SlideShare una empresa de Scribd logo

Making case up

Khazret Sapenov
Khazret Sapenov
1 de 37
Making a case for distributed overlay-based network virtualization Ben Cherian Chief Strategy Officer @bencherian Midokura
So, you’re building a cloud?
Requirements
1 2 3 4 5 vs 1 New 1 Horizontal scaling
Building blocks of an IaaS cloud
Cloud management system
Compute
Storage
Networking
Traditional networking devices scale up
Service interruptions
High churn, micro granularity
Limitations of VLANs
Traffic trombones
Human costs don’t scale
Additional Requirements
IaaS Cloud Networking Requirements • Multi-tenancy • ACLs • L2 isolation • Stateful (L4) Firewall  Security Groups • L3 routing isolation  VPC • VPN  Like VRF (virtual  IPSec routing and forwarding) • BGP gateway • Scalable control • REST API plane • Integration with CMS  ARP, DHCP, ICMP  OpenStack • NAT (Floating IP)  CloudStack
IaaS Cloud Networking Requirements Typical Network Topology uplink - Creat e one provider rout er upon deployment - Link to uplink - Creat e a rout er f or a t enant - BGP multi-homing - M ap a bridge f or a quant um net work - Global NAT/route settings, e.g. for floating ip Provider Virtual Router (L3) - Tenant router for FW, LB, DHCP and NAT Tenant/Project A Tenant/Project B Tenant B Tenant A Virtual Router Virtual Router Network A1 Network A2 Network B1 TenantB office Virtual L2 Virtual L2 Virtual L2 Switch A1 Switch A2 Switch B1 Tenant B VPN Router VM1 VM3 VM5 VM2 VM4 VM6 Office Network
Solution: Distributed overlay-based network virtualization
Use encapsulation to build a virtual network
Handle network intelligence / network state at the edge
Require less of the physical network
Edge to Edge IP Overlays • Isolation not using VLANs  IP encapsulation • Decouple from physical network • Provisioning VM doesn’t change underlay state • Underlay delivers to destination host IP • Use scalable IGP (iBGP, OSPF) to build multi-path underlay • Inspired by VL2 from MSR
Market trends supporting overlay model • Packet processing on x86 CPUs (at edge) – Intel DPDK facilitates packet processing – Number of cores in servers increasing fast • Clos Networks (for underlay) – Spine and Leaf architecture with IP – Economical and high E-W bandwidth • Merchant silicon (cheap IP switches) – Broadcom, Intel (Fulcrum Micro), Marvell – ODMs (Quanta, Accton) starting to sell directly – Switches are becoming just like Linux servers • Optical intra-DC Networks
The MidoNet Solution • Virtual L2 Distributed Switching • Virtual L2 Isolation • Virtual L3 Distributed Routing • Virtual L3 Isolation • L4 Services (Load Balancing, Firewall) • NAT • Access Control Lists (ACLs) • Virtual port and device monitoring • Restful API • Web based management control panel
The MidoNet Solution Logical Topology vPort Virtual Tenant A Switch A1 Virtual vPort Router vPort Provider Virtual Virtual Switch A2 vPort Router Tenant B vPort Virtual Virtual Router Switch B1 vPort VM MN MN VM BGP BGP Multi To ISP1 Homing Internet Private IP VM MN Network MN VM BGP To ISP2 Tunnel BGP To ISP3 VM MN MN VM MN MN MN Network State Database Physical Topology
The MidoNet Solution • Distributed and scalable control plane  Handle all control packets at local MidoNet agent adjacent to VM • Scalable and fault tolerant central database  Stores virtual network configuration  Dynamic network state  MAC learning, ARP cache, etc  Cached at edges on demand • All packet modifications at ingress Packet Tunnel Ingress  One virtual hop MN  No travel through middle boxes Encapsulated  Drop at ingress Drop/Block
Scale out model
The MidoNet Solution • Scalable edge gateway interface to external networks – Multihomed BGP to ISP • REST API and GUI • Integration with popular open source cloud stacks – OpenStack • Removes SPOF of network node • Scalable and fault tolerant NAT for floating IP • Implements security groups efficiently – CloudStack (in progress)
CloudStack integration • Currently have L2 integration • Full integration is slated for Q1, 2013 – L3 isolation (without VM / appliance) – Security groups (stateful firewall) – Floating IP (NAT) – Load balancing (L4)
Questions?
Backup slides
Candidate Models • Traditional network • Centrally controlled OpenFlow based hop- by-hop switching fabric • Edge to edge overlays
Traditional Netowrk • Ethernet VLANs for L2 isolation  4096 limit  VLANs will have large spanning trees terminating on many hosts  High churn in switch control planes doing MAC learning non-stop  Need MLAG for L2 multi-path  Vendor specific • MPLS VPN? • VRFs for L3 isolation  Not scalable to cloud scale  Expensive hardware  Not fault tolerant
OpenFlow Fabric • State in switches  Proportional to virtual network state  Need to update all switches in path when provisioning  Not scalable, not fast enough to update, no atomicity of updates • Not good for IaaS cloud virtual networking
Spine and Leaf Network Architecture
Deep OpenStack Integration • Quantum Plugin – L2 isolation, of course • Also… – L3 isolation (without VM / appliance) – Security groups (stateful firewall) – Floating IP (NAT) – Load balancing (L4) 37

