System Networking
Anees Shaikh
Chief SDN Architect
IBM System Networking
IBM software defined networking
strategy overview
© 2013 IBM Corporation
System Networking
Agenda
 Network virtualization and the SDN model – some background
 SDN value proposition and use case examples – what problems does it solve
 SDN technology progression – where is the technology headed
 IBM SDN product portfolio – what’s shipping, what’s coming
 Software defined environments – extending SDN concepts to the entire IT
infrastructure
 IBM and Open Source – commitment to customer choice and interoperability
2
IBM SDN Strategy Overview October 2013
© 2013 IBM Corporation
System Networking
Networks are the new virtualization focus
server virtualization
VM
VM
VM
hypervisor
•
•
•
•
network virtualization
now emerging
efficiency (consolidation)
multi-tenancy (isolation)
flexibility (scaling, migration)
hw independence (emulation)
server resource pool
(x86, Power, etc.)
VM
VM
VM
VM
VM
VM
virtual
networks
storage virtualization
network hypervisor
• efficiency (thin provisioning)
• multi-tenancy (isolation)
• flexibility (scaling, mapping)
in-band virtualization
storage resource pool
(storage controllers, JBODs, etc.)
network virtualization
•
•
•
•
3
IBM SDN Strategy Overview | October 2013
efficiency (multiplexing)
multi-tenancy (isolation)
flexibility (loc independence)
hw independence (encap)
© 2013 IBM Corporation
System Networking
Accelerating shift to software in networking
software providers moving
the control point toward
software functions and
virtual switching
Traditional Ethernet
switch vendors
4
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
analytics
traffic engr
security
VPN
network
applications
monitoring
SDN makes the network programmable,
agile, and application-oriented
routing
Software-defined networking : the new paradigm
embedded OS
…
std server
VPN
monitoring
control / mgmnt
functions
routing
OS
OS
custom switching
ASIC
SDN interface
embedded
OS
merchant
silicon
ASIC
hardware switch
Traditional, vertically integrated model
– control with forwarding
– localized decision making
– embedded, fixed function
5
IBM SDN Strategy Overview | October 2013
SDN interface
hypervisor
OS
hypervisor
virtual
switch
hardware switch
software vswitch
SDN, horizontal model
– move control functions to a central controller
– global visibility and decision making
– programmable function
© 2013 IBM Corporation
System Networking
Benefits of SDN are transformational
Databases
Collaboration Video
HPC Analytics Email
Middleware HFT
Virtual Desktop
Programmable Network
Provide dramatic improvement in business efficiency by
reducing application deployment times
IBM SDN Controller
Simplified & Virtualized Network
Network Hypervisor
Multi-Vendor
Data Center Core Network
Provide business agility by making the network completely
dynamic reducing provisioning & decommissioning cycles
End-to-End Optimized Network
Optimized Fabric
6
IBM SDN Strategy Overview | October 2013
Provide greater utilization by optimizing the fabric and realize
cost savings over traditional architectures
© 2013 IBM Corporation
System Networking
SDN benefits multiple stakeholders in the data center
Application writers
• network abstractions and APIs for specifying network behavior or querying network conditions
• seamless integration with the network through well-defined APIs
Server admins
• faster provisioning of the network to support new server and VM deployments
• extend VM policies to the network through virtual switching
Network admins
• automation interfaces for less error-prone config (security, path selection, QoS, …)
• fine-grained, centralized controls to optimize the network fabric and control plane
• define deployment patterns and policies for improved consistency and governance
7
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
Dynamic “switchboard”
 Transparently modify flows from colocation to desired services
 No re-wiring needed
 New business model in hosted colocations
BGP Peering
Telco #1
Colo 3
Colo 1
Switch
Switch
Switch
Colo 4
Managed
Service
Provider (MSP)
8
IBM SDN Strategy Overview | October 2013
Switch
Colo 2
BGP Peering
Telco #2
© 2013 IBM Corporation
System Networking
Network visibility and large-scale monitoring
 Existing network infrastructure is unchanged
 Production traffic is selectively mirrored to an
OpenFlow monitoring network
 NetFlow/SFlow sample traffic and notify the PNC of
interesting flows
 IBM PNC dynamically update the flows to re-direct
interesting flows to a data analysis device
Data analyzer
NetFlow/SFlow
IBM
PNC
Switch
Switch
Switch
Corporate Network
Switch
OpenFlow Network
Mirrored traffic
9
