Industry Trends - dns-as.org

SDN

Industry Trends in Networking

The long journey to factorize Network Management problems by decoupling policy from configuration has let to a variety of outgrowths of controllers to mange networks.

During this journey we faced different approaches on Network Programmability Models. We started with vendor specific API or simple CLI/SNMP, Classic OpenFlow based SDN, Hybrid SDN based on “ships in the night” or “integrated mode”, Network Virtualization with Virtual Overlays to finally arrive at “policy intent” or also described as “Managing Networks through abstractions”.

The Promise of OF/SDN had been
“Decoupling Policy from Configuration”

So what actually is SDN:

Is the physical separation of control and data plane?
Is packet forwarding on general x86 compute?
Is whitebox routing and switching?
Is running our network in a agile DEV-OPS model?
Is managing the network through abstractions!

You can’t just buy SDN.
It’s an architecture which you have to embrace and life

From Cloud over SDN towards Abstractions to a final fully distributed system

2008 - Cloud

In 2008 we started with cloud based offerings. Now in 2016 customers finally move applications or at least parts of mashed application into the cloud.

Core Cloud Infrastructure Services (IAS):

Compute
Storage & Content Delivery
Database
Networking

Platform Services (PAS):

Analytics
Enterprise Applications
Mobile Services
Internet of Things

Developer Productivity Services (SAS):

Developer Tools
Management Tools
Security & Identity
Application Services

In the beginning the primary reason for utilizing cloud resource had been to smooth out peak datacenter workloads also called “bursting into the cloud”.

Later the main motivating factor for companies to move to the cloud is the ability to pay for it as an operating expense, rather than capital expense. Today, base rent and utilities payments for colocation space can be treated as Opex and hardware can be leased and therefore paid as Opex.

Once a company spends more then $200,000 per year for cloud servcies, they should look at the other options. Beside trustworthiness the biggest driver to move back from public to private clouds is simply cost as there are economies of scale once you get bigger. For a lot of bigger enterprises it is simply economically not feasible to stay in the cloud. Shifting resources back into the company may sound strange as most technology companies outsource product and software development to partners and other companies in a bid to save costs and to strategically conserve cash and resources. Problem with scale back outsourcing is also that meanwhile the former staff has moved on so all the knowledge is lost.

2011 - Open Flow Networking

Primarily driven by the “Stanford Clean Slate Program” and the urgent MSDC’s needs to run networks in a DevOps like model OpenFlow had been born.

Separation of control plane and data plane on packet switched networks
Allows for optimized placement of these components
Low-level interaction set of changing the state of the network data plane via an switch API (similar to Broadcom, Fulcrum, Cisco ASIC API’s)
A Communications protocol which allows the SDN controller to manipulate flow tables with simple primitives of match/action operations
Pro-active mode pretty much like CEF, Re-active mode similar to flow based switching
Asynchronous reporting of statistics
OpenFlow allows up to 12-tuple wildcard and/or exact match

snd-openflow

Clean Slate Program led to many small projects like:

Mobile Internet: POMI 2020
Mobile Social Networking: MobiSocial

2012 - SDN - Software Defined Networking

There’s nothing like the SDN controller but at least:

Mandates a separation of control and data plane and an interface to it
Higher level abstraction to store state information
Classical networking relies on distributed state but local decision making
SDN Networks is all about distributed state but central decision making
Enabler to deal with the networks in a different way as we do today

One major result of the SDN idea has been the formation of the Open Networking Foundation

2013 - Open Daylight Project

OpenDaylight is leading the transformation to Open SDN. By uniting the industry around a common SDN platform, the ODL community is helping to make interoperable, programmable networks a reality. This is why so many regard OpenDaylight as the industry’s de facto standard.

Original goal had been to agree on common Northbound and Southbound API’s to provide application developers as also network device vendors with an agreed interface.

PLATINUM Members:

Brocade, Cisco, Citrix, Dell, Ericsson, HP, Intel, RedHat

Gold Members:

NEC

SILVER Members:

A10 Networks, ADVA, Alcatel-Lucent, Arista, AT&T, AVAYA, CA, Ciena, ClearPath, Comcast, Compass, Coriant, Cyan, Extreme Networks, Flextronics, Fujitsu, Globe Business, HBC, Huawei IBM, IIX, Infinera, InoCybe, Intercom, Juniper, Kemp, Lenovo, Megaport, Microsoft, Midokura, Nokia, Oracle, Pantheon, Plumgrid, Qosmos, Radware, Spinnet, Versa Networks, VMWare, Zenlayer, ZTE

2013 - Network Function Virtualization

Does NfV really solve the services configuration problem?

Isn’t NfV is just “Virtual Container Plumping”

We still manage and update Service the old way!
Does it make dedicated services going away?
Does it help with Services HA and DRS?
We just don’t plug cables between physical appliances anymore 😉

Finally we end up running a VM per service

A VM includes a OS you need to patch and maintain
OS dependencies
CPU and Memory Overhead
MAC and IP address explosion
Not efficient et all and a really big pill to swallow for just a service
Live Cycle Management?

Economic meaningful?

Still need a ASCI for forwarding!
Latency? Power Consumption? Efficiency?
How do I copy a NfV VM over the WAN to multiple sites in time?