Recomendados

Networking in the cloud: An SDN primer
Networking in the cloud: An SDN primerNetworking in the cloud: An SDN primer
Networking in the cloud: An SDN primerMidokura
 
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS Clouds
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS CloudsBayLISA: MidoNet Overlay Based Network Virtualization for IaaS Clouds
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS CloudsAdam Johnson
 
Drd700
Drd700Drd700
Drd700ciperi
 
evolution towards NGN
evolution towards NGNevolution towards NGN
evolution towards NGNAJAL A J
 
Encoder
EncoderEncoder
EncoderTELE-audiovision eng
 
Quality of Experience
Quality of ExperienceQuality of Experience
Quality of ExperienceThomas Kernen
 
Ibc forum 2012-divitel
Ibc forum 2012-divitelIbc forum 2012-divitel
Ibc forum 2012-divitelVerimatrix
 
Network policies
Network policiesNetwork policies
Network policiesshanj
 

Recomendados

Networking in the cloud: An SDN primer
Networking in the cloud: An SDN primerNetworking in the cloud: An SDN primer
Networking in the cloud: An SDN primerMidokura
 
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS Clouds
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS CloudsBayLISA: MidoNet Overlay Based Network Virtualization for IaaS Clouds
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS CloudsAdam Johnson
 
Drd700
Drd700Drd700
Drd700ciperi
 
evolution towards NGN
evolution towards NGNevolution towards NGN
evolution towards NGNAJAL A J
 
Encoder
EncoderEncoder
EncoderTELE-audiovision eng
 
Quality of Experience
Quality of ExperienceQuality of Experience
Quality of ExperienceThomas Kernen
 
Ibc forum 2012-divitel
Ibc forum 2012-divitelIbc forum 2012-divitel
Ibc forum 2012-divitelVerimatrix
 
Network policies
Network policiesNetwork policies
Network policiesshanj
 
Windows Server 8 Hyper V Networking
Windows Server 8 Hyper V NetworkingWindows Server 8 Hyper V Networking
Windows Server 8 Hyper V NetworkingAidan Finn
 
Scalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware NetworksScalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware Networksmgrafl
 
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLANFlexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLANCisco Canada
 
Sao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - VerimatrixSao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - VerimatrixVerimatrix
 
2008 EBU Training BBC Scotland Infrastructure
2008 EBU Training BBC Scotland Infrastructure2008 EBU Training BBC Scotland Infrastructure
2008 EBU Training BBC Scotland InfrastructureEuropean Broacasting Union
 
Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]APNIC
 
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, VerimatrixMulti-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, VerimatrixVerimatrix
 
10209
1020910209
10209ronsito
 
Trill and Datacenter Alternatives
Trill and Datacenter AlternativesTrill and Datacenter Alternatives
Trill and Datacenter AlternativesAricent
 
