Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Oracle’s Next-Generation SDN Platform Andrew Thomas Architect Corporate Architecture.

Published byBaby Brafford Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Oracle’s Next-Generation SDN Platform Andrew Thomas Architect Corporate Architecture."— Presentation transcript:

1 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Oracle’s Next-Generation SDN Platform Andrew Thomas Architect Corporate Architecture Oct 1,2014

2 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

3 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Virtual Networking Past Present Future

4 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Past “Once upon a time (’70’s), not so far away (Palo Alto)” Ethernet invented; everything on the same cable

5 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Past VLAN’s (802.1q) invented in late 90’s To support “departments” “physical” migration of PC’s between floors and offices

6 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Past VLAN’s present – Technical problems – Political problems

7 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Past Must configure switches Limited number of VLAN’s 4094 MAC address table limits Broadcast/Unknown/Multicast (BUM) flooding Problems most significant for large enterprises, hosting, etc VLAN Technical Problems

8 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Past Switches owned by “networking” Servers owned/managed by another IT group Switch re-configuration changes through tickets/bug reports – “weeks to fix” VLAN political problems

9 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Virtualization Puts a switch in every server Now need to trunk VLAN’s to servers VLAN’s run all over the place – Misconfiguration: migrating a VM disconnects the VM from network

10 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | “all problems in computer science can be solved with another level of indirection” – David Wheeler, University of Cambridge

11 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Present Build virtual layer 2 networks using tunneling encapsulation – Tunnels form an “overlay” – Physical network commonly referred to as “underlay”

12 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Present Several tunneling protocols – GRE – NVGRE – STT (Nicira) – VXLAN – Geneve All have common goal of decoupling virtual networks from physical networks All are “L2 in L3” protocols (ie Ethernet in IP) Tunnels

13 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Present VXLAN carries 24 bit VNI (VXLAN segment ID) – 16M virtual networks Outer UDP source port carries “entropy” for ECMP VXLAN Outer IP UDP VXLAN Guest frame

14 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Present “Ethernet networks work, but don’t scale” – Work in the sense the carry L2 frames – But are limited in total number of endpoints (MAC, BUM traffic) “IP networks scale, but don’t work” – Internet has huge scale by using IP – IP “doesn’t work” because it doesn’t offer L2 service (IP is L3) By using L2 in L3 we build a network which works and scales Scaling the network

15 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Present L3 encapsulation allows L2 packets to pass through routers L2 virtual networks can span the data center – Much simpler “bin packing” of VM’s Better operational efficiency Scaling the Network

16 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Present Lots of proposals (and proprietary protocols) for building large L2 networks – Pretty much dead in the water Excitement about Fabrics has dissipated Why? – IP+ECMP seems good enough – Available today – Widely supported Scaling the network

17 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Present Leaf spine / Clos; all routed – “non blocking”, multiple paths (ECMP) Scaling Architecture

18 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Present No forklift upgrade of hardware (will run on what you’ve got) – However, SDN won’t fix performance issues in your physical network – Look at leaf-spine/CLOS when upgrading Only change is 1600b MTU to carry encapsulation header Performance improvement by piecemeal NIC upgrade – Adapter support for VXLAN Encapsulation allows us to build isolated layer 2 networks VXLAN

19 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | SDN Networks (isolated L2 networks) Subnets Ports Routers Network services Gateways Programmable via RESTful API’s Elements of Software Defined Networking

20 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | SDN Creating a new network amounts to allocating a new VNI for VXLAN – No tickets; completely automated – Tunnels run over single VLAN which is provisioned once Networks

21 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | SDN Provide addressing information for Ports – Created with a CIDR block – A pool of address available for automated allocation – Subnet configuration, dns_servers, ntp_servers, dhcp_servers Automatic per network DHCP/DNS server/IPAM services Address information also feeds into virtual routing Subnets

22 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | SDN Model Virtual Machine interfaces Persistently associated with the VM interface – Carry address information MAC address; IP address (from subnet allocation pool) Firewall state – Telemetry (metering, chargeback information) Provide a point of policy enforcement – Firewalling – QoS Ports

23 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | SDN Each group provides – A collection of stateful firewalling rules … – That allow or deny traffic Ports can be dynamically associated with multiple Security Groups Firewalling at each Virtual Machine network interface – “distributed firewalling” – Greatly simplifies reasoning about rules – Don’t need to hairpin traffic through physical box Security Groups

24 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | SDN Perimeter Firewalling being replaced

25 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | SDN Join multiple L2 networks Function like a hardware router – Hardware typically limited to a small number of VRF “virtual router functions” – Unlimited number of software instances Provide a point for “service insertion” – [of traffic flowing through the “default gateway”] Routers

26 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | SDN Plug “ports” into routers Ports have addressing information via subnet Subnet provides router configuration Routers

