Analogous to server virtualization, Network Virtualization decouples and isolates virtual networks (i.e. tenant) from the underlying network hardware. One of the key value propositions of Software-Defined Networking (SDN) is to enable the provisioning and operation of virtual networks. This tutorial motivates the need for network virtualization, describes the high-level requirements, provides an overview of all architectural approaches, and gives you a clear picture of the vendor landscape.
Previously presented at ONUG Fall 2013 and Spring 2014.
VMworld 2013: An Introduction to Network Virtualization VMworld
VMworld 2013
Thomas Kraus, VMware
Eric Lopez, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Network and Service Virtualization tutorial at ONUG Spring 2015SDN Hub
Tutorial at ONUG Spring 2015 on Network and Service Virtualization. The tutorial covers three converging trends 1) Network virtualization, 2) Service virtualization, 3) overlay networking for Docker and OpenStack. The talk concludes with pointers to the hands-on portion of the tutorial that uses LorisPack, and the operational lessons learned.
Bruce Davie
Principal Engineer
VMware
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
Guido Appenzeller
CEO
Big Switch Networks
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
SDN, Network Virtualization and the Software Defined Data Center – Brad HedlundChef Software, Inc.
IT organizations around the world are transforming data center operations and economics by virtualizing their networks. Much like server virtualization decoupled VMs from the underlying X86 server hardware transforming the operational model of compute, network virtualization decouples software-based virtual networks from the underlying network hardware to enable a new operational model for networking. Deployed non-disruptively on any existing network without change, network virtualization transforms the physical network into a pool of capacity that can be consumed and repurposed on demand.
You will learn how, today, companies like AT&T, NTT, eBay and Rackspace have transformed their operational model and reduced network provisioning time from days/weeks to seconds. You will learn how network virtualization, OpenStack cloud management and Chef automation can be leveraged together and examine the architectural decisions you should be considering now to prepare for this transformation
VMworld 2013: An Introduction to Network Virtualization VMworld
VMworld 2013
Thomas Kraus, VMware
Eric Lopez, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Network and Service Virtualization tutorial at ONUG Spring 2015SDN Hub
Tutorial at ONUG Spring 2015 on Network and Service Virtualization. The tutorial covers three converging trends 1) Network virtualization, 2) Service virtualization, 3) overlay networking for Docker and OpenStack. The talk concludes with pointers to the hands-on portion of the tutorial that uses LorisPack, and the operational lessons learned.
Bruce Davie
Principal Engineer
VMware
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
Guido Appenzeller
CEO
Big Switch Networks
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
SDN, Network Virtualization and the Software Defined Data Center – Brad HedlundChef Software, Inc.
IT organizations around the world are transforming data center operations and economics by virtualizing their networks. Much like server virtualization decoupled VMs from the underlying X86 server hardware transforming the operational model of compute, network virtualization decouples software-based virtual networks from the underlying network hardware to enable a new operational model for networking. Deployed non-disruptively on any existing network without change, network virtualization transforms the physical network into a pool of capacity that can be consumed and repurposed on demand.
You will learn how, today, companies like AT&T, NTT, eBay and Rackspace have transformed their operational model and reduced network provisioning time from days/weeks to seconds. You will learn how network virtualization, OpenStack cloud management and Chef automation can be leveraged together and examine the architectural decisions you should be considering now to prepare for this transformation
Unified Underlay and Overlay SDNs for OpenStack CloudsPLUMgrid
Slides from the SFBay OpenStack Meetup
TOPIC: Unified Underlay and Overlay SDNs for OpenStack Clouds
ABSTRACT: With unified underlay and overlay SDNs, IT and operators can leverage best of both technologies to build service-rich SDNs for OpenStack clouds. At this meet up, PLUMgrid will discuss an overlay SDN architecture for service rich SDNs with service function chaining for 3rd party VNFs and demonstrate how to build that using Cisco Nexus 9K as the underlay to leverage the power and throughput of the Nexus fabric.
VMware NSX provides a platform for deployment of software-defined network (SDN) and network function virtualization (NFV) services across physical network devices in a way that is analogous to server virtualization.