IPv6 in 3G Core Networks
IPv6 in 3G Core NetworksIPv6 in 3G Core Networks
IPv6 in 3G Core NetworksJohn Loughney
 
Netup dvb-tc-ci
Netup dvb-tc-ciNetup dvb-tc-ci
Netup dvb-tc-ciTELE-audiovision eng
 
Backhaul considerations-ver2
Backhaul considerations-ver2Backhaul considerations-ver2
Backhaul considerations-ver2Rafael Junquera
 
Mobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLSMobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLSCisco Canada
 
David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009eCommConf
 
Ultra high definition TV over IP networks
Ultra high definition TV over IP networksUltra high definition TV over IP networks
Ultra high definition TV over IP networksThomas Kernen
 
Waris l2vpn-tutorial
Waris l2vpn-tutorialWaris l2vpn-tutorial
Waris l2vpn-tutorialrakiva29
 
Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01ciperi
 
Unified MPLS
Unified MPLSUnified MPLS
Unified MPLSCisco Service Provider
 
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewCISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewAmeen Wayok
 
Networking in the Cloud: An SDN Primer
Networking in the Cloud: An SDN PrimerNetworking in the Cloud: An SDN Primer
Networking in the Cloud: An SDN PrimerOpenStack Foundation
 
Cherian networking in_the_cloud_041613
Cherian networking in_the_cloud_041613Cherian networking in_the_cloud_041613
Cherian networking in_the_cloud_041613OpenStack Foundation
 
Windows server 8 hyper v networking (aidan finn)
Windows server 8 hyper v networking (aidan finn)Windows server 8 hyper v networking (aidan finn)
Windows server 8 hyper v networking (aidan finn)hypervnu
 

Más contenido relacionado

La actualidad más candente

Windows Server 8 Hyper V Networking
Windows Server 8 Hyper V NetworkingWindows Server 8 Hyper V Networking
Windows Server 8 Hyper V NetworkingAidan Finn
 
Scalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware NetworksScalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware Networksmgrafl
 
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLANFlexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLANCisco Canada
 
Sao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - VerimatrixSao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - VerimatrixVerimatrix
 
Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]APNIC
 
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, VerimatrixMulti-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, VerimatrixVerimatrix
 
Trill and Datacenter Alternatives
Trill and Datacenter AlternativesTrill and Datacenter Alternatives
Trill and Datacenter AlternativesAricent
 
IPv6 in 3G Core Networks
IPv6 in 3G Core NetworksIPv6 in 3G Core Networks
IPv6 in 3G Core NetworksJohn Loughney
 
Backhaul considerations-ver2
Backhaul considerations-ver2Backhaul considerations-ver2
Backhaul considerations-ver2Rafael Junquera
 
Mobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLSMobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLSCisco Canada
 
David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009eCommConf
 
Ultra high definition TV over IP networks
Ultra high definition TV over IP networksUltra high definition TV over IP networks
Ultra high definition TV over IP networksThomas Kernen
 
Waris l2vpn-tutorial
Waris l2vpn-tutorialWaris l2vpn-tutorial
Waris l2vpn-tutorialrakiva29
 
Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01ciperi
 
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewCISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewAmeen Wayok
 

La actualidad más candente (19)

Windows Server 8 Hyper V Networking
Windows Server 8 Hyper V NetworkingWindows Server 8 Hyper V Networking
Windows Server 8 Hyper V Networking
 
Scalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware NetworksScalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware Networks
 
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLANFlexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
 
Sao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - VerimatrixSao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - Verimatrix
 
2008 EBU Training BBC Scotland Infrastructure
2008 EBU Training BBC Scotland Infrastructure2008 EBU Training BBC Scotland Infrastructure
2008 EBU Training BBC Scotland Infrastructure
 
Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]
 
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, VerimatrixMulti-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
 
10209
1020910209
10209
 
Trill and Datacenter Alternatives
Trill and Datacenter AlternativesTrill and Datacenter Alternatives
Trill and Datacenter Alternatives
 
IPv6 in 3G Core Networks
IPv6 in 3G Core NetworksIPv6 in 3G Core Networks
IPv6 in 3G Core Networks
 
