Embed Size (px)
Citation preview
Nortel Confidential Information 1
Network Virtualization: Key to Mission Critical and Agile Business
Nortel Confidential Information 2
Nortel Confidential Information 3
Virtualization: The ideal world
My own Computer +
storage
Mine Mine Mine Mine Mine Mine Mine Mine Mine
DC 1 DC 2 DC 3
Shared, distributed Infrastructure
Nortel Confidential Information 4
Man
agem
ent
Data Center: CIO Priorities
Environment - Power, Cooling, Cabling etc.
Infrastructure
Servers WAN
Storage Infrastructure Storage
Applications
Business Processes
Post Earnings Start Inform
CFO Works Y
End
Nortel Confidential Information 5
Man
agem
ent
Virtualization & Orchestration Fluid Data Centers
Environment - Power, Cooling, Cabling etc.
Infrastructure
Servers Storage Infrastructure Storage
WAN
Virtual Servers & Storage
Applications
Orchestration
Server Orchestration
Storage Orchestration
Application Orchestration
Business Processes
Post Earnings Start Inform
CFO Works Y
End
Nortel Confidential Information 6
We live in a world of limited resources Peak provisioning does not cut-it anymore
• Business Continuity & Disaster Recovery
• Software as a Service (SaaS) • Multiple tenants sharing an application
• Grid/Cloud computing • Sharing of resources by transient
customers
• Federated Enterprise architectures • Customers, partners, suppliers • Joint development and design
• “Green” • Optimize power, cooling costs
Source: http://blogs.msdn.com/fred_chong/Default.aspx?p=2
Nortel Confidential Information 7
VMotion (an illustrative fluid example)
• VMs still need to communicate after motion is complete • Users, storage, other application services
• Network Requirements • A minimum of a GE bandwidth available between the hosts • No reconfiguration of VM
• When a VM moves it cannot change any attributes, like its IP addresses
Nortel Confidential Information 8
Sounds simple – Challenges? • Explosion of IP address configuration and management
• VM to Server is predicted to be a 10:1 ration • VMotion requires that the destination be on the same IP subnet
• Most common solution is to physically locate the hosts in the same racks attached to the same switch
• Flat L2 domains size-limited • Spanning tree limits the size and effective utilization of the links • VLANs require extensive manual configuration and maintenance
• Limited number of VLANs
• Traffic separation limits “quick” migration • Congestion issues aggravated with internal VM moves
• Guaranteed vs. Prioritized traffic • Moving VMs between geographically distributed data centers…
• Very tough to make a reality
Traditional network configuration & planning impedes fluidity
Nortel Confidential Information 9
Network Virtualization: A critical piece of the fluid puzzle
Connectivity
Services
Control • Seamless connectivity • Dynamic resource orchestration capability • Geographic scalability
• Multi-tenant architecture • Scaleable, multi-instance • Multi-instance, same hardware
• Simple abstractions • Application driven
Nortel Confidential Information 10
Network Virtualization Taxonomy: Connectivity
Network Virtualization
LAN WAN (VPN)
PE VPNs CE VPN Ethernet-based
MPLS-based
L2 VPNs
Routing Security & L4-7
Secure VPNs
Ethernet-based
SSL VPNs
Nortel Confidential Information 11
Connectivity Virtualization: What is right option for the Data Center?
• Summarizing the requirements • Low-touch: least amount of configuration, autonomic • Fast: least amount of down time for reconfiguration, if at all • Scaleable: large number of devices, geographically
distributed
• Examining the different possibilities • Physical: wiring nightmare • Ethernet: attractive but spanning tree issues • TCP/IP: Universal but manual intervention
and tunnel management is complex • Web Services: Attractive for application level-interactions
but does not solve the infrastructure connectivity issues
Nortel Confidential Information 12
Network technologies in the DC (animated)
File system Storage
Server PC / Workstation
Ethernet CIFS, NFS, HTTP
FC Ethernet
FCIP, iSCSI, FCoE Ethernet IP
Ethernet IP (GLB, FW…)
SONET, DWDM Ethernet
IP Core
Service Layer
Aggregation
Edge Ethernet
The industry recognizes the need for a converged Ethernet network for the data center
Network-attached storage (NAS)
Storage area network (SAN)
Nortel Confidential Information 13
Are all the limitations of today solved?
ISID=100 Server A
Server C
Server B
ISID=100
Interface 2/7/24
Interface 1/10
Interface 7/11/200
DA SA
S-VID
C-VID
DA SA
802.1ad Traditional
Ethernet frame
802.1ah MAC-in-MAC
I-SID
Ethertype
Ethertype
Ethertype
S-VID
C-VID
Ethertype
Ethertype
Ethertype
B-DA B-SA
B-VID Ethertype
Ethertype
Payload Payload
Client address space
Core Address Space
VM 1
VM 1
VM 2
Nortel Confidential Information 14
Virtualizing connectivity across data centers (animated chart)
MPLS
DC1
Primary DC
DC3 DC4
Switched router
PBB/PLSB switches
Core router
Backup DC Warm / hot / cold
Mirror DCs MPLS
Sub-optimal use and very costly duplication of resources mainly for risk mitigation purposes.
The situation is due to the presence of an IP core with its relatively slow convergence times and resiliency schemes.
Turn the entire data center infrastructure in a distributed, all active, always on environment.
Distribute your resources instead of duplicating them and reduce your CapEx (less devices) and OpEx (simplified deployment model) while achieving your business continuity and risk mitigation targets.
