chris swan's cloudexpo europe presentation "the networking declaration of independence –...
Post on 12-Aug-2015
221 Views
Preview:
TRANSCRIPT
copyright 2014 1
The networking declaration
of independence
Chris Swan, CTO
@cpswan
the original cloud networking company
How overlay networking gives
you control of your networks
copyright 2014 2
Agenda
What is NFV?
Declaration of Independence
NFV Capabilities
Preview: Waves of Adoption
copyright 2014 3
What is
Network Function Virtualization?
copyright 2014
Positioning - NFV and SDN
4
copyright 2014 5
NFV can be a networking Swiss Army knife
Firewall
Dynamic &
Scriptable
SDN
Protocol
Redistributor
IPsec/SSL VPN
concentrator
Router Switch
NFV
Hybrid
virtual
device
able to
extend to
multiple
sites
Application SDN (Software Defined Network) Appliances
• Allow control, mobility & agility by separating network location
and network identity
• Control over end to end encryption, IP addressing and network
topology
copyright 2014 6
Networking Declaration
of Independence
copyright 2014 7
Nicira’s “declaration of independence” from metal,
freed NFV from OpenFlow
+
http://nicira.com/sites/default/files/docs/Nicira%20-
%20The%20Seven%20Properties%20of%20Virtualization.pdf
copyright 2014 8
These same properties free NFV from the
“constraints” of OpenFlow (technology, timing and target)
Nicira defined the 7 Properties of network virtualization as:
1. Independence from network hardware
2. Faithful reproduction of the physical
network service model
3. Follow operational model of compute
virtualization
4. Compatible with any hypervisor
platform
5. Secure isolation between virtual
networks, the physical network, and
the control plane
6. Cloud performance and scale
7. Programmatic networking provisioning and control
copyright 2014 9
With VM-based network devices you can use the cloud
network as “bulk transport” and are indifferent to all else.
Independence from network hardware
Customer Data Center
NFV Standard IPsec
Tunnel
Firewall / IPsec Device
Data Center Servers
Overlay IP: 172.31.11.xx
Public Cloud Region 1
IP: 192.168.1.xx LAN
Cloud Server Cloud Server
Overlay Network
copyright 2014 10
NFV devices “look” and “feel” like the same networking
devices customers have used for ever, without boundaries
Reproduction of physical network model
Customer Data Center
Standard IPsec Tunnel
Data Center Servers
Virtual Network
Cloud Server
Public Cloud Region 1
Overlay Network
Data Center Servers
Cloud Server
NFV
copyright 2014 11
Follow operational model of compute virtualization
NFV NFV NFV NFV
NFV functions can be dynamically brought on-line, up to
the elastic limits of the total infrastructure available (!!)
copyright 2014 12
Compatible with any hypervisor platform
NFV does more than “follow” the model of compute
virtualization, it exists via compute virtualization.
Public Clouds
Private
Clouds
Virtual
Infrastructure
copyright 2014 13
Secure isolation
Isolation takes many forms: from underlying infra, allow my
protocols, keep my “chattiness” in, keep others out, etc..
Customer Data Center Customer Remote Office
NFV
Overlay Network Subnet: 172.31.0.0/22
Overlay IP: 172.31.1.1 Overlay IP: 172.31.1.5 Overlay IP: 172.31.1.9 Overlay IP: 172.31.1.13 Overlay IP: 172.31.1.17 Overlay IP: 172.31.1.21 Cloud Server A Cloud Server B Cloud Server C Cloud Server D Cloud Server E Cloud Server F
Active IPsec
Tunnel Active IPsec Tunnel
Failover IPsec
Tunnel
192.168.4.0/24 -
172.31.1.0/24
192.168.3.0/24 -
172.31.1.0/24
Firewall / IPsec
Cisco 5505
Firewall / IPsec
Cisco 5585
Data Center Server Data Center Server
LAN IP: 192.168.4.50 LAN IP: 192.168.4.100 User Workstation
LAN IP: 192.168.3.100
User Workstation
LAN IP: 192.168.3.50
Chicago, IL USA Remote Subnet:
192.168.3.0/24
London, UK Remote Subnet:
192.168.4.0/24
Public IP:
184.73.174.250
Overlay IP: 172.31.1.250
Public IP: 54.246.224.156
Overlay IP: 172.31.1.246
Public IP:
192.158.29.143
Overlay IP: 172.31.1.242
Peered Peered
US East 1 EMEA APAC
NFV
copyright 2014 14
Cloud performance and scale
Where NFV really shines today: create a WAN in minutes,
use cloud as points of presence for your business
NFV
User Workstation User Workstation
Data Center Server
copyright 2014 15
Programmatic networking provisioning & control
+ http://maxoffsky.com/code-blog/building-restful-api-in-laravel-start-here/
Cloud Compute and Network APIs + NFV Device APIs
allow previously unimaginable flexibility and power
Public Clouds
Private Clouds
Virtual Infrastructure
copyright 2014 16
Preview: Waves of Adoption
copyright 2014 17
Waves of NFV Adoption
Customer Data Center
NFV
Standard IPsec Tunnel
Firewall / IPsec Device
Data Center Servers
Overlay IP: 172.31.11.xx
Public Cloud Region 1
IP:
192.168.1.xx LAN
Cloud Server Cloud Server
Overlay Network
Bursting and
Containment
Standard IPsec Tunnel
Public Cloud Region 1
Cloud Server Cloud Server
NFV
Overlay Network
Customer
Site N
Multiple
IPsec Devices
Customer
Site 2
Customer
Site 1
Hubs and
Spokes
“Winning back
control”
Encrypted Overlay network in VPC
Web App 2 Web App 1 Web App 3
Encrypted Connections
Tomorrow 11:25 - 11:50 in DCIM / Software
Defined Datacentres and Networks Stream
copyright 2014 18
Paddington, London, UK
ContactMe@cohesiveft.com
+44 20 8144 0156
Questions?
top related