Netup dvb-tc-ci
Netup dvb-tc-ciNetup dvb-tc-ci
Netup dvb-tc-ci
 
Backhaul considerations-ver2
Backhaul considerations-ver2Backhaul considerations-ver2
Backhaul considerations-ver2
 
Mobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLSMobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLS
 
David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009
 
Ultra high definition TV over IP networks
Ultra high definition TV over IP networksUltra high definition TV over IP networks
Ultra high definition TV over IP networks
 
Waris l2vpn-tutorial
Waris l2vpn-tutorialWaris l2vpn-tutorial
Waris l2vpn-tutorial
 
Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01
 
Unified MPLS
Unified MPLSUnified MPLS
Unified MPLS
 
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewCISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
 

Similar a Making case up

Networking in the Cloud: An SDN Primer
Networking in the Cloud: An SDN PrimerNetworking in the Cloud: An SDN Primer
Networking in the Cloud: An SDN PrimerOpenStack Foundation
 
Cherian networking in_the_cloud_041613
Cherian networking in_the_cloud_041613Cherian networking in_the_cloud_041613
Cherian networking in_the_cloud_041613OpenStack Foundation
 
Windows server 8 hyper v networking (aidan finn)
Windows server 8 hyper v networking (aidan finn)Windows server 8 hyper v networking (aidan finn)
Windows server 8 hyper v networking (aidan finn)hypervnu
 
Advanced network services insertions framework
Advanced network services insertions frameworkAdvanced network services insertions framework
Advanced network services insertions frameworksalv_orlando
 
OpenStack Load Balancing Use Cases and Requirements
OpenStack Load Balancing Use Cases and RequirementsOpenStack Load Balancing Use Cases and Requirements
OpenStack Load Balancing Use Cases and RequirementsJohn Gruber
 
VoIP Connectivity Table
VoIP Connectivity TableVoIP Connectivity Table
VoIP Connectivity TableBraun Mincher
 
Network virtualization with open stack quantum
Network virtualization with open stack quantumNetwork virtualization with open stack quantum
Network virtualization with open stack quantumMiguel Lavalle
 
Brokerage 2007 presentation wireless
Brokerage 2007 presentation wirelessBrokerage 2007 presentation wireless
Brokerage 2007 presentation wirelessimec.archive
 
Networking is NOT Free: Lessons in Network Design
Networking is NOT Free: Lessons in Network DesignNetworking is NOT Free: Lessons in Network Design
Networking is NOT Free: Lessons in Network DesignRandy Bias
 
Architecting data center networks in the era of big data and cloud
Architecting data center networks in the era of big data and cloudArchitecting data center networks in the era of big data and cloud
Architecting data center networks in the era of big data and cloudbradhedlund
 
Technical introduction to MidoNet
Technical introduction to MidoNetTechnical introduction to MidoNet
Technical introduction to MidoNetMidoNet
 
Ryu: network operating system
Ryu: network operating systemRyu: network operating system
Ryu: network operating systemIsaku Yamahata
 
Virtual Network Performance Challenge
Virtual Network Performance ChallengeVirtual Network Performance Challenge
Virtual Network Performance ChallengeStephen Hemminger
 
Quantum grizzly summit
Quantum grizzly summitQuantum grizzly summit
Quantum grizzly summitDan Wendlandt
 
Quantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptxQuantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptxOpenStack Foundation
 
Hungary Usergroup - Midonet overlay programming
Hungary Usergroup - Midonet overlay programmingHungary Usergroup - Midonet overlay programming
Hungary Usergroup - Midonet overlay programmingMarton Kiss
 
MFH3 Overview
MFH3 OverviewMFH3 Overview
MFH3 Overviewrorcutt
 
OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)Dan Wendlandt
 

Similar a Making case up (20)

Networking in the Cloud: An SDN Primer
Networking in the Cloud: An SDN PrimerNetworking in the Cloud: An SDN Primer
Networking in the Cloud: An SDN Primer
 
Cherian networking in_the_cloud_041613
Cherian networking in_the_cloud_041613Cherian networking in_the_cloud_041613
Cherian networking in_the_cloud_041613
 