27 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | “the value of a network is proportional to the square of the number of connected users of the system” – Robert Metcalfe

28 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | SDN L2 networks are isolated Routers build bigger islands Ways off the Island – Floating IP – L2 Gateway – L3 Gateway – L2 VPN – L3 VPN Getting off the Island

29 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | SDN L2 Gateway – Provides a VXLAN to “legacy” VLAN connection Adds/removes VXLAN encapsulation Joins virtual network to physical networks – Connectivity to Storage, dedicated hardware (load balancer…) – Can be implemented in software – Switch ASIC vendors can do this “at line speed” (~1TB/s) L3 Gateway Getting off the Island - Enterprise

30 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | SDN Public Cloud – Tenants given “private addresses” – Provider has Internet addresses Floating IP’s – Provides an IP address in service provider address space – Traffic flows through a virtual router – NAT from Virtual Machine IP address to Service IP address Getting off the Island – floating IP (service)

31 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | SDN SDN “faithfully reproduces” many of the “old networking” concepts – L2 networks – Routers – Subnets (DHCP/DNS/IPAM) SDN “new ideas” – Ports migrate network state with Virtual Machine – Security Groups Perimeter firewalling replaced by per-interface firewalling Fine grain control Summary

32 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Future Customers care about applications not networks Applications run in virtual machines We deliver applications as templates Applications

33 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Future Virtual machines have network interfaces SDN models these interfaces as ports Ports have security groups attached to them – This is connectivity information We publish the connectivity information within the template When deploying a group of application – we know what can connect together Applications

34 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Future Assembling a multi-tier application would be about plugging templates together Automation would create the Software Defined Network – the networks, subnets, routers, ports etc Application deployment “defines” the data center “Application Driven Data Center” Applications

35

Download ppt "Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Oracle’s Next-Generation SDN Platform Andrew Thomas Architect Corporate Architecture."

Similar presentations

Cloud computing is used to describe a variety of computing concepts that involve a large number of computers connected through a real-time communication.

Cloud computing is used to describe a variety of computing concepts that involve a large number of computers connected through a real-time communication.
Logically Centralized Control Class 2. Types of Networks ISP Networks – Entity only owns the switches – Throughput: 100GB-10TB – Heterogeneous devices:

Logically Centralized Control Class 2. Types of Networks ISP Networks – Entity only owns the switches – Throughput: 100GB-10TB – Heterogeneous devices:
L3 + VXLAN Made Practical

L3 + VXLAN Made Practical
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
Introduction into VXLAN Russian IPv6 day June 6 th, 2012 Frank Laforsch Systems Engineer, EMEA

Introduction into VXLAN Russian IPv6 day June 6 th, 2012 Frank Laforsch Systems Engineer, EMEA
Implementing Inter-VLAN Routing

Implementing Inter-VLAN Routing
The Case for Enterprise Ready Virtual Private Clouds Timothy Wood, Alexandre Gerber *, K.K. Ramakrishnan *, Jacobus van der Merwe *, and Prashant Shenoy.

The Case for Enterprise Ready Virtual Private Clouds Timothy Wood, Alexandre Gerber *, K.K. Ramakrishnan *, Jacobus van der Merwe *, and Prashant Shenoy.
Virtualization of Fixed Network Functions on the Oracle Fabric Krishna Srinivasan Director, Product Management Oracle Networking Savi Venkatachalapathy.

Virtualization of Fixed Network Functions on the Oracle Fabric Krishna Srinivasan Director, Product Management Oracle Networking Savi Venkatachalapathy.
VLANs Virtual LANs CIS 278.

VLANs Virtual LANs CIS 278.
Application Centric Infrastructure

Application Centric Infrastructure
A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.
Network Overlay Framework Draft-lasserre-nvo3-framework-01.

Network Overlay Framework Draft-lasserre-nvo3-framework-01.
CON7349 - Software-Defined Networking in a Hybrid, Open Data Center Krishna Srinivasan Senior Principal Product Strategy Manager Oracle Virtual Networking.

CON Software-Defined Networking in a Hybrid, Open Data Center Krishna Srinivasan Senior Principal Product Strategy Manager Oracle Virtual Networking.
The Safe Harbor The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated.

The Safe Harbor The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated.
Networking Components

Networking Components
Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Software Stack COS 597E: Software Defined Networking.

Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Software Stack COS 597E: Software Defined Networking.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.

Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.
Mr. Mark Welton.  Three-tiered Architecture  Collapsed core – no distribution  Collapsed core – no distribution or access.

Mr. Mark Welton.  Three-tiered Architecture  Collapsed core – no distribution  Collapsed core – no distribution or access.
MPLS And The Data Center Adrian Farrel Old Dog Consulting / Juniper Networks

MPLS And The Data Center Adrian Farrel Old Dog Consulting / Juniper Networks

Similar presentations

Ads by Google