VMworld 2013: Operational Best Practices for NSX in VMware Environments VMworld
VMworld 2013
Ben Basler, VMware
Roberto Mari, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Open Ethernet: an open-source approach to modern network designAlexander Petrovskiy
The era of closed proprietary hardware platforms is coming to an end. Today, in the world of Web-scale IT, the industry is starting to adopt new approach, based on the principles of openness, scalabilty and customizability. However, in more conservative networking industry, traditional equipment and proprietary technologies from a single vendor are often being used, which limits the flexibility, prevents innovation and narrows down the choice.
The "Open Ethernet" initiative from Mellanox brings open source principles into the world of modern networking and allows customers to select the best hardware and software to design network infrastructure, based on open and standard protocols and technologies, also opening the way for broad adoption of SDN.
Erez Cohen & Aviram Bar Haim, Mellanox - Enhancing Your OpenStack Cloud With ...Cloud Native Day Tel Aviv
Erez Cohen & Aviram Bar Haim, Mellanox - Enhancing Your OpenStack Cloud With Advanced Network and Storage Interconnect Technologies, OpenStack Israel 2015
vVMworld 2013: Deploying, Troubleshooting, and Monitoring VMware NSX Distribu...VMworld
VMworld 2013
Srinivas Nimmagadda, VMware
Shadab Shah, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Get a technical understanding of the components of NSX, including how switching, routing, firewalling, load-balancing and other services work within NSX.
Virtualization is one of the hottest trends occurring in the IT industry. We dive into what virtualization is and why you should be thinking about implementing it into your network plan.
Uploading slides presented in the OpenStack summit, at Austin in April, 2016. Here is the link to the video,
https://www.openstack.org/videos/video/optimising-nfv-service-chains-on-openstack-using-docker
Unified Underlay and Overlay SDNs for OpenStack CloudsPLUMgrid
Slides from the SFBay OpenStack Meetup
TOPIC: Unified Underlay and Overlay SDNs for OpenStack Clouds
ABSTRACT: With unified underlay and overlay SDNs, IT and operators can leverage best of both technologies to build service-rich SDNs for OpenStack clouds. At this meet up, PLUMgrid will discuss an overlay SDN architecture for service rich SDNs with service function chaining for 3rd party VNFs and demonstrate how to build that using Cisco Nexus 9K as the underlay to leverage the power and throughput of the Nexus fabric.
VMware NSX provides a platform for deployment of software-defined network (SDN) and network function virtualization (NFV) services across physical network devices in a way that is analogous to server virtualization.
VMworld 2013: Operational Best Practices for NSX in VMware Environments VMworld
VMworld 2013
Ben Basler, VMware
Roberto Mari, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Open Ethernet: an open-source approach to modern network designAlexander Petrovskiy
The era of closed proprietary hardware platforms is coming to an end. Today, in the world of Web-scale IT, the industry is starting to adopt new approach, based on the principles of openness, scalabilty and customizability. However, in more conservative networking industry, traditional equipment and proprietary technologies from a single vendor are often being used, which limits the flexibility, prevents innovation and narrows down the choice.
The "Open Ethernet" initiative from Mellanox brings open source principles into the world of modern networking and allows customers to select the best hardware and software to design network infrastructure, based on open and standard protocols and technologies, also opening the way for broad adoption of SDN.
Erez Cohen & Aviram Bar Haim, Mellanox - Enhancing Your OpenStack Cloud With ...Cloud Native Day Tel Aviv
Erez Cohen & Aviram Bar Haim, Mellanox - Enhancing Your OpenStack Cloud With Advanced Network and Storage Interconnect Technologies, OpenStack Israel 2015
vVMworld 2013: Deploying, Troubleshooting, and Monitoring VMware NSX Distribu...VMworld
VMworld 2013
Srinivas Nimmagadda, VMware
Shadab Shah, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Get a technical understanding of the components of NSX, including how switching, routing, firewalling, load-balancing and other services work within NSX.
Virtualization is one of the hottest trends occurring in the IT industry. We dive into what virtualization is and why you should be thinking about implementing it into your network plan.