Windows server 8 hyper v networking (aidan finn)
Windows server 8 hyper v networking (aidan finn)Windows server 8 hyper v networking (aidan finn)
Windows server 8 hyper v networking (aidan finn)
 
Advanced network services insertions framework
Advanced network services insertions frameworkAdvanced network services insertions framework
Advanced network services insertions framework
 
OpenStack Load Balancing Use Cases and Requirements
OpenStack Load Balancing Use Cases and RequirementsOpenStack Load Balancing Use Cases and Requirements
OpenStack Load Balancing Use Cases and Requirements
 
Link Virtualization based on Xen
Link Virtualization based on XenLink Virtualization based on Xen
Link Virtualization based on Xen
 
VoIP Connectivity Table
VoIP Connectivity TableVoIP Connectivity Table
VoIP Connectivity Table
 
Network virtualization with open stack quantum
Network virtualization with open stack quantumNetwork virtualization with open stack quantum
Network virtualization with open stack quantum
 
Brokerage 2007 presentation wireless
Brokerage 2007 presentation wirelessBrokerage 2007 presentation wireless
Brokerage 2007 presentation wireless
 
Networking is NOT Free: Lessons in Network Design
Networking is NOT Free: Lessons in Network DesignNetworking is NOT Free: Lessons in Network Design
Networking is NOT Free: Lessons in Network Design
 
Architecting data center networks in the era of big data and cloud
Architecting data center networks in the era of big data and cloudArchitecting data center networks in the era of big data and cloud
Architecting data center networks in the era of big data and cloud
 
Technical introduction to MidoNet
Technical introduction to MidoNetTechnical introduction to MidoNet
Technical introduction to MidoNet
 
Ryu: network operating system
Ryu: network operating systemRyu: network operating system
Ryu: network operating system
 
Virtual Network Performance Challenge
Virtual Network Performance ChallengeVirtual Network Performance Challenge
Virtual Network Performance Challenge
 
Quantum grizzly summit
Quantum grizzly summitQuantum grizzly summit
Quantum grizzly summit
 
Quantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptxQuantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptx
 
Hungary Usergroup - Midonet overlay programming
Hungary Usergroup - Midonet overlay programmingHungary Usergroup - Midonet overlay programming
Hungary Usergroup - Midonet overlay programming
 
MFH3 Overview
MFH3 OverviewMFH3 Overview
MFH3 Overview
 
Contrail Enabler for agile cloud services
Contrail Enabler for agile cloud servicesContrail Enabler for agile cloud services
Contrail Enabler for agile cloud services
 
OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)
 

Más de Khazret Sapenov

V mware evolutionary cloud 12 2012
V mware evolutionary cloud 12 2012V mware evolutionary cloud 12 2012
V mware evolutionary cloud 12 2012Khazret Sapenov
 
Virtual sharp cloud aware bc dr up 2012 cloud
Virtual sharp cloud aware bc dr up 2012 cloudVirtual sharp cloud aware bc dr up 2012 cloud
Virtual sharp cloud aware bc dr up 2012 cloudKhazret Sapenov
 
Up2012edit daniel chalef
Up2012edit daniel chalefUp2012edit daniel chalef
Up2012edit daniel chalefKhazret Sapenov
 
Up2012 scaling my sql in the cloud by moshe shadmon, founder, cto scaledb
Up2012 scaling my sql in the cloud by moshe shadmon, founder, cto scaledbUp2012 scaling my sql in the cloud by moshe shadmon, founder, cto scaledb
Up2012 scaling my sql in the cloud by moshe shadmon, founder, cto scaledbKhazret Sapenov
 
Up 2012 smart cloud presentation_final
Up 2012 smart cloud presentation_finalUp 2012 smart cloud presentation_final
Up 2012 smart cloud presentation_finalKhazret Sapenov
 
Up 2012 wally mac dermid - final
Up 2012 wally mac dermid - finalUp 2012 wally mac dermid - final
Up 2012 wally mac dermid - finalKhazret Sapenov
 