One virtual DC over PBB / PLSB
Fewer resources Less power
Simple management
Duplication of resources
Nortel Confidential Information 15
A look at the “renewed” Ethernet
• Ethernet has fundamental advantages over other L1/2/3 technologies • Self-addressed and globally unique • The basic Ethernet behavior of any-to-any connectivity can be
constrained to derive other modes like pt-to-pt or multicast. • It is ruthlessly specified, commoditized and ubiquitous
• Carrier-scale requirements has resulted in “renewed” Ethernet with all requirements of “Virtualization” • Encapsulation: Mac-in-Mac • Abstraction: Multiple services on a single virtualized network • Substantial interface: Client and Provider separation
• In addition, carrier-grade resilience, carrier-grade operations have been added
The Virtualized Ethernet meets all requirements of NGDC, with industry’s best scalability & cost points
Nortel Confidential Information 16
Enabling a unified Ethernet infrastructure today
Storage Gateway
FC, FCoE, iSCSI
HPC
Ethernet
Ethernet Gateway
IP / Ethernet
HPC Gateway
Optical Gateway
MPLS IP VPN
Optical 10/40/100G
Next Generation Data Center
Ethernet
Ethernet edge services
Carrier-Grade Ethernet Over 16M service topologies Resilient 50ms + One touch provisioning Service and path OAM TE for lossless applications
Nortel Confidential Information 17
Network Virtualization Taxonomy: Services
Network Virtualization
LAN WAN (VPN)
PE VPNs CE VPN Ethernet-based
MPLS-based
L2 VPNs
Routing Security & L4-7
Secure VPNs
Ethernet-based
SSL VPNs
Nortel Confidential Information 18
Data Center Network Virtualization
App Group 1
App Group 2
App Group 3
Ext. App Group 1
Ext. Web Group 2
External Tier
Internal Tier
Storage Tier Stor
Group 1
Stor Group 1
Stor Group 1
vrf
vfw
vslb
vslb
vlan
vlan
Nortel Confidential Information 19
− +
Security & L4-7 Virtualization
• Single physical device partitioned into multiple logical devices
• Separation of Firewall policies • Separation of Load-balancer policies • Separation of SSLVPN policies
• Better utilization • Manageability of multiple
logical devices
• Single point of failure • SLAs across multiple users • Scalability
Customer 1
Customer 2
Nortel Confidential Information 20
Today’s Solution
Application 1 Client 1
Management Station C
Application 2 Client 2
Application 2 Client 3
Management Station B
Management Station A
Nortel Confidential Information 21
VMotion (an illustrative fluid example)
• VMs need to “come online” after motion is complete • Users, storage, other application services
• Network Requirements • What about the Firewalls, Loadbalancers, etc? • What about the reconfiguration of the network around the new
servers/applications?
Nortel Confidential Information 22
Fluid Data Center with Virtual Network Appliances
• High Performance Multi-core CPU based multi-service networking platform with Real-time Virtualization layer on Linux
• Flexible deployment of “Virtual Network Appliances” w/ SLA guarantees
Networking Services Computing Storage
Sys. Eng. Kfjsdksdfsd Dfs Sdfsd hjj Sd Fsdf Sffsdsdf sdfs dfsdfsdf
10 15
10
Management Software
25
Nortel Confidential Information 23
Virtualization at the Control Layer Abstracting the Network • New business & collaboration models require dynamic partnerships
• Dynamic allocation of resources driven by a workflow • Leverage resources outside the sphere of ownership
• Adequate communication resources are essential for such collaboration • Adapt the network to meet application needs rather than vice-versa • Just-in-time provisioning and control of the network
• Abstract the network & provide control “knobs & dials” to applications • “Service Oriented Infrastructure”
• Data Center workflows mashup interfaces exposed by the infrastructure for automated operations.
Business Services and Automation
Post Earnings Start Inform
CFO Works Y
End
Nortel Confidential Information 24
Data Center Mashup Example (SC06)
DataCenter @Tampa
SC|2006
Sensor Services Platform
Korea
KREOnet
Netherlight
Dynamically Provisioned Gb Ethernet path
Internal/External Sensor Webs
Amsterdam
Computation at the Right Place & Time! We migrate live Virtual Machines, unbeknownst to
applications and clients, for data affinity, BC/DR, load balancing, or power management
Nortel Confidential Information 25
Services Interfaces for Networks
• Variety of efforts in the Telecom industry • OASIS, OGF among others
• Moving from research into standards (OGF) • Network-Services Interface • Firewall SOA Interface
• Expect rapid growth in this area as critical mass accumulates
J2EE Environment
Enterprise Java Beans
IBM WebSphere, JBOSS, etc.
Composite Services
Component Services
Networking Services
Network Adaptors
Framew
ork Services
Service Bus
Communications enabled applications and processes
Web Services
Nortel Confidential Information 26
Key Takeaways
• Next-Gen Data Centers will need to be “Fluid” to support SaaS, Grid/Cloud Computing & emerging business models
• Traditional networking has a hard time supporting Fluid DC requirements
• Virtualization of Connectivity, Services and Control are key to Fluid DC • Carrier-grade Ethernet is the simplest, cost effective and
flexible fabric to accomplish inter/intra DC connectivity virtualization
• Network Services virtualization eases autonomic network policy & SLA enforcement in an multi-client environment
• Virtualization of network control provides applications the tools to consistently meet the business/user SLAs
