Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
copyright 2014 1
The networking declaration
of independence
Chris Swan, CTO
@cpswan
the original cloud networking company
...
copyright 2014 2
Agenda
What is NFV?
Declaration of Independence
NFV Capabilities
Preview: Waves of Adoption
copyright 2014 3
What is
Network Function Virtualization?
copyright 2014
Positioning - NFV and SDN
4
copyright 2014 5
NFV can be a networking Swiss Army knife
Firewall
Dynamic &
Scriptable
SDN
Protocol
Redistributor
IPsec/S...
copyright 2014 6
Networking Declaration
of Independence
copyright 2014 7
Nicira’s “declaration of independence” from metal,
freed NFV from OpenFlow
+
http://nicira.com/sites/defa...
copyright 2014 8
These same properties free NFV from the
“constraints” of OpenFlow (technology, timing and target)
Nicira ...
copyright 2014 9
With VM-based network devices you can use the cloud
network as “bulk transport” and are indifferent to al...
copyright 2014 10
NFV devices “look” and “feel” like the same networking
devices customers have used for ever, without bou...
copyright 2014 11
Follow operational model of compute virtualization
NFV NFV NFV NFV
NFV functions can be dynamically brou...
copyright 2014 12
Compatible with any hypervisor platform
NFV does more than “follow” the model of compute
virtualization,...
copyright 2014 13
Secure isolation
Isolation takes many forms: from underlying infra, allow my
protocols, keep my “chattin...
copyright 2014 14
Cloud performance and scale
Where NFV really shines today: create a WAN in minutes,
use cloud as points ...
copyright 2014 15
Programmatic networking provisioning & control
+ http://maxoffsky.com/code-blog/building-restful-api-in-...
copyright 2014 16
Preview: Waves of Adoption
copyright 2014 17
Waves of NFV Adoption
Customer Data Center
NFV
Standard IPsec Tunnel
Firewall / IPsec Device
Data Center...
copyright 2014 18
Paddington, London, UK
ContactMe@cohesiveft.com
+44 20 8144 0156
Questions?
Upcoming SlideShare
Loading in …5
×

Chris Swan's CloudExpo Europe presentation "The networking declaration of independence – how overlay networking gives you control of your networks"

615 views

Published on

Chris Swan's CloudExpo Europe presentation originally given 26 Feb in the Software Defined Data Centre and Networks Theatre.
The networking declaration of independence – how overlay networking gives you control of your networks

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Chris Swan's CloudExpo Europe presentation "The networking declaration of independence – how overlay networking gives you control of your networks"

