Google unveiled some details of its new internal network at Open Networking Summit in April and predictably the industry press and OpenFlow pundits exploded with the “this is the end of the networking as we know it” glee. Unfortunately I haven’t seen a single serious technical analysis of what it is they’re actually doing and how different their new network is from what we have today.
Brad Hedlund did an excellent analysis of fixed versus chassis-based switches in his Interop presentation and concluded that fixed switches offer higher port density and lower per-port power consumption than chassis-based ones. That’s true when comparing individual products, but let’s ask a different question: how much does it take to implement a 384-port non-blocking fabric (equivalent to Arista’s 7508 switch) with fixed switches?
I usually use the “Nicira is Skype of virtual networking” analogy when describing the differences between Nicira’s NVP and traditional VLAN-based implementations. Cade Metz liked it so much he used it in his What Is a Virtual Network? It’s Not What You Think It Is article, so I guess a blog post is long overdue.
Before going into more details, you might want to browse through my Cloud Networking Scalability presentation (or watch its recording) – the crucial slide is this one:
Stephen Hauser sent me an interesting question after the Data Center fabric webinar I did with Abner Germanow from Juniper:
A common theme in your talks is that L2 does not scale. Do you mean that Transparent (Learning) Bridging does not scale due to its flooding? Or is there something else that does not scale?
As is oft the case, I’m not precise enough in my statements, so let’s fix that first:
Just prior to Networking Field Day, the merry band of geeks sat down with Chip Copper, Brocade’s Solutioneer (a job title almost as good as Packet Herder) to discuss the intricate details of VCS Fabric. The videos are well worth watching – the technical details are interesting, but above all, Chip is a fantastic storyteller.
NHRP-based interface state control is a fantastic feature that you can use for faster convergence of very large DMVPN networks (as explained in the DMVPN Designs webinar, you can also use it to solve some interesting backup scenarios). We tested it in a network with over 1000 spokes (using ASR1K as the hub router) using very short registration timeouts, and the CPU utilization of the NHRP process rarely exceeded a few percents.
Every data center network has a mixture of bridging (layer-2 or MAC-based forwarding, aka switching) and routing (layer-3 or IP-based forwarding); the exact mix, the size of L2 domains, and the position of L2/L3 boundary depend heavily on the workload ... and I would really like to understand what works for you in your data center, so please leave as much feedback as you can in the comments.
The most popular post in March was the one describing my BGP security Internet draft. That’s good news – let’s hope you’ll all implement the recommended security measures. And here’s the top-10 list as reported by Google Analytics.
- My first Internet Draft has just been published
- Stretched Layer-2 Subnets – The Server Engineer Perspective
- OpenFlow: A perfect tool to build SMB data center
- Knowledge and Complexity
- Cisco & VMware: Merging the Virtual and Physical NICs
- MPLS/VPN in the Data Center? Maybe not in the hypervisors
- VXLAN and EVB questions
- Grumpy Monday: HP and OpenFlow
- Do we really need Stateless Transport Tunneling (STT)
- Scalable, Virtualized, Automated Data Center
In this part of the OpenFlow webinar, Greg Ferro talks about SDN and controller ecosystems, including a great overview of potentially relevant SDN technologies, from venerable SNMP to NETCONF and OpenFlow (more information, roadmap, videos and PDFs).
Vasilis sent me an interesting campfire story. It started with a common mistake:
An external partner of my company used an Ethernet cable and connected two switchport interfaces of one of our access switches .
Being a conscientious networking engineer, he had the usual safeguards in place ...
Five years ago I was writing about trivial things like continuous pings, booting a 2800-router with an USB image and EEM tricks. Three years ago it was traffic shaping, IOS interface names, OSPF (router ID selection and SPF events) and BGP Route Reflector update groups.
The blogosphere has been full of OpenFlow-related articles recently (no wonder - there was Open Networking Summit in Santa Clara), so here's a special OpenFlow edition of interesting links
Let's start with my good friend Greg Ferro. I'm so glad to see him returning back from a sabbatical at OpenFlow Kool-Aid lake. His latest articles are a must-read: OpenFlow might lower CapEx while SDN will increase OpEx and OpenFlow doesn’t undermine Vendors even though it changes everything. We're perfectly aligned, which will make our discussions way less interesting, but I'm glad I'm not the only conservative in the town.
I’ve published two cloud networking-related presentations to my webinar demo web site: the Cloud Computing Networking Under the Hood presentation from EuroNOG 2011 briefly describes various technologies you can use to implement virtual networks in IaaS clouds, the Cloud Networking Scalability one from RIPE64 addresses the scalability aspects of these technologies.
You can find a broader in-depth description of these topics in the Cloud Computing Networking webinar (register for the next week’s live session).
VMware has a fantastic-looking cloud provisioning tool – vCloud director. It allows cloud tenants to deploy their VMs and create new virtual networks with a click of a mouse (the underlying network has to provide a range of VLANs, or you could use VXLAN or vCDNI to implement the virtual segments).
Needless to say, when engineers not familiar with the networking intricacies create point-and-click application stacks without firewalls and load balancers, you get some interesting designs.
Google Analytics claims blog posts describing Nicira were among the most popular content written in February 2011. No surprise there. Here’s the whole top-10 list:
- Does CCIE still make sense?
- Nicira Open vSwitch inside vSphere/ESX
- IBM launched a Nexus 1000V competitor
- Nicira, BigSwitch, NEC, OpenFlow and SDN
- Nicira uncloaked
- 6WIND: Solving the Virtual Appliance Performance Issues
- Embrace the change ... resistance is futile ;)
- Microsoft Network Load Balancing Behind the Scenes
- Edge Virtual Bridging (802.1Qbg) – a technology refusing to die
- Forwarding State Abstraction with Tunneling and Labeling
Buying a new networking appliance (be it VPN concentrator, firewall or load balancer … aka Application Delivery Controller) is a royal pain. You never know how much performance you’ll need in two or three years (and your favorite bean counter will not allow you to scrap it in less than 4-5 years). You do know you’ll never get the performance promised in vendor’s data sheets … but you don’t always know which combination of features will kill the box.
Now, imagine someone offers you a performance guarantee – you’ll always get what you paid for. That’s what LineRate Systems, a startup just exiting stealth mode is promising.
Posts
