Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Networks

October 30, 2014
Presentation for

Agenda
•
Company overview
•
Market focus
•
Products
•
High-performance OpenStack® Networking
•
DVN demo
•
Bonus session!
•
High-performance Wide Area Networking
•
DVNi demo
•
Q&A
Property 10/30/2014 of CPLANE NETWORKS 2

Who We are
Software only Network Orchestration
• Dynamic Virtual Networks
• Policy and structure network
orchestration
• Physical network integration
and optimization
• Converged Virtual LAN and WAN
• Orchestrate NFV Services
OpenStack Networking
• Production ready Neutron Plugin
SDN Customization and Integration
• Sophisticated SDN platform
allows custom solution - both inside
and outside the data center
POWERFUL
SDN
PLATFORM
DYNAMIC
VIRTUAL
NETWORKING
PRODUCTS
SDNCUSTOMIZATION
& INTEGRATION
HIGH
PERFORMANCE
OpenStack®
NETWORKING

CPLANE’s Advantage: Service Orchestration Engine
Service Orchestration Engine
Northbound Services (RESTful)
Southbound Services (NetConf, CLI, SNMP, API, etc.)
Service Orchestration
Path and Flow
Computation
Policy Management
Topology and State
Cloud Operating Systems
Network Applications
Virtual Network
Services
Physical Network Services
CPLANE NETWORKS
•
Built from the ground up for network services orchestration
•Function-independent scaling
•Full HA

Fully Automated End-to-End Networking
End-to-End Networks
Scalable OpenStack network virtualization in the data center
Seamless, interconnected networks between data centers (WAN)
NFV Orchestration
Service Convergence
& Integration
Data Center OVS/VXLAN Networks
MPLS/WAN Service Orchestration
Data Center OVS/VXLAN Networks
WAN (DVNi)
DATA CENTER (DVN)
DATA CENTER (DVN)
EDGE
-
(DVNe)
EDGE
-
(DVNe)
Dynamic
Wide Area Networks
CloudNetworking
Platform
CloudNetworking
Platform
CloudNetworking
Platform
10/30/2014 Property of CPLANE NETWORKS 5

Our Products 6
•Dynamic Virtual Network (DVN)
•Operational efficiency, reliability and secure multi-tenancy of OpenStack® networking
•Scale OpenStack network performance through elimination of OpenStack bottlenecks
•Close the gap between NetOpsand DevOpsthrough common Application-aware network
•MPLS/WAN Network Provisioning and Orchestration (DVNi)
•Creates Multi-datacenter Wide Area Networks (WAN)
•Provides L2/L3 VPN with dynamic Class of Service/Quality of Service
•Provides optimal network utilization through patented bandwidth management
•Network Function Virtualization Orchestration and Integration (DNVe)
•Custom integration with 3rdparty hardware and software
•Multi-function gateways, load-balancers, and security Property 10/30/2014 of CPLANE NETWORKS

Dynamic
Virtual
Networks

Design goals and philosophy
•
Be networking technology agnostic, but implementation specific –“Technology Evolves, But Customers Migrate Slowly”
–
Hardware technologies (LAN/WAN)
–
Protocols (VXLAN, GRE, MPLS, BGP)
–
Open Virtual Switch / Others?
•
Scalability in mind
–
Millions of vms, 10’s thousands of servers
–
Intra and Inter Data Center
•
Make OpenStackBetter!
–
Network node backhaul problem
–
Better isolation between Nova and Neutron
–
Nova scheduler should include other resources
•
Manageability, deployment and resiliency
–
Must be automatic / maintenance free
•
OpenFlowTMis interesting/innovative –still immature
–
Connection management
–
Reactive model –not enough
•
Prefer aggregate service event push over reactive
–
Higher level service knowledge
–
Steady-state should be fast
–
Structural changes can take time
•
We can enhance/optimize OVS! 
–
Data Plane
–
Control Plane
–
Management Plane
•
Basis for Virtual Networks as a platform for future
–
Integrate with the hardware layer
–
Solve other domain problems
•
Application
•
Security
Property of CPLANE NETWORKS 8
Deliver Multi-tenancy Network Orchestration
10/30/2014

Move to Workloads and DevOpsModel
•
Deploy/Remove apps in minutes
•
Centralized knowledge of app topology
•
Policy driven to adhere to Corp Governance
•
Organization silos provide oversight
Tenant Based Cloud Networking
Server1 Server1 Server1
192.168.0.2
192.168.0.2
192.168.0.2
Server1
Server1
Server1
192.168.2.2
192.168.2.2
192.168.2.2
Router
Internet
Or Other DC
Routing
VM
VM
VM
VM
VM
Spine
Router
LEAF
Spine
Router
Spine
Router
LEAF
LEAF
LEAF
LEAF
LEAF
Routing
VM
VM
VM
Server1
192.168.0.2
VM
VM
VM
App1
L2 & L3
App2 L2
VM
VM
VM
VM
VM
VM
VM
App3
L2 & L3
+ Physical
VM
VM
f(n)
Security Perimeter
Security Perimeter
Security Perimeter
Physical Resource Functions (Workloads)
Application
workloads
Attributes:
•Application workloads
•Optimized for east-west traffic
•Dynamic VM Topologies
•10ks of VMs, 1000s of VM groups
•Minutes to deploy applications
•NetOpsmoves to oversight role (BM/QoSManagment)
f(n)
Note: Traditional DC Network design ToR/Agg/R-Core
can still be used for small / medium scale deployments
OGR™