Uploading slides presented in the OpenStack summit, at Austin in April, 2016. Here is the link to the video,
https://www.openstack.org/videos/video/optimising-nfv-service-chains-on-openstack-using-docker
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014SAMeh Zaghloul
Sameh Zaghloul
Technology Manager @ IBM
+2 0100 6066012
zaghloul@eg.ibm.com
SDN: Technology that enables data center team to use software to efficiently control network resources
SDN Overview
SDN Standards
NFV – Network Function Virtualization
SDN Scenarios and Use Cases
SDN Sample Research Projects
SDN Technology Survey
SDN Case Study
SDN Online Courses
SDN Lab SW Tools
- OpenStack Framework
- OpenDayLighyt – SDN Controller
- FloodLight – SDN Controller
- Open vSwitch – Virtual Switch
- MiniNet – Virtual Network: OpenFlow Switches, SDN Controllers, and Servers/Hosts
- OMNet++ Network Simulator
- Avior – Sample FloodLight Java Application
- netem - Network Emulation
- NOX/POX - C++/ Python OpenFlow API for building network control applications
- Pyretic = Python + Frenetic - Enables network programmers and operators to write modular network applications by providing powerful abstractions
- Resonance - Event-Driven Control for Software-Defined Networks (written in Pyretic)
SDN Project
An introductory slides for explaining the SDN and NFV technologies. what's the difference between them and when each one is used. Also it talk about some of Cisco products in each area either SDN or NFV or the Automation with some of real use cases deployed in today's service provider network.
Hope you like it
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS CloudsAdam Johnson
Presentation about the various approaches to network virtualization for infrastructure as a service (IaaS) clouds with an overview of MidoNet, an overlay based approach to network virtualization.
Presentation from Retail Business Technology Expo 2015 covering best practice for global ecommerce, avoiding downtime, trading in China and planning for traffic spikes as a result of Black Friday and DDOS attacks
High Performance Magnolia with Anycast Routingbkraft
Anycast Routing is an industry best practice to give servers the highest possible uptime, but that's only the network part. Magnolia CMS easily manages to synchronize multiple server nodes when publishing content. That's the content part. We at MiroNet bring the content and the network together and want to talk about our experiences on "The Internet" (literally) with Magnolia and Anycast Routing.
Enterprise Datacenter Virtualization und Cloud Computing stellen neue Anforderungen an das Netzwerk. Traditionsgemäss wurden virtuelle Workloads über als Bridge fungierende virtuelle Switches mit VLANs auf dem physischen Netzwerk verbunden. Mit dem Wachstum der Anfordungen an Skalierung und Automatisierung stossen diese Modelle an Grenzen.
Thomas Graf bot an diesem OpenTuesday einen Einblick in Protokolle und Technologien wie OpenFlow, VXLAN, OpenStack Neutron und Open vSwitch, die eingesetzt werden, um neue automatisierte Netzwerkkonzepte der nächsten Generation, wie Software Defined Networking oder Network Function Virtualization, umzusetzen.
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Dan Mihai Dumitriu
OpenStack deployments for public or private clouds require overlay networking. Due to the scale and rate of change of virtual resources, it isn't practical to rely on traditional network constructs and isolation mechanims. Today's deployments require performance, resilience, and high availability to be considered truly production-ready. In this session, we deep dive into the MidoNet architecture, and process of sending a data packet across an OpenStack environment through a network overlay. A distributed architecture implements logical constructs that are used to build networks without a single point of failure, all while adding network functionality in a highly-scalable manner. Network functions are applied in a single virtual hop. By applying network services right at the ingress host, the network is free from unnecessary clogging and bottlenecks by avoiding additional hops. Packets reach their destination more efficiently with the single virtual hop. After this session, the audience will understand how distributed architectures allow efficient networking with routing decisions and network services applied at the edge. Also, the audience will understand how it is easier to scale clouds when the network intelligence is distributed.
Overview of OpenStack nova-networking evolution towards Neutron. Architecture overview of OVS plugin, ML2, and MidoNet Overlay product. Overview and example of Heat templates, along with automation of physical switches using Cumulus
Optimising nfv service chains on open stack using dockerAnanth Padmanabhan
Uploading slides presented in the OpenStack summit, at Austin in April, 2016. Here is the link to the video,
https://www.openstack.org/videos/video/optimising-nfv-service-chains-on-openstack-using-docker
The Future of SDN in CloudStack by Chiradeep Vittalbuildacloud
The core of CloudStack networking has always been software-defined. As the networking industry evolves to a software-defined future, CloudStack will have to evolve with it.
The presentation will examine the present state of SDN in CloudStack, look at some industry directions and attempt to predict the evolution of CloudStack with those trends.