2013 – DevOps, The API driven Datacenter

Based on how MSDC are build the main assumption here is that a datacenter just provides an unlimited amount of compute resources and behaves like a infinite horizontal scalebale “Mainframe”. The interaction with this MSDC just happens over programatic interfaces. There is no difference in behavior no matter if you run or develop an application on your locale computer on inside the datacenter cloud. The only difference is scale and execution speed.

2014 - Managing Networks through abstractions

It’s 2015 and network admins still enjoy being “masters of complexity”.

After decades network admins doing a fantastic job using scripting as a way to equalize snowflake the industry finally agrees on a need to mange networks through abstraction in a way software developers declare variables or use functions inside their code to abstract.

policy-translation

While the network admin still makes network behavior decisions he utilizes controllers to mask snowflake complexity. These controllers expose a northbound abstraction via typical a RESTFUL interface and provide the translation of high level constructs to network control functions. This reduces skills gaps and clarifies policy procedures.

policy-abstraction-api

An example for abstractions would be:

Intent Policies:

give me an isolated PCI compliant path from A to B

Network Control Functions:

do I have overlapping IP address space?
do I have segmentation technologies like MPLS-VPN, IPSEC-VPN, GRE, VXLAN or VLAN availabe?
are they PCI compliant?
do I have a multi vendor environment?
how do I configure these features
how do I test these
how can I monitor these
how can I do live-cycle-management

2016 - Metadata Driven Networking

Requirements for Network have changed towards:

Insights & Actions
Speed & Simplicity
Security & Compliance

While Metadata Driven Networking doesn’t address all of them out of the box it’s a key enabler for these tenets.

Instead of device by device configuration and guessing, we holistically program the network via metadata no matter if the traffic is encrypted or running at 100 GBit/s speed. We are always keeping the principles of decoupling policy from configuration.

All of a sudden your network behaves like a self driving car.

2018 - Atomic Services

Operate your network as a fully distributed system

Unified Services Platform (USP)
A distributed systems service management architecture

A robust, efficient, simple and single stop solution for deployment,
management and serviceability of network services
Integrate all required network services which addresses “inadequacies of the TCP/IP protocol” seamlessly within this framework
All services are equal, no “Snowflake” deployments, develop and test once, run everywhere
A simple solution that can scale up and scale out at the same time while optionally leverage hardware acceleration for specific network services (encryption, transcoding, encapsulation etc.)
A efficient solution that is flexible to adopt new services required in future without truck-roll upgrades
A solution that integrates with the existing global tool landscape
Decouple services from underlying hardware and location (HAL)

Today’s DC Architectural Battle

System administration is over – we should stop doing it

Web Approach (MSDC)

IT infrastructure core of its business
Warehouse Datacenter
Scale-Out Architecture
~100.000 of physical servers
Single Application Optimization
Many smaller services
Application Designed for Failure
Automate everything possible
It’s all about being super-cheap commodity systems; costs must grow in a “sub-linear” fashion
Open Source
Backbone Bandwidth Calendaring
TDM style provisioning with custom TCP stack
L3 Topology

Enterprise Approach (EPDC)

IT infrastructure is an expense
“Discovery” Datacenter
Scale-Up Architecture
~10.000 physical servers
Hundreds to Thousands of Applications
Application trust boundaries
HA failover model
Transactional
Application specific Infrastructure
Commercial Of The Shelf
L2 Topology

Driven by todays applications and digitization efforts the datacenter and in particular the MSDC’s are leading the agenda and there is an ongoing DC Architectural Battle based on misassumptions on requirements.

Main limitation factor for Enterprise to compete with MSDC offerings is typically not the network itself, this are old isolated and not mashed applications. While apps gets re-written to address the digitization needs with modern software development tools the expectation is that the network will be able to be programmed likewise by current development tools which leads towards a DevOps model.

As new application development no longer happens in isolation and the production system is becoming the development platform the logical next question coming up is why can’t I simply use my datacenter tools like PUPPET, CHEF and ANSIBLE likewise for Enterprise networks?

However, main takeaway from that ongoing battle is: “System administration is over – we should stop doing it” and what could be achieved by “Efficiency through abstraction and automation” based on Device to Admin Ratio comparisons over the last years.

Efficiency through abstraction and automation

Device to Admin Ratio

2009

2013

Traditional IT: 50:1

Amazon: 200:1

Google: 10000:1

Traditional IT 50:1

Amazon 10000:1

Google: 30000:1

Conclusions for Enterprise Controllers

From this discussion there are some main design points derived when it comes to requirements for controllers for Enterprise networks.

Primary:

Reduce Network Complexity
Brownfield Support – No Software / Hardware upgrade required
Low Risk adoption of SDN
Enterprise Scale for real life production network use
Product with minimal to no programming requirement
Auto-Translation of high level business intent into network control function

Secondary:

Abstraction and Automation of Manual Network Operations
Advanced Visualization (HTML5/Java code with object oriented interface)
Start with small set of solvable problems (QoS, ACL management , Zero Touch Deployment and IWAN as key applications with identifiable metrics (OPEX savings , ROI)
Elastic Services Infrastructure ensures scaling as adoption grows
Advanced analytics for real time network visibility and faster response time

Don’t make it simpler by making it more complex!

Where we are with SDN 2016, five years later

Gartner Hype Cycle

The SDN Hype Cycle is over now and customers are at “Trough of Disillusionment” while still searching for an solution of the original problem.

The bottom line