Inter-Data CenterTenant Based Cloud Networking
Server1 Server1 Server1
192.168.0.2
192.168.0.2
192.168.0.2
Server1
Server1
Server1
192.168.2.2
192.168.2.2
192.168.2.2
Router
Routing
VM
VM
VM
VM
VM
Spine
Router
LEAF
Spine
Router
Spine
Router
LEAF
LEAF
LEAF
LEAF
LEAF
Routing
VM
VM
VM
Server1
192.168.0.2
VM
VM
VM
App1
L2 & L3
App2 L2
VM
VM
VM
VM
VM
VM
VM
App3
L2 & L3
+ Physical
VM
VM
f(n)
Security Perimeter
Security Perimeter
Physical Resource Functions (Workloads)
Application
workloads
OGR™ Overlay Router
Extends Tenant Network to Edge Router
f(n)
Note: Traditional DC Network design ToR/Agg/R-Core
can still be used for small / medium scale deployments
OGR™
OGR
BGP

Virtual Extensible Local Area Network (VXLAN)
•
IETF VXLAN
–
Uses multi-cast
–
High overhead
–
Low scalability
–
Switching only (L2)
•
CPLANE Controller-Based VXLAN
–
Common encapsulation
–
Low overhead
–
High scalability
–
Routing (L3) and Switching
–
Local ARP Resolution
•
Ethernet in IP overlay network
–
Entire L2 frame encapsulated in UDP
–
50 bytes of overhead
•
Include 24 bit VXLAN Identifier
–
16 M logical networks
•
VXLAN is routable
•
Tunnel between hosts
–
VMs do NOT see VXLAN ID
Outer MAC
DA
Outer MAC
SA
Outer 802.1Q
Outer IP DA
Outer IP SA
Outer UDP
VXLAN ID (24 bits)
Inner MAC DA
InnerMAC
SA
Optional Inner 802.1Q
Original Ethernet Payload
CRC
VXLAN Encapsulation
Original Ethernet Frame

Inter-Data Center using MPLSTenant Based Cloud Networking
MPLS Core
Router
MPLS Core
Router
MPLS Core
Router
SF Data Center
NY Data Center
Tokyo Data Center
MPLS –Full Mesh LSPs
Traffic Engineer Core
Backup path failover
•
Easy migration from Carrier Service
•Greater flexibility, reduce cost
•Integrate with OpenStack Model
Bandwidth guarantees,
Resiliency and
Fast Reroute

Inter-Data Center Using MPLSTenant Based Cloud Networking
MPLS Core
Router
MPLS Core
Router
MPLS Core
Router
SF Data Center
NY Data Center
Tokyo Data Center
•
Per-tenant connectivity via OGR-MPLS
•Aggregate or per tenant L3VPN/L2VPN
•Supports CoS/QoSover WAN
•
Per tenant L2 or L3 VPN
•Multiple CoSper VPN
•Edge Policy QoS
•Application Packet Marking
T1
T2
MPLS Edge Router
MPLS Edge Router
MPLS Edge Router

OpenStack Virtual Networking Property 10/30/2014 of CPLANE NETWORKS 14
OpenStack™ VXLAN Virtual Overlay Networking
– Havana/Icehouse via Neutron plugin
Features:
• Autonomous Compute Node Architecture
–Eliminate need for separate Network Node™
–Local ARP resolution proxy
–Direct virtual routing and switching
–Local Floating IP
–Local NAT
–Local DHCP • Near line rate using optimized OVS
• Tenant Isolation via efficient VXLAN
• Supports 1000s of compute nodes
• OGR™ Gateway to physical networks and
MPLS WAN
• Hardware Assist GW/LBAAS
• Integration with CPLANE’s MPLS WAN
Product

CPLANE VXLANRouting and Autonomous Compute Nodes
• DVN eliminates the need for the physical OpenStack Network Node to perform
–Tenant Routing
–Metadata Proxy
–DHCP services
–Floating IP
–NAT
• VM to VM routed traffic is sent directly to each destination node
• OGR™ routes VM traffic to physical networks and MPLS WAN
OpenStack Icehouse
Dependent on Network Node
CPLANE
Autonomous Compute Nodes
MPLS WAN &
Physical Workloads