Bio
Chiradeep Vittal is a Distinguished Engineer in the Converged Infrastructure Group at Citrix where he has technology leadership responsibilities around Citrix Cloud Platform, Citrix Lifecycle Manager and Citrix Workspace Pod. He is also a Project Management Committee member of the Apache CloudStack Project. At cloud.com (acquired by Citrix), he was a founding engineer, often tasked with the thorny details of virtualized networking and storage. Prior to cloud.com, he worked at several Silicon Valley startups in various architectural roles.
Chiradeep has a B.Tech in Computer Science from IIT, Bombay and a M.Sc from the University of Alberta. He has spoken / presented at several conferences, including CloudStack Collab, LISA, OSCON, ONS, SDN Summit and LinuxCon. His twitter handle is @chiradeep and occasionally blogs at http://cloudierthanthou.wordpress.com
Software Defined Networking is seeing a lot of momentum these days. With server virtualization solving the virtual machines problem, and large scale object storage solving the distributed storage challenge, SDN is seen as key in virtual networking.
In this talk we don't try to define SDN but rather dive straight into what in our opinion is the core enabled of SDN: the virtual switch OVS.
OVS can help manage VLAN for guest network isolation, it can re-route any traffic at L2-L4 by keeping forwarding tables controlled by a remote controller (Openfow controller). We show these few OVS capabilities and highlight how they are used in CloudStack and Xen.
Xen Summit presentation of CloudStack and Software Defined Networks. OpenVswitch is the default bridge in Xen and supported in XenServer and Xen Cloud Platform
Designed for IT professionals looking to expand their OpenStack Networking knowledge, “Navigating OpenStack Networking” is a comprehensive and fast-paced session which provides an overview of OpenStack Networking, its history, its predecessor (Nova Networks), its components and then dives deep into the architecture, its features and plugin model and its role in building an OpenStack Cloud.
Session on CloudStack, intended for new users to CloudStack, provides an overview to varied audience levels information on usages, use cases, deployment and its architecture.
Integrating OpenStack To Existing InfrastructureHui Cheng
1. How to integrate OpenStack environment to our existing infrastructure.
2. How to efficiently interconnect the SAE & SWS, while preserving security properties and seamless connection.
3. The challenges we are facing when building & providing OpenStack-based public cloud service and how we solved it.
http://openstackconferencespring2012.sched.org/event/370f9d74a4e9e938a7f6f1e2af0958fe?iframe=yes&w=990&sidebar=no&bg=no#?iframe=yes&w=990&sidebar=no&bg=no#sched-body-outer
Presented at the CloudStack Silicon Valley User Group in September 2015 at Nuage Networks. Discussed impact of containers, emerging software defined networking platforms, NFV, IPv6 and performance.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
2. • THEORY
‒ Why Virtualize Networks?
‒ What is Software-defined Networking?
‒ Buzzwords:
OpenFlow, Open vSwitch, OVSDB, OpenStack, OpenDayLight
‒ Deploying Network Virtualization
‒ Vendor solution survey and landscape
Agenda
2
MY GOAL FOR TODAY: Make you dream of network containers.
5. • Corporate priority for managing internal workloads
‒ Supporting multiple tenants with virtualized resources
(computing, storage, and networking)
‒ Speed up configuration to allow workload rollout sooner
Immediate feedback on service rollout
Reduced time to revenue
• Hybrid clouds with bursting
‒ Leveraging guarantees of public CSP Reduced upfront CapEx and OpEx
‒ Bursting to public cloud for peak loads Reduced overprovisioning
‒ Lossless live migration Improved disaster recovery
Introducing the Multi-tenant Cloud
Network is a serious blocker of this vision
5
6. 1. Efficiency limited by VLANs and/or subnets
Multi-tenant Cloud DC today
6
Reality:
25% utilization
Goal:
80% utilization
7. 2. Network design limited by poor isolation
Multi-tenant Cloud DC today
7
a) Separate physical
networks for
different load,
b) 'N' VLANs
allocated to each
tenant
VM
A1
Hypervisor
Host 1
Switch-1 Switch-2 Switch-3
