Capping IT Off

Capping IT Off

Opinions expressed on this blog reflect the writer’s views and not the position of the Capgemini Group

The Rise of the Network Machines - SDN and NFV explained

Category : Architecture
The rise of Software based networking is unstoppable. Compared with server virtualisation, which is growing at about 15% annually, network virtualisation is growing at an annual rate of 32%.

Figure 1 : Crehan Research Inc.

Simply put network virtualisation is “pushing” all logic that is been developed over years from dedicated hardware to a pure software layer. The same concept was moving into the server landscape 15 years ago when we started to use server virtualisation software to abstract from hardware to software.

In detail network virtualisation will move all layer 3 to layer 7 (ISO Layers) to a pure software based capability running mostly on the, or as part of the server virtualisation platform:


Figure 2 : From Hardware to Software based

Let’s use an example. Say you were running medium to large LAN (Local Area Network) with several thousands of endpoints and to route all traffic internally and externally you were running a Cisco 6513 router (part of the Catalyst 6500 family introduced by Cisco in 1999) - and yes, there are other products and vendors available .

The Router would include a chassis with power supply units as well as line cars, service modules as well as supervisor boards.


Cisco 6513
Figure 3 : CISCO 6513 Router

The router would include key network related functionalities like (as example) switching capabilities for RJ45 and FC, firewall capabilities, wireless capabilities, packet analysis modules, load balancing as well as supervisor modules.

Each card that is inserted into the chassis includes hardware as well as software components. As an example the Supervisor Engine 2T (there are two installed in the middle of the 6513 above) Supervisor Engine 2T is capable of delivering high-performance forwarding for Layer 2 and Layer 3 services such as traditional IP forwarding, Layer 2 and Layer 3 Multiprotocol Label Switching (MPLS) VPNs, and VPLS.

Network virtualisation means that all Layer 1 and Layer 2 services remain on physical and Layer 3 and above will move into software based. 


Figure 4 : Cisco Catalyst 6500 Series Supervisor Engine 2T

Or let’s have a look at the firewall module installed in the 3rd slot above. Firewalls like the below ASA module are mainly operating at the Network Layer (3) and Transport Layer (4) with some features on Session Layer (5), Presentation Layer (6) and Application Layer (7). Again, also here it means that the logic that covers non-physical aspects on Layer 1 and 2 will remain on physical and potentially Layer 3 – 7 can move to a pure software based approach.


Figure 5 : The Cisco Catalyst 6500 Series ASA Services Module

For many clients network virtualisation will not be implemented in one big bang but gradually. Many will start with certain network features [1]


Figure 6 : Trend toward virtualized network services

The aim is to “disconnecting the service from the cable” will open the way to create dynamic networks around the globe across all datacenters of / clients / customers / partners /etc. with a high degree of automation.

Currently there are two main developments to introduce virtualisation in the network environment and move away from the traditional 3-Layer Model with its limitations and complexity in traffic routing.
  1. The Ethernet Fabric Model
  2. The Software Defined Networking model
In the Ethernet Fabric Model networks are abstracted as logical groups of switches. Scaling bandwidth is easy in this model, and it simplifies management, monitoring, and operations.

 
Figure 7 : The Ethernet Fabric compared to traditional model

In the Software Defined Network (SDN) Model networks are abstracted even more granular as a logical set of network ports. Hereby SDN tackles one of the fundamental challenges with today’s networking, namely the use of IP addresses (at OSI Layer 3) for two unrelated purposes: as an identity but also as a location.

Tying these together restricts a (virtual) machine from being moved around as easily as we would like. Like server virtualisation abstracts the server hardware for the software that runs on it, virtualisation of the network abstracts the cables and ports from the demands of the applications.

By abstracting OSI Layer 2 (‘the MAC addresses’) for the Virtual Machines and allowing transparent overlay communication (L2 over L3 tunnels) between VM’s on top of physical networks, the mobility and portability of VM’s are extended across network boundaries. This enables the on-demand, programmatic creation of tens of thousands of isolated virtual networks with the simplicity and operational ease of creating and managing virtual machines. Furthermore, logical networks can easily be separated from one another, simplifying the implementation of true multi-tenancy which will be a requirement for outsourcers.

 
Figure 8: The SDN Model introduces maximum flexibility

The adoption of SDN relies on two ongoing developments: the OpenFlow protocol and the vSwitch.

OpenFlow is the Layer 2 communications protocol that enables the transparent overlay communication, or in other words allows the path of network packets through the network of switches to be determined by software running on multiple routers. The vSwitch (virtual switch) is capable of abstracting the Ethernet ports and can be deployed in a scale out fashion on each supervisor. Because of the scale out nature of deployment these pools of switches are elastic, data centre wide and can be allocated on demand to tenants.

Today there are many vendors issuing / supporting OpenFlow based solutions and the choices are almost endless. In regards to the Data Center space Gartner issued the following Magic Quadrant in May 2015:


Figure 9 : Magic Quadrant for Data Center Networking, Gartner May 2015

When talking about network virtualisation the term “network functions virtualisation” (NFV) is usually not far. Using Wiki “NFV is network architecture concept that proposes using IT virtualization related technologies to virtualize entire classes of network node functions into building blocks that may be connected, or chained, to create communication services”. NFV is typically applied to focus on services like: OSS/BSS, Deep Packet Inspections, Session Border Controllers, Security appliances (firewalls, IDS/IPS, SSL VPNs), Load Balancers and WAN accelerators.



In a NFVGroup Point of View paper [2] the following picture was used to define NFV:


Figure 10 : Vision for Network Functions Virtualisation [2]

There is a lot of current and new development in the network virtualisation field and clients wanting to make use of new developments should consider clearly what is in place today, what capabilities could provide benefits today as well as tomorrow. This will require a good understanding of both software defined networking and network functions virtualisation capabilities.

Thanks for reading.

About the Author: Gunnar Menzel has been an IT professional for over 25 years and is the VP and Chief Architect Officer for Capgemini’s Infrastructure Business. His main focus is business- enabling technology innovation.

References
[1] Research Report, The Evolving State of the Network, December 2013
[2] NFV Whitepaper : https://portal.etsi.org/nfv/nfv_white_paper2.pdf
[3] http://en.wikipedia.org/wiki/Network_functions_virtualization
[4] Gartner Hype Cycle for Emerging Technologies, 2014, G00264126
[5] Gartner Magic Quadrant for Data Centre Networking, G0026124

About the author

Gunnar Menzel, VP Enterprise Architect
Gunnar Menzel, VP Enterprise Architect

Leave a comment

Your email address will not be published. Required fields are marked *.