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
Dynamic DCN security
 Detect traffic with destined for public cloud, Internet, or sensitive target
 Automatically and transparently re-direct these flows to a secure appliance
 Anywhere in the network public cloud traffic can be securely encrypted
Public Internet /
Cloud
Switch
IBM
PNC
Switch
Encryption
Switch
Switch
IPS
10
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
Accelerated application provisioning with network virtualization
 Cut network provisioning from days to minutes
 Secure VM mobility across Layer 2/Layer 3 networks and data centers
Existing Network



Network with IBM SDN VE-Enabled Servers



Manual physical network configuration change
Time consuming network provisioning
Server virtualization gated by network provisioning
No physical network configuration change
Automated network provisioning
Server virtualization not gated by physical network
Existing
Network
Existing
Network
Physical network change for virtual workload
connectivity
Yellow Virtual Network
RED Virtual Network
IBM SDN VE Network
VM
11
VM
VM
IBM SDN Strategy Overview | October 2013
VM
VM
VM
VM
VM
© 2013 IBM Corporation
System Networking
Simplified data center network consolidation
IP Address 10.10.10.x
IP Address 10.10.10.x
IBM SDN VE Virtual Network
 Overlapping network addresses create challenges for consolidation
– application licensing tied to ip addresses
– physical networks cannot share ip addresses
 IBM SDN VE simplifies data center consolidation
– maintain current IP addressing scheme
12
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
Progression for software-defined networking
SDN applications
SDN enablers
multi-tenant
network
virtualization
OpenFlow and
centralized control
• industry standard
protocol
• real deployments in
campuses, large
online SPs, and
enterprise
• a standard feature on
many switches
IBM G8264 10GB switch
with OpenFlow 1.0
13
high value services
and network
integration
• first production use case
for SDN
• vendor offerings already
available or announced
• ultimately, a required
building block
• greater variety of
network-level and
application-level
services
• integration with IT
processes (security,
provisioning, disaster
recover, etc.)
• best opportunity for
differentiation and
greater business value
Partner Apps and Services
PNC: OpenFlow
controller
5000V: standards-compliant
VMware dist. virtual switch
IBM SDN Strategy Overview | October 2013
SDN VE: multi-platform
network hypervisor
Global Virtual & Physical State
Management
Overlay
OpenFlow
(SDN VE)
© 2013 IBM Corporation
System Networking
IBM SDN product portfolio
VMready
OpenFlow
Switches
Edge
Virtual
Bridging
Distributed
Virtual
Switch
OpenFlow IBM SDN-VE
Controller
Additional
OpenFlow
Switches and
features
SDN
Application
Platform
Apps and Services
802.1Qbg
Global Virtual & Physical State
Management
Overlay
OpenFlow
(SDN VE)
OpenFlow 1.0 10GB
Jan 2009
Oct 2011
Jan 2012
Feb 2012
Nov 2012
Jun 2013
Investment
Investment
IBM SDN: Shipping products and technology investments
Delivering the future of networking now
14
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
OpenFlow : a standard protocol for SDN
monitoring
security
QoS
topology
OpenFlow protocol
routing
OpenFlow provides an industry-standard API and protocol to
program packet handling in switches
…
network control
applications
OpenFlow controller
VM VM VM
hypervisor
vSwitch
VM VM VM
VM VM VM
hypervisor
hypervisor
OF-capable switches
with programmable
forwarding tables
vSwitch
vSwitch
 OpenFlow controller applications install match-action rules in switches
– if <src IP = x and dest IP = y> then forward to port 2
– if <VLAN ≠ 200> then drop packet
 Fine-grained and flexible control over data plane
15
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
IBM SDN OpenFlow products
OpenFlow switches
Model
Description
More info
G8264
48x10Gb / 4x40Gb 1U
https://ibm.biz/Bdx9iA
G8264T
48x10Gb / 4x40Gb 10GBase-T 1U
https://ibm.biz/Bdx9iJ
G8316
16x40Gb / 64x10Gb 1U
https://ibm.biz/Bdx9ih
G8052
48x1Gb / 4x10Gb 1U
EN4093
embedded switch for PureSystems
42x10Gb internal / 22x10Gb external
https://ibm.biz/Bdx9ig
https://ibm.biz/Bdx9i8
IBM Programmable Network Controller
•
•
•
•
•
16
OpenFlow standard based automated control of the network
One touch point (IBM PNC)
Virtualization of OpenFlow network
Greatly reduce OPEX of the network
Upcoming features incl. OF 1.3 and OpenStack integration
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
OpenFlow enabled RackSwitch G8264
1.00
Tbps
 1st Enterprise Data Center 10G/40G OpenFlow
Switch available as a GA product – fully supported
 Open, Standards based Solution
–
–
–
–
OpenFlow 1.0 compliant.