Switch-1 Switch-2 Switch-3
WAN
VLAN-101-x VLAN-101-x VLAN-101-x
VLAN-101-x
VLAN-101-x
VLAN-101-x
VLAN-101-x VLAN-101-x
VLAN-101-x VLAN-101-x
VLAN-101-x VLAN-101-x
8. 3. Scaling infrastructure is problematic
‒ L2 switching does not scale because of need to track
large number of MAC addresses
‒ L3 routing scales, but traditional architecture does not
support IP address overlap between tenants
Multi-tenant Cloud DC today
8
Leaf SW1 Leaf SW2
Spine SW3
Server 1 VM 1 VM 2
Server 2 VM 3 VM 4
Server 3 VM 5 VM 6
Server 4 VM 7
Server 5 VM 8 VM 9
Server 6 VM10 VM 11
9. 4. Poor orchestration of virtualized L4-L7 appliances
Multi-tenant Cloud DC today
9
Internet Internet
NFV
10. 5. VMs are not treated as first class citizens
‒ Over 70% of today's servers are virtual machines
‒ But,
East-west traffic poorly managed
Lack of prioritization and rate-limiting at VM level
Traffic between VMs on same server often unsupervised
6. Dynamic workload over multiple clouds is tricky
‒ Provisioning network takes forever
‒ Flat L2 network requires L2VPNs and other complex
entities that are not easily created on the fly
Multi-tenant DC Today
10
11. • Lack of abstraction that decouples infrastructure
from policy framework
• Lack of ways to define the application container
with dependencies on resources
Basic Problem underlying all this
11
14. • Closed to Innovations in the infrastructure
Current Internet
Specialized Packet
Forwarding
Hardware
Service Service Service
Specialized Packet
Forwarding
Hardware
Service Service Service
Specialized Packet
Forwarding
Hardware
Service Service Service
Specialized Packet
Forwarding
Hardware
Service Service Service
Specialized Packet
Forwarding
Hardware
Operating
System
Operating
System
Operating
System
Operating
System
Operating
System
Service Service Service
Closed
Current Mode of Operation:
High complexity and cost,
Coarse traffic management,
not easy to innovate on top
14
15. “Software-defined Networking” Approach
Specialized Packet
Forwarding
Hardware
Service Service Service
Specialized Packet
Forwarding
Hardware
Service Service Service
Specialized Packet
Forwarding
Hardware
Service Service Service
Specialized Packet
Forwarding
Hardware
Service Service Service
Specialized Packet
Forwarding
Hardware
Operating
System
Operating
System
Operating
System
Operating
System
Operating
System
Service Service Service
Network Operating System
LB
service
FW
service
IP routing
service
15
16. “Software-defined Network”
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware Simple Packet
Forwarding
Hardware
Network Operating System
OpenFlow or
other API
North-bound
interface API
Unchanged mgmt API
Future Mode of Operation:
Lower complexity and cost,
Granular traffic management,
Dynamic and Automated
LB
service
FW
service
IP routing
service
16
Legacy
Router
17. Modes of SDN Deployment
1.In-network: Existing/green-field network fabrics upgraded to support OpenFlow
2.Overlay: WITHOUT changing fabric, the intelligence is added to edge-devices,
‒ as an additional appliance (e.g., bump-in-wire managed by controller)
‒ as enhanced server kernel bridge (e.g., OpenVSwitch in x86 hypervisors)
Control Path OpenFlowHardware
switch
Data path
(Hardware)
Figure courtesy of
Martin Casada @ VMware
17
18. • Google (Mode #1):
‒ Uses Openflow controllers and enabled
switches to interconnect their data centers
• AT&T, eBay, Fidelity Investments, NTT
and Rackspace (Mode #2):
‒ Using OpenStack Quantum and Nicira NVP
controller to manage the virtual networks
within cloud environment
• Genesis hosting
(Hybrid Mode #1 + Mode #2)
‒ Uses NEC controller in intra-data-center
scenario in production setting
Publicly Announced SDN Deployments
18
19. Business Potential of SDN
19
Business potential How?
Reduced time to revenue Speed up of service provisioning
New revenue Through new business models centered around
on-demand usage
Improved policy compliance Ensure that cloud workload is compliant with
enterprise policies (e.g., access control)
OpEx saving Automated operations and easier management
of resources
Reduced OpEx during upgrades Introduce new functions and service by
replacing just software stack
21. A quick primer on OpenFlow
Controller
PC
OpenFlow Switch
OpenFlow Switch OpenFlow Switch
Alice's code
Decision?