Up 2012 dave jilk - multi-tenancy in paa s (distribution version)
Up 2012 dave jilk - multi-tenancy in paa s (distribution version)Up 2012 dave jilk - multi-tenancy in paa s (distribution version)
Up 2012 dave jilk - multi-tenancy in paa s (distribution version)Khazret Sapenov
 
Transverse up cloud 2012 - final
Transverse up cloud 2012 - finalTransverse up cloud 2012 - final
Transverse up cloud 2012 - finalKhazret Sapenov
 
Transforming cloud infrastructure to support big data storage and workflows b...
Transforming cloud infrastructure to support big data storage and workflows b...Transforming cloud infrastructure to support big data storage and workflows b...
Transforming cloud infrastructure to support big data storage and workflows b...Khazret Sapenov
 
The elephantintheroom bigdataanalyticsinthecloud
The elephantintheroom bigdataanalyticsinthecloudThe elephantintheroom bigdataanalyticsinthecloud
The elephantintheroom bigdataanalyticsinthecloudKhazret Sapenov
 
Taking control of bring your own device byod with desktops as a service (daa ...
Taking control of bring your own device byod with desktops as a service (daa ...Taking control of bring your own device byod with desktops as a service (daa ...
Taking control of bring your own device byod with desktops as a service (daa ...Khazret Sapenov
 
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Khazret Sapenov
 
Regulatory compliant cloud computing rethinking web application architectures...
Regulatory compliant cloud computing rethinking web application architectures...Regulatory compliant cloud computing rethinking web application architectures...
Regulatory compliant cloud computing rethinking web application architectures...Khazret Sapenov
 
Memsql product overview_2013
Memsql product overview_2013Memsql product overview_2013
Memsql product overview_2013Khazret Sapenov
 
Managing application performance for cloud apps bmc
Managing application performance for cloud apps bmcManaging application performance for cloud apps bmc
Managing application performance for cloud apps bmcKhazret Sapenov
 
Glenn solomon up presso d 3.pptx
Glenn solomon up presso d 3.pptxGlenn solomon up presso d 3.pptx
Glenn solomon up presso d 3.pptxKhazret Sapenov
 
Future of cloud up presentation m_dawson
Future of cloud up presentation m_dawsonFuture of cloud up presentation m_dawson
Future of cloud up presentation m_dawsonKhazret Sapenov
 
Efrat ip up con 2012 presentation
Efrat ip up con 2012 presentationEfrat ip up con 2012 presentation
Efrat ip up con 2012 presentationKhazret Sapenov
 
Decentralized cloud an industrial reality with higher resilience by jean-pa...
Decentralized cloud an industrial reality with higher resilience by jean-pa...Decentralized cloud an industrial reality with higher resilience by jean-pa...
Decentralized cloud an industrial reality with higher resilience by jean-pa...Khazret Sapenov
 

Más de Khazret Sapenov (20)

V mware evolutionary cloud 12 2012
V mware evolutionary cloud 12 2012V mware evolutionary cloud 12 2012
V mware evolutionary cloud 12 2012
 
Virtual sharp cloud aware bc dr up 2012 cloud
Virtual sharp cloud aware bc dr up 2012 cloudVirtual sharp cloud aware bc dr up 2012 cloud
Virtual sharp cloud aware bc dr up 2012 cloud
 
Up2012edit daniel chalef
Up2012edit daniel chalefUp2012edit daniel chalef
Up2012edit daniel chalef
 
Up2012 scaling my sql in the cloud by moshe shadmon, founder, cto scaledb
Up2012 scaling my sql in the cloud by moshe shadmon, founder, cto scaledbUp2012 scaling my sql in the cloud by moshe shadmon, founder, cto scaledb
Up2012 scaling my sql in the cloud by moshe shadmon, founder, cto scaledb
 
Up 2012 smart cloud presentation_final
Up 2012 smart cloud presentation_finalUp 2012 smart cloud presentation_final
Up 2012 smart cloud presentation_final
 
Up 2012 wally mac dermid - final
Up 2012 wally mac dermid - finalUp 2012 wally mac dermid - final
Up 2012 wally mac dermid - final
 