Event Driven, Deterministic Policy Orchestration
OpenStack®
Controller
Neutron
ReST
API
Compute Node
CP Agent
OVS
VM
VM
VM
Compute Node
CP Agent
OVS
VM
VM
VM
Compute Node
CP Agent
OVS
VM
VM
VNF
OpenStack
User Events
•Create VM(s)
•Connect VMs to Network
•Route VMs together
CPLANE SDN/DVN Controller
•Turns Neutron Events into Flows Models
•Calculates which OVS will be affected by which Flow Model based on the VM topology
•Sends Flow Models to the appropriate OVS via CP-Agent
Flow Models: A sequence of OVS flow table entries designed to perform a specific routing or switching function
OGR Node
CP Agent
OVS
FLOWS MODELS
•Base Flows
•Base Subnet Flows
•Base L2 Flows
•L2 Local Flows
•L2 Remote Flows
•L3 Remote Flows
•FloatingIP Flows
•NAT Flows
•OGR Compute Flows
Switch
MF-Dev
T1
ORCHESTRATION
•PNF and NFV
•QoSPolicies
•LB Policies
•ACL/ Firewall
Controller

CPLANE OVS Component Architecture
NIC Card
• CPLANE AGENT
–Handles all management needed for on compute node (OVS)
–Registration/recovery
–Caching, health, logging
–OS Functions
• CLI management still exist but NOT needed for
managing compute node
–ovs-vsctl
–ovs-dptl
–ovs-ofctl–still maybe used for deep debugging
–ovs-appctl–still maybe used for deep debugging
CPLANE AGENT
Communication with DVN Controller

Manageability Single Pane of Glass
Graphical Topology Element (EMS) View – Bridges / ARP Tables
Service Assurance – Connectivity Validation
Service Detail –Drill Down

Version 1.2
•
Fully Autonomous Compute node
–
Localized DHCP per Network
•
Enhanced UI display
–
New per-node network ARP table view
•
Keystone Integration –Authentication/Authorization
–
Controller users authenticate with keystone
–
Role based authorization limits views to network services

Dynamic Virtual Networks
Interconnect

Dynamic Virtual Networks Interconnect (DVNi) Transit Layer (MPLS-TE)
Build End-to-Edge or Full Mesh LSPs
–
Graphically draw, generate, pre-validate and apply configurations
Automatic topology discovery
–
Computed from existing LSP configuration
Multi-vendor LER/LSR router support
–
Juniper, Cisco and others
Automatic computation of backup Paths
–
No single point of failure in network
LSP Computation using with CSPF
–
Bandwidth aware
Full support for path coloring constraints. i.e.:
–
Resource class affinities
Transactional control provisioning
–
With full roll-back capability

Dynamic Virtual Networks Interconnect (DVNi) VPN Service Layer
Northbound Services (RESTful)
Southbound Services (NetConf, CLI, SNMP, API, etc.)
Service
Orchestration
Path and Flow
Computation
Policy Management
Topology and State
Cloud Operating Systems
Network Applications
•
Automated L3 (2547) and L2 (PW, VPLS) Multi-site VPN
•Provides CoSand protects service SLAs with built-in admission control
•Reviews, stores and audits all network element changes along with current service state and VPN topology
•Automation and control of network resources such as bandwidth, VRFs, queues and access control lists
•Supports Hub-and-spoke and full- mesh VPN topologies
•Easily integrates with OpenStack for complete end-to-end provisioning
MPLS Multi-site Data Center
Interconnectivity

Demo Environment
•
Management Network
–
SNMP discovery
–
Management Plane (cli)
• Physical Equipment
–Cisco (PE, P)
–Juniper (PE)
• Configuration
–OSPF IGP (also support ISIS)
–MPLS RSVP-TE protocol on all NN links
–MP-BGP on all PE Routers
–L2/3 VPN Services on PE Access Points
Cisco 7204core1lo0 10.255.255.1Cisco 7204core3lo0 10.255.255.3Cisco 7204edge1lo0 10.255.255.11Cisco 7204core2lo0 10.255.255.2Juniper M5edge3lo0 10.255.255.13Cisco 7204edge4lo0 10.255.255.14fa1/0 10.10.1.1/29fa3/0 10.10.1.2/29fa3/010.10.1.17/29fa3/0 10.10.1.18/29fa4/0 10.10.1.25/29fa1/0 10.10.1.26/29fa2/0 10.5.1.1/29fa1/0 10.5.1.2/29fa2/0 10.5.1.9/29Fa0/0/0 10.5.1.10/29fa1/0 10.5.1.25/29fa4/0 10.5.1.26/29fa2/010.7.1.1/29fa3/010.7.1.9/29fa2/0 10.7.1.25/29fa3/0 10.7.1.33/29Fa0/0/2 10.7.1.57/29

Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Networks

More Related Content

What's hot (20)

Viewers also liked (8)

Similar to Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Networks (20)

More from nvirters (10)

Recently uploaded (20)

Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Networks