OpenFlow
Protocol
Alice'sRule
Alice's Rule Alice's Rule
OpenFlow offloads control intelligence to a remote software
21
Match L1: Tunnel ID, Switchport
L2: MAC addr, VLAN ID,
Ether type
L3: IPv4/IPv6 fields, ARP
L4: TCP, UDP
Action • Output to zero or
more ports
• Encapsulate
• Header rewriting
• Send to controller
22. Sample OpenFlow Physical Switches
Model Virtualize Notes
HP Procurve
5400zl or 6600
1 OF instance
per VLAN
-LACP, VLAN and STP processing
before OpenFlow
-Wildcard rules or non-IP pkts
processed in s/w
-Header rewriting in s/w
-CPU protects mgmt during loop
NEC IP8800 1 OF instance
per VLAN
-OpenFlow takes precedence
-Most actions processed in hardware
-MAC header rewriting in h/w
Brocade MLX
routers
Multiple OF
instance per
switch
-Hybrid OpenFlow switch with legacy
protocols and OpenFlow coexisting
-OpenFlow commands can override
state created by legacy protocos
Pronto 3290 or
3780 with Pica8 or
Indigo firmware
1 OF instance
per switch
-No legacy protocols (like VLAN, STP)
-Most actions processed in hardware
-MAC header rewriting in h/w
23. • Kernel module that replaces the standard linux bridge to
provide significant packet matching and processing flexibility
Open vSwitch (OVS)
23
Figure courtesy
Thomas Graf @Red Hat
24. • API that is an alternative to OpenFlow
‒ Lightweight
‒ Transactional
‒ Not SQL
‒ Persistent
‒ No packet_in events
• Include Configuration and Control
• Also manages slow-moving state:
‒ VM placement (via VMM integration)
‒ Tunnel setup
OVSDB
24
25. Open-source OpenFlow Controllers
25
Controller Notes
Ryu (NTT) •Apache license
•Python
NOX/POX (ONRC) •GPL
•C++ and Python
Beacon (Stanford Univ.) •BSD-like license
•Java-based
Maestro (Rice Univ.) •GPL
•Based on Java
Trema (NEC) •GPL 2.0
•Written in C and Ruby
Floodlight (Big Switch) •Apache license
•Java-based
OpenDayLight
(Linux Foundation)
•Eclipse Public License
•Java-based
26. • Vendor-driven consortium (with Cisco, IBM, and others)
for developing open-source SDN controller platform
OpenDayLight Controller
26
27. Stack for Networking with OpenStack
Typical workflow
1. Create a network
2. Associate a subnet
with the network
3. Boot a VM and attach
it to the network
4. Delete the VM
5. Delete any ports
6. Delete the network
pSwitch
pSwitch
vSwitch
Network Virtualization App
SDN Controller
vSwitch
Plugin
API
27
Neutron
30. 1. Traffic isolation across virtual
networks
‒ No VLANs and its 4094 limit
‒ Flexible containerization and
switching of traffic
‒ Clear state management
‒ IP address overlap allowed
2. Scalably identifying individual
VM’s traffic
‒ Intercepting traffic
‒ Virtual network identification
‒ Tracking hosts with
minimal state
Requirements/Challenges
30
3. Integration with legacy
‒ Encapsulation and tunneling
‒ VLAN to VxLAN gateways
‒ Support bare metal servers
4. Chaining and orchestrating
virtual L4-L7 services
‒ Placement, number of instances,
offloading
5. Troubleshooting support
‒ End-to-end visibility
‒ Mapping Virtual to Physical for
troubleshooting
31. Deployment mode #1: Underlay
VPN termination,
L3 routing
VM VM VM VMVM VM IP 192.168.1.2, MAC 0x1
VM VM VM VMVM VM
VM VM VM VMVM VM
VM VM VM VMVM VM
Controller
cluster
CLI, REST, GUI
IP 192.168.1.2, MAC 0x2
IP 192.168.2.2, MAC 0x1
IP 192.168.1.2, MAC 0x3
IP 192.168.1.2, MAC 0x2
IP 192.168.1.2, MAC 0x1
IP 192.168.2.1, MAC 0x2
IP 192.168.1.3, MAC 0x4
Tenant membership
decided based on
{switch-port, MAC, IP}
tuple in each flow
31
VNet identified
using VLANs,
VxLANs or GRE
Internet
Custom routing
by controller