Up 2012 dave jilk - multi-tenancy in paa s (distribution version)
Up 2012 dave jilk - multi-tenancy in paa s (distribution version)Up 2012 dave jilk - multi-tenancy in paa s (distribution version)
Up 2012 dave jilk - multi-tenancy in paa s (distribution version)
 
Transverse up cloud 2012 - final
Transverse up cloud 2012 - finalTransverse up cloud 2012 - final
Transverse up cloud 2012 - final
 
Transforming cloud infrastructure to support big data storage and workflows b...
Transforming cloud infrastructure to support big data storage and workflows b...Transforming cloud infrastructure to support big data storage and workflows b...
Transforming cloud infrastructure to support big data storage and workflows b...
 
The elephantintheroom bigdataanalyticsinthecloud
The elephantintheroom bigdataanalyticsinthecloudThe elephantintheroom bigdataanalyticsinthecloud
The elephantintheroom bigdataanalyticsinthecloud
 
Taking control of bring your own device byod with desktops as a service (daa ...
Taking control of bring your own device byod with desktops as a service (daa ...Taking control of bring your own device byod with desktops as a service (daa ...
Taking control of bring your own device byod with desktops as a service (daa ...
 
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
 
Regulatory compliant cloud computing rethinking web application architectures...
Regulatory compliant cloud computing rethinking web application architectures...Regulatory compliant cloud computing rethinking web application architectures...
Regulatory compliant cloud computing rethinking web application architectures...
 
Memsql product overview_2013
Memsql product overview_2013Memsql product overview_2013
Memsql product overview_2013
 
Managing application performance for cloud apps bmc
Managing application performance for cloud apps bmcManaging application performance for cloud apps bmc
Managing application performance for cloud apps bmc
 
Green qloud up-con
Green qloud up-conGreen qloud up-con
Green qloud up-con
 
Glenn solomon up presso d 3.pptx
Glenn solomon up presso d 3.pptxGlenn solomon up presso d 3.pptx
Glenn solomon up presso d 3.pptx
 
Future of cloud up presentation m_dawson
Future of cloud up presentation m_dawsonFuture of cloud up presentation m_dawson
Future of cloud up presentation m_dawson
 
Efrat ip up con 2012 presentation
Efrat ip up con 2012 presentationEfrat ip up con 2012 presentation
Efrat ip up con 2012 presentation
 
Decentralized cloud an industrial reality with higher resilience by jean-pa...
Decentralized cloud an industrial reality with higher resilience by jean-pa...Decentralized cloud an industrial reality with higher resilience by jean-pa...
Decentralized cloud an industrial reality with higher resilience by jean-pa...
 

