DHCP and firewall functionality. MidoNet does not leverage OpenFlow to communicate, using instead a proprietary bi-‐directional protocol to share state and session between the Network State Database and appropriate endpoints. MidoNet also does not take advantage of existing protocol-‐based virtualization efforts, eschewing the popular VXLAN and NVGRE protocols for its own “tenant id” to provide the isolation required to implement multi-‐tenant support. Advantages -‐ Non-‐disruptive to existing architecture -‐ Does not require new physical network infrastructure -‐ Shared state and session model enables rapid response to failure -‐ Multi-‐tenancy and related isolation does not rely on traditional protocols extensions that would require changes to core network characteristics, e.g. MTU. Disadvantages -‐ Does not address operational challenges in managing existing L2/L3 network -‐ Resource burden on hosts from agents an unknown
Midokura A Briefing Note by Lori MacVittie -‐ Visibility into existing L2/L3 network status and reaction to failure in physical network may be limited -‐ Lack of support for Windows-‐based MidoNet agent may be problematic for enterprises -‐ Use of proprietary protocol for multi-‐tenancy may inhibit interoperability with other models Competitors 1. Network Virtualization a. Vyatta b. Embrane c. Nicira (VMware) d. Xsigo (Oracle) 2. Protocol-‐based Virtualization a. Brocade b. Citrix (Xen) c. Juniper d. Big Switch e. Arista f. Microsoft g. VMware 3. Centralized Control-‐Based Networks a. IBM b. Dell c. HP d. Cisco e. Radware f. Juniper g. Big Switch h. Arista Summary Midokura brings a fairly unique offering to the SDN table by applying traditional shared-‐session architectural models to nascent network virtualization models. Combined with a role-‐based service model, MidoNet appears to have resolved existing challenges with SDN around resiliency and scale as related to centralized controller models. It remains to be seen if performance of the resulting virtual network and ramifications on capacity (and therefore cost) from an agent-‐based model will be able to satisfy the demanding requirements of not only service providers but an increasing number of enterprises.