32. • Problem: OpenFlow switches have resource limitations
‒ Weak CPU incapable of doing traffic summarization, frequent
statistics reporting, and packet marking
‒ Flow-table limitation in switches (e.g., 1500 exact match entries)
‒ Switch-controller communication limits (e.g., 200 packet_in/sec)
‒ Firmware does not always expose the full capabilities of the chipset
• Solution:
‒ Next generation of hardware customized for OpenFlow
‒ New TCAMs with larger capacity
‒ Intelligent traffic aggregation
‒ Minimal offloading to vSwitches
Performance Limitations
32
33. Legacy
L3 routing
Legacy
L2 switching
VM VM VM VMVM VM
10.1.1.0/24 10.1.2.0/24 10.2.1.0/24
10.1.1.1 10.1.1.2 10.1.2.1 10.1.2.2 10.2.1.1 10.2.1.2
VM VM VM VMVM VM
VM VM VM VMVM VM
VM VM VM VMVM VM
vDP vDP vDP vDP vDP vDP
Controller
cluster
Internet
Logical link
v/p-GatewayCLI, REST, GUI
Deployment mode #2: Overlay
vDP: Virtual Data Plane
VM addressing
masked from fabric
Tunnels
Tenant membership
decided by virtual
interface on the vSwitch
vDP
34. • Use of tunneling techniques,
such as STT, VxLAN, GRE
• Functionality implemented at
the vDP include:
‒ Virtual network switching, rate
limiting, distributed ACLs, flow
marking, policy enforcement
• Functionality implemented at
the gateway can include:
‒ NAT, Tunnel termination, Designated
broadcast, VLAN interface
• Network core is not available
for innovation
Overlay-based Network Virtualization
34
Topology acts like
a single switch
35. • Bare metal mode
‒ Running a native OS with
baked in containerization
• Hypervisor mode
‒ Typically supported with
KVM, Xen or Hyper-V
• Appliance mode
‒ Typically with VMware ESX
Typical Insertion Choices
35
VM
A1
VM
B1
Hypervisor
VM
A3
DVS
SDN
Engine
Host server
VM
A1
VM
B1
VM
A3
Custom vSwitch
VM
D1
Host server
VM
A1
VM
B1
VM
A3
VM
D1
Host server
Hypervisor SDN Engine
36. VxLAN Tunneling
36
• Between VxLAN Tunnel End Points (VTEP) in each host server
• UDP port numbers allows better ECMP hashing
• In absence of SDN control plane, IP multicast is used for
layer-2 flooding (broadcasts, multicasts and unknown unicasts)
VTEP outer
MAC header
Outer IP
header
Outer UDP
header
VxLAN
header
Original L2 packet
VxLAN flags
Reserved
24bit VN ID
Reserved
Source port
VxLAN port
UDP Length
Checksum
37. MPLS over GRE Tunneling
37
Transport
header of the
Authoritative
Edge Device
MPLS o GRE
header
Original L2
packet
38. • Solution:
‒ Offload it to the top-of-
rack leaf switch
‒ Use hardware gateway
• Problem:
‒ Overlay mode is CPU
hungry at high line rates
and has anecdotally fared
poorly in real world
Performance Limitations
38
Throughput Recv
side cpu
Send
side cpu
Linux Bridge: 9.3 Gbps 85% 75%
OVS Bridge: 9.4 Gbps 82% 70%
OVS-STT: 9.5 Gbps 70% 70%
OVS-GRE: 2.3 Gbps 75% 97%
Source: http://networkheresy.com/2012/06/08/the-overhead-of-software-tunneling/
39. • Combined overlay and underlay (fabric) to achieve:
‒ end-to-end visibility
‒ complete control
‒ best mix of both worlds
• The integration may need 1) link-local VLANs or 2)
integration with VM manager to detect VM profile
Deployment mode #3: Hybrid
39
41. Rack
Four types of SDN solutions
1. SDN-Dataplane
‒ Traffic handling
devices
Physical
Virtual
2. SDN-Control
‒ Decoupled control
plane
OpenFlow++
Overlay
3. SDN-Fabric
‒ Combined data and
control plane
4. SDN-Mgmt
‒ Extensible mgmt
software and API
Core
Aggregation
Edge
Controller
cluster
Management/
Orchestration
Virtual switches
Server
manager
41
42. Vendor Ecosystem
Data plane
(Elements used for traffic
handling)
Controller solutions
(Decoupled control