Making case up

  • 1. Making a case for distributed overlay-based network virtualization Ben Cherian Chief Strategy Officer @bencherian Midokura
  • 4. 1 2 3 4 5 vs 1 New 1 Horizontal scaling
  • 5. Building blocks of an IaaS cloud
  • 10. Traditional networking devices scale up
  • 12. High churn, micro granularity
  • 13. Limitations of VLANs
  • 17. IaaS Cloud Networking Requirements • Multi-tenancy • ACLs • L2 isolation • Stateful (L4) Firewall  Security Groups • L3 routing isolation  VPC • VPN  Like VRF (virtual  IPSec routing and forwarding) • BGP gateway • Scalable control • REST API plane • Integration with CMS  ARP, DHCP, ICMP  OpenStack • NAT (Floating IP)  CloudStack
  • 18. IaaS Cloud Networking Requirements Typical Network Topology uplink - Creat e one provider rout er upon deployment - Link to uplink - Creat e a rout er f or a t enant - BGP multi-homing - M ap a bridge f or a quant um net work - Global NAT/route settings, e.g. for floating ip Provider Virtual Router (L3) - Tenant router for FW, LB, DHCP and NAT Tenant/Project A Tenant/Project B Tenant B Tenant A Virtual Router Virtual Router Network A1 Network A2 Network B1 TenantB office Virtual L2 Virtual L2 Virtual L2 Switch A1 Switch A2 Switch B1 Tenant B VPN Router VM1 VM3 VM5 VM2 VM4 VM6 Office Network
  • 19. Solution: Distributed overlay-based network virtualization
  • 20. Use encapsulation to build a virtual network
  • 21. Handle network intelligence / network state at the edge
  • 22. Require less of the physical network
  • 23. Edge to Edge IP Overlays • Isolation not using VLANs  IP encapsulation • Decouple from physical network • Provisioning VM doesn’t change underlay state • Underlay delivers to destination host IP • Use scalable IGP (iBGP, OSPF) to build multi-path underlay • Inspired by VL2 from MSR
  • 24. Market trends supporting overlay model • Packet processing on x86 CPUs (at edge) – Intel DPDK facilitates packet processing – Number of cores in servers increasing fast • Clos Networks (for underlay) – Spine and Leaf architecture with IP – Economical and high E-W bandwidth • Merchant silicon (cheap IP switches) – Broadcom, Intel (Fulcrum Micro), Marvell – ODMs (Quanta, Accton) starting to sell directly – Switches are becoming just like Linux servers • Optical intra-DC Networks
  • 25. The MidoNet Solution • Virtual L2 Distributed Switching • Virtual L2 Isolation • Virtual L3 Distributed Routing • Virtual L3 Isolation • L4 Services (Load Balancing, Firewall) • NAT • Access Control Lists (ACLs) • Virtual port and device monitoring • Restful API • Web based management control panel
  • 26. The MidoNet Solution Logical Topology vPort Virtual Tenant A Switch A1 Virtual vPort Router vPort Provider Virtual Virtual Switch A2 vPort Router Tenant B vPort Virtual Virtual Router Switch B1 vPort VM MN MN VM BGP BGP Multi To ISP1 Homing Internet Private IP VM MN Network MN VM BGP To ISP2 Tunnel BGP To ISP3 VM MN MN VM MN MN MN Network State Database Physical Topology
  • 27. The MidoNet Solution • Distributed and scalable control plane  Handle all control packets at local MidoNet agent adjacent to VM • Scalable and fault tolerant central database  Stores virtual network configuration  Dynamic network state  MAC learning, ARP cache, etc  Cached at edges on demand • All packet modifications at ingress Packet Tunnel Ingress  One virtual hop MN  No travel through middle boxes Encapsulated  Drop at ingress Drop/Block
  • 29. The MidoNet Solution • Scalable edge gateway interface to external networks – Multihomed BGP to ISP • REST API and GUI • Integration with popular open source cloud stacks – OpenStack • Removes SPOF of network node • Scalable and fault tolerant NAT for floating IP • Implements security groups efficiently – CloudStack (in progress)
  • 30. CloudStack integration • Currently have L2 integration • Full integration is slated for Q1, 2013 – L3 isolation (without VM / appliance) – Security groups (stateful firewall) – Floating IP (NAT) – Load balancing (L4)
  • 33. Candidate Models • Traditional network • Centrally controlled OpenFlow based hop- by-hop switching fabric • Edge to edge overlays
  • 34. Traditional Netowrk • Ethernet VLANs for L2 isolation  4096 limit  VLANs will have large spanning trees terminating on many hosts  High churn in switch control planes doing MAC learning non-stop  Need MLAG for L2 multi-path  Vendor specific • MPLS VPN? • VRFs for L3 isolation  Not scalable to cloud scale  Expensive hardware  Not fault tolerant
  • 35. OpenFlow Fabric • State in switches  Proportional to virtual network state  Need to update all switches in path when provisioning  Not scalable, not fast enough to update, no atomicity of updates • Not good for IaaS cloud virtual networking
  • 36. Spine and Leaf Network Architecture
  • 37. Deep OpenStack Integration • Quantum Plugin – L2 isolation, of course • Also… – L3 isolation (without VM / appliance) – Security groups (stateful firewall) – Floating IP (NAT) – Load balancing (L4) 37

Notas del editor

  1. Cloud ManagementComputeStorageNetworking
  2. The CMS (cloud management system) integration is critically importantWe have built a deep integration with OpenStackL2 isolation is a given!L2 isolation is not enoughL3 isolation (inter-network routing), scalable NAT, scalable security groups are also needed for a complete solution