Digicomp Microsoft Evolution Day 2015 1
Windows Server 2016 Software-Defined Networking
Oliver Ryf
Partner:
2Digicomp Microsoft Evolution Day 2015
Agenda
Begrüssung
Vorstellung Referent
PowerShell Desired State Configuration
F&A
Weiterführende Kurse
3Digicomp Microsoft Evolution Day 2015
Vorstellung Referent
Seit 1991 IT-Trainer
1995 MCSE und MCT
Seit 2000 diverse Projekte im Bereich Windows/Office Migrationen, Active Directory, Infratruktur, Hyper-V und Azure Cloud
Seit 2006 Trainer bei Digicomp
Seit 2014 Principal Consultant und Cloud Archiect bei UP-Great AG Fehraltorf
Windows Server
System Center
Azure Pack
Tenant Deployment Multi-Tier LOB Application
Tenant Deployment Multi-Tier LOB Application
• Inbox feature for integrated management of IP addresses, domain names, and device identities
• Tightly integrates with Microsoft DNS and DHCP servers
• Provides custom IP address space display, reporting, and management
• Audits server configuration changes and tracks IP address use
• Migrates IP address data from spreadsheets or other tools
• Monitors and manages specific scenario-based DHCP and DNS services
Domaineurope.corp.woodbridge.com
IPAM Server (UK)
DHCP, DNS, DC, and NPS servers
IPAM Server (Bangalore)
DHCP, DNS, DC, and NPS servers
Domainfareast.corp.woodbridge.com
IPAM Server (Hyderabad)
DHCP, DNS, DC, and NPS servers
IPAM server (Redmond)
DHCP, DNS, DC, and NPS servers
WS
2016
IPA
M
Unified
IP
addres
s
Mgmt.
Delega
ted
Admin
Networ
k
service
s
Mgmt.
Scale,
robustn
ess &
automat
ion
Networ
k audit
&
visibilit
y
• Tracking activity of
IP address/user/mc
• IP utilization &
trend
• Audit config
• Disaster Recovery
• Multiple instance
deployment
• SQL Server
database
• Extensive PS
support
• Cross AD Support
• IP addressing management of
physical and virtual networks (SCVMM
integration)
• Integrated IP addressing, DNS and
DHCP management
• Granular RBAC to manage IP
address space, DHCP & DNS
• Delegated administration
within and across datacenters
• Automatic server discovery
• Single console DHCP and DNS
management across datacenters
• Management of granular DNS
properties
• Network functions that are being performed by hardware appliances are increasingly being virtualized as virtual appliances
• Virtual appliances are quickly emerging and creating a brand new market
• Dynamic and easy to change because they are a pre-built, customized virtual machine.
• It can be one or more virtual machines packaged, updated, and maintained as a unit.
• Microsoft included a standalone gateway as a virtual appliance starting with Windows Server 2012 R2
Firewall & Antivirus
DDoS & IPS/IDS
App/WAN Optimizers
S2S Gateway
L2/L3 Gateways
Routers & Switches
NAT & HTTP Proxy
Load Balancers
Microsoft provides key virtualized network functions with Windows Server
1
Deploy virtual appliances from vendors of your choice
2Deploy, configure & manage virtual appliances with the Network Controller
3
Hyper-V can host the top guest OS’s that you need
4
• Included within Windows Server
• It is a network layer, 5-tuple (protocol, source and destination port numbers, source and destination IP addresses), stateful, multitenant firewall
• Tenant administrators can install and configure firewall policies to help protect their virtual networks
• Managed via Network Controller and northbound APIs
• Highly scalable, manageable, and diagnosable software-based firewall
• Freedom to move tenant virtual machines to different compute hosts without breaking tenant firewall policies
DCB Bandwidth management by traffic class
Not compatible with vSwitch
RDMA SMB Direct – fast storage and live
migrations
Not compatible with vSwitch or LBFO
VMQ VM traffic acceleration
RSS Native traffic acceleration
Operates in VM with SR-IOV VF
Software vRSS Spreads loads across VM CPUs
Address checksum offloads
LSO – Offloads large sends
RSC Coalescing in native stack
TCP Chimney Offload
SR-IOV For high performance networking in VMs
NVGRE task offload
• Teaming integrated into the Hyper-V switch
• Targeted at supporting SDN-switch capabilities:• Packet Direct
• Converged vNIC
• SDN-QoS
• Supported only when using SDN-Extension
• Limitations in this release:• Switch-independent only
• Dynamic and Hyper-V port mode load distributions only
• Managed by VMM or PowerShell, not NIC Teaming GUI
• Only teams identical ports (same manufacturer, same driver, same capabilities) (e.g., dual port NIC)
• Switch must be created in SET-mode. (SET can’t be added to existing switch.)