plane)
Fabric
(Combined data
and control plane)
Management
(Extensible mgmt
software and API)
L2-L4
routing
SDN-D-
PSwitch
SDN-D-
VSwitch
SDN-C-
OpenFlow
SDN-C-
Overlay
SDN-D-Fabric SDN-N-Mgmt
42
(*Not necessarily complete)
43. Vendor Ecosystem
Data plane
(Elements used for traffic
handling)
Controller solutions
(Decoupled control
plane)
Fabric
(Combined data
and control plane)
Management
(Extensible mgmt
software and API)
L4-L7
services
SDN-S-Dataplane SDN-S-Control SDN-S-Fabric SDN-S-
Orchestrator
43
(*Not necessarily complete)
44. Converging Architecture for L2-L4
• P+V or Overlay-Underlay
‒ Vendors are converging towards an architecture where
Overlay: Provides flexibility
Underlay: Provides performance
‒ Achieve end-to-end visibility and control
• Vendor options
‒ Same vendor for overlay and underlay (e.g., Cisco Insieme
+ Cisco 1KV, Big Switch SwitchLight, HP, Juniper)
‒ Different vendor for each
Overlay : VMware, IBM, PLUMgrid, Nuage/ALU
Underlay: Arista, Brocade, Pica8, Cumulus
44
45. Overlay: VMware NSX
• VxLAN and STT tunneling
• Partnership with several hardware vendors for VTEP
45
46. • Open-source solution that uses MPLS/GRE/VxLAN in
dataplane and XMPP for control plane signaling
Overlay: Juniper Contrail System
46
XMPP
47. Cloud Service
Management Plane
Datacenter
Control Plane
Datacenter
Data Plane
Virtual
Routing &
Switching
Virtualized
Services
Directory
Virtualized
Services
Controller
HYPERVISOR
HYPERVISOR
HYPERVISOR
HYPERVISOR
HYPERVISOR
HYPERVISOR
Brooklyn Datacenter - Zone 1
Virtualized Services Directory (VSD)
• Policy Engine – abstracts complexity
• Service templates and analytics
Virtualized Services Controller (VSC)
• SDN Controller, programs the network
• Rich routing feature set
Virtual Routing & Switching (VRS)
• Distributed switch / router – L2-4 rules
• Integration of bare metal assets
Nuage Networks
Virtualized Services Platform (VSP)
IP Fabric
Edge Router
MP-BGPMP-BGP
Hardware
GW for
Bare
Metal
Overlay: Nuage Networks VSP
• Tunnel encapsulation using VXLAN or VPNoGRE.
• Hardware integration for Gateway through MP-BGP
47
48. Hybrid: HP-VMware Partnered NSX
• Virtual switches from Vmware or HP
• Physical switches from HP
48
OVSDB
OpenFlow
49. Hybrid: Big Switch “P+V” Fabric
• Fabric combining physical and virtual OpenFlow switches
‒ Support for end-to-end network virtualization
‒ Support for integrating L4-L7 and other legacy devices
49
50. • Multi-tenant logical networks – 1000 Virtual Tenant Networks
• Multipath fabric with traffic engineering – 200 switches/controller
• End to end resiliency - millisecond link failover
Underlay: NEC ProgrammableFlow
VTN2(Layer2)
VTN1 (Layer3)
Controller
cluster
OpenFlow
Protocol
Switch Pool Server Pool
Physical Network
vRouter
vBridge
Virtual Tenant
Networks
Interface
50
51. L4-L7: Embrane Heleos
• Elastically rollout virtual L4-L7 appliances on x86
hardware based on metrics
• Approach complementary to L2-L4 network virtualization
solutions
51
52. L4-L7: Cisco vPath
• Similar to SDN, vPath architecture decouples control
plane and data plane, but for L4-L7 service
‒ Intelligence on the Virtual Service Gateway (VSG)
‒ Enforcement on the vPath agent in vSwitch
52
53. L4-L7: vArmour Virtual Distri. Firewall
• Physical or virtual Multi-
enforcement points that
integrate to a single policy
• Pre-configured security
group for diff app are
applied automatically
through Nova integration
• EP = Security and Fwding
• L2-L4 SDN not essential
53
Director
cluster
P/V Enforcement Point EP EP EP
vArmour FWaaS Plugin