  1. 1. copyright 2014 1 The networking declaration of independence Chris Swan, CTO @cpswan the original cloud networking company How overlay networking gives you control of your networks
  2. 2. copyright 2014 2 Agenda What is NFV? Declaration of Independence NFV Capabilities Preview: Waves of Adoption
  3. 3. copyright 2014 3 What is Network Function Virtualization?
  4. 4. copyright 2014 Positioning - NFV and SDN 4
  5. 5. copyright 2014 5 NFV can be a networking Swiss Army knife Firewall Dynamic & Scriptable SDN Protocol Redistributor IPsec/SSL VPN concentrator Router Switch NFV Hybrid virtual device able to extend to multiple sites Application SDN (Software Defined Network) Appliances • Allow control, mobility & agility by separating network location and network identity • Control over end to end encryption, IP addressing and network topology
  6. 6. copyright 2014 6 Networking Declaration of Independence
  7. 7. copyright 2014 7 Nicira’s “declaration of independence” from metal, freed NFV from OpenFlow + http://nicira.com/sites/default/files/docs/Nicira%20- %20The%20Seven%20Properties%20of%20Virtualization.pdf
  8. 8. copyright 2014 8 These same properties free NFV from the “constraints” of OpenFlow (technology, timing and target) Nicira defined the 7 Properties of network virtualization as: 1. Independence from network hardware 2. Faithful reproduction of the physical network service model 3. Follow operational model of compute virtualization 4. Compatible with any hypervisor platform 5. Secure isolation between virtual networks, the physical network, and the control plane 6. Cloud performance and scale 7. Programmatic networking provisioning and control
  9. 9. copyright 2014 9 With VM-based network devices you can use the cloud network as “bulk transport” and are indifferent to all else. Independence from network hardware Customer Data Center NFV Standard IPsec Tunnel Firewall / IPsec Device Data Center Servers Overlay IP: 172.31.11.xx Public Cloud Region 1 IP: 192.168.1.xx LAN Cloud Server Cloud Server Overlay Network
  10. 10. copyright 2014 10 NFV devices “look” and “feel” like the same networking devices customers have used for ever, without boundaries Reproduction of physical network model Customer Data Center Standard IPsec Tunnel Data Center Servers Virtual Network Cloud Server Public CloudRegion 1 Overlay Network Data Center Servers Cloud Server NFV
  11. 11. copyright 2014 11 Follow operational model of compute virtualization NFV NFV NFV NFV NFV functions can be dynamically brought on-line, up to the elastic limits of the total infrastructure available (!!)
  12. 12. copyright 2014 12 Compatible with any hypervisor platform NFV does more than “follow” the model of compute virtualization, it exists via compute virtualization. Public Clouds Private Clouds Virtual Infrastructure
  13. 13. copyright 2014 13 Secure isolation Isolation takes many forms: from underlying infra, allow my protocols, keep my “chattiness” in, keep others out, etc.. Customer Data CenterCustomer Remote Office NFV Overlay Network Subnet: 172.31.0.0/22 Overlay IP: 172.31.1.1 Overlay IP: 172.31.1.5 Overlay IP: 172.31.1.9 Overlay IP: 172.31.1.13 Overlay IP: 172.31.1.17 Overlay IP: 172.31.1.21 Cloud Server A Cloud Server B Cloud Server C Cloud Server D Cloud Server E Cloud Server F Active IPsec Tunnel Active IPsec Tunnel Failover IPsec Tunnel 192.168.4.0/24 - 172.31.1.0/24 192.168.3.0/24 - 172.31.1.0/24 Firewall / IPsec Cisco 5505 Firewall / IPsec Cisco 5585 Data Center ServerData Center Server LAN IP: 192.168.4.50 LAN IP: 192.168.4.100User Workstation LAN IP: 192.168.3.100 User Workstation LAN IP: 192.168.3.50 Chicago, IL USA Remote Subnet: 192.168.3.0/24 London, UK Remote Subnet: 192.168.4.0/24 Public IP: 184.73.174.250 Overlay IP: 172.31.1.250 Public IP: 54.246.224.156 Overlay IP: 172.31.1.246 Public IP: 192.158.29.143 Overlay IP: 172.31.1.242 Peered Peered US East 1 EMEA APAC NFV
  14. 14. copyright 2014 14 Cloud performance and scale Where NFV really shines today: create a WAN in minutes, use cloud as points of presence for your business NFV User Workstation User Workstation Data Center Server
  15. 15. copyright 2014 15 Programmatic networking provisioning & control + http://maxoffsky.com/code-blog/building-restful-api-in-laravel-start-here/ Cloud Compute and Network APIs + NFV Device APIs allow previously unimaginable flexibility and power Public Clouds Private Clouds Virtual Infrastructure
  16. 16. copyright 2014 16 Preview: Waves of Adoption
  17. 17. copyright 2014 17 Waves of NFV Adoption Customer Data Center NFV Standard IPsec Tunnel Firewall / IPsec Device Data Center Servers Overlay IP: 172.31.11.xx Public CloudRegion 1 IP: 192.168.1.xx LAN Cloud Server Cloud Server Overlay Network Bursting and Containment Standard IPsec Tunnel Public CloudRegion 1 Cloud Server Cloud Server NFV Overlay Network Customer Site N Multiple IPsec Devices Customer Site 2 Customer Site 1 Hubs and Spokes “Winning back control” Encrypted Overlay network in VPC Web App 2Web App 1 Web App 3 Encrypted Connections Tomorrow 11:25 - 11:50 in DCIM / Software Defined Datacentres and Networks Stream
  18. 18. copyright 2014 18 Paddington, London, UK ContactMe@cohesiveft.com +44 20 8144 0156 Questions?

×