• New-VMSwitch -name SETswitch -NetAdapterName“NIC1",“NIC2“ -EnableEmbeddedTeaming $true
• DCB policies• Can be set on per-NIC basis
• Can be set on NICs bound to Hyper-V switch
• PowerShell to enable on SET NICs
Install-WindowsFeature Data-Center-BridgingNew-NetQosPolicy "SMB" –NetDirectPortMatchCondition 445 -PriorityValue8021Action 3New-NetQosPolicy "DEFAULT" -Default -PriorityValue8021Action 0Enable-NetQosFlowControl -priority 3Disable-NetQosFlowControl -priority 0,1,2,3,5,6,7Enable-NetAdapterQos -InterfaceAlias “NIC1“,”NIC2”New-NetQosTrafficClass "SMB" -priority 3 -bandwidth 40 -algorithm ETS
Management OS
DCB policies configured for Mgmt, Storage, Migration & Clustering traffic.
Utilizes SMB Multichannel & SMB Direct
NIC Team
Hyper-V vSwitch
VM(s) Management OS
Hyper-V vSwitch with SET
VM(s)
• Allows host vNICs to expose RDMA capabilities to kernel processes (e.g., SMB-Direct)
• With SET, allows multiple RDMA NICs to expose RDMA to multiple vNICs (SMB Multichannel over SMB-Direct)
• With SET, allows RDMA fail-over for SMB-Direct when two RDMA-capable vNICs are exposed
• Operates at full speed with same performance as native RDMA
Add-VMNetworkAdapter -SwitchName SETswitch -Name SMB_1Add-VMNetworkAdapter -SwitchName SETswitch -Name SMB_2Enable-NetAdapterRDMA "vEthernet (SMB_1)","vEthernet (SMB_2)"Get-NetAdapterRdma
• Today’s NDIS for Windows
• Is NDIS in its current form enough for 100G?
• What can we do better?
• Similar to DPDK Technology for Intel NICs
Internet
• Lightning fast lock-free IO model
• Coexists with traditional NDIS data path
• Gives apps direct access to CPU, memory, and NIC capabilities
• App now decides when it wants to send/receive using polling
• App owns buffer management
• App driven I/O for NFV
• Will work with most 10G NICs
Ho
st
PacketDirect Client
(vmSwitch, SLB)
CPU CPU
NetAdapter - PacketDirect Provider
Q1 Q2
CPU CPU
PD Buffers managed by PD
client
PacketDirect Platform
CPUs managed by PD client
Queues managed by PD client
Tenant Deployment Multi-Tier LOB Application
A centralized, programmable point of
automation to manage, configure, monitor,
and troubleshoot virtual and physical network
infrastructure in your datacenter
Can be deployed as single VM
(lab) or as a cluster of 3 physical
servers (no Hyper-V) or 3 VMs
on separate hosts.
• Highly available and scalable server role
• Southbound API
• Northbound API (Rest interface)
• Can manage:
IP subnetsVLANS,L2 and L3 switchesHost NICs
48Digicomp Microsoft Evolution Day 2015
F&A
49Digicomp Microsoft Evolution Day 2015
Weiterführende Kurse
Server Virtualization with Windows Server Hyper-V and System Center («L56»)
Firmenspezifische Workshops