Works with any OpenFlow Controller
Tested with all leading Controllers
Supports hybrid operation
 Customers using IBM RackSwitch G8264 with
–
–
–
–
–
–
17
IBM PNC
NEC PFC Controller
Big Switch Networks Controller
NOX Controller
FlowVisor
Homegrown
IBM SDN Strategy Overview | October 2013
1.28
G8264 highlights
Up to 64 10GE SFP+
4x 40GE QSFP+ ports
hot swap redundant
power supplies and fans
front-to-back or back-tofront airflow
same switch firmware may be used in traditional
L2/L3 mode or openflow mode
openflow 1.0 with up to
97750 flows
line rate performance for
all flows
fully implemented in
hardware
connection to multiple
controllers for high
availability
multiple logical instances
unicast / multicast FDB
enabled
© 2013 IBM Corporation
System Networking
IBM Programmable Network Controller
 PNC – A full-feature OpenFlow Controller
– Advanced network automation increases network reliability and availability
– Intelligent and dynamic multipath routing based on business policy
– Highly available central configuration, monitoring, reporting console
– Policies enforced throughout the network, no need for individual switch configuration
 Virtual Tenant Network (VTN) application virtualizes OpenFlow network
– VTN provides virtual Layer 2, virtual Layer 3 and policy based networking
– “logical” switch-like concepts (vbridges, vrouters, , vlinks) to define virtual networks
– Point and Click VTN design and UI; REST APIs to create, edit, and delete VTNs
 End-to-end network visualization
– Display VTN flows and virtual topology
– Display flow information in the physical topology
– Display physical topology map
18
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
IBM participation in ONF working groups and forums
Open Networking Foundation drives standardization of OpenFlow and related protocols
ONF Group
Focus
IBM organizations participating
Extensibility
core OpenFlow protocol development
IBM System Networking Dev
Configuration and Management
OF-Config protocol for OF switch
configuration and overall management
IBM Research (Watson), SN Dev
Tunnel handling spec, OF-Config 1.2 editor
Forwarding Abstractions
OF 2.0 development, modeling
languages, major conceptual changes
IBM Research (Austin) / SN Dev
TTP proposal, service award
Market Education
enhance understanding of SDN
technologies and share customer best
practices and use cases
IBM Systems Networking Prod Management
Vice-chair position (2012)
Hybrid
managing shared resources in a hybrid
conventional/OpenFlow switch
IBM Systems Networking Dev
Testing and Interoperability
certification suites, interoperability
testing and benchmarking
IBM Systems Networking QA
19
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
Multi-tenant network virtualization with overlays
 provide each data center tenant with a single virtual network abstraction
 SDN controller uses overlays to virtualize physical network infrastructure
 one-time deployment and configuration of the physical network
Tenant 2
Tenant 1
VM
VM
VM
VM
VM
SDN
controller
20
IBM SDN Strategy Overview | October 2013
 virtual network implemented purely on
end hosts by software switches and
encapsulation
 overcomes scaling limits of physical
network virtualization
© 2013 IBM Corporation
System Networking
SDN VE – a hypervisor for the network
 Based on IBM’s Distributed Overlay Virtual Ethernet (DOVE) technology
 Uses existing IP infrastructure — No change to existing physical network
 Provides server-based connectivity for virtual workloads
IBM SDN VE
Connectivity
Server
IBM SDN VE
Management
Console
Virtual Appliance
Virtual Appliance
VM
IBM SDN VE
Virtualized Network
VM
VM
APIs
OpenStack
RESTful, Quantum
Applications
Cloud/DC
Provisioning
VM
VM
VM
VM
VM
IBM SDN VE
vSwitch
IBM SDN VE
vSwitch
IBM SDN VE
vSwitch
Hypervisor
Hypervisor
Hypervisor
VM
VM
Virtual Network 1
VM
Virtual Network 2
VM
Virtual Network 3
Virtual Network 1
Virtual Network 2
Virtual Network 3
IBM SDN VE
Gateway
Existing IP Network
Virtual Network 3
Existing IP Network
End
Station
21
IBM SDN Strategy Overview | October 2013
End
Station
© 2013 IBM Corporation
System Networking
SDN VE traffic in virtual and physical networks
SDN VE Virtualized Network
VM
VM
VM
VM
SMAC
(Physical)
VM
SDN VE vSwitch
SDN VE vSwitch
Hypervisor
Hypervisor
DMAC
(VM)
DMAC
(Physical)
VM
SIP
(Physical IP)
DIP
(Physical IP)
Switching/Routing in physical network
SDN VE Header
(VxLAN)
SDN VE Routing
DMAC
(VM)
SMAC
(VM)
SMAC
(VM)
SIP
(SDN VE IP)
SIP
(SDN VE IP)
DIP
(SDN VE IP)
DIP
(SDN VE IP)
Payload
Payload
SDN VE Routing
 SDN VE directs traffic in the physical network based on virtual network policies and
VM locations
 uses standard VxLAN header format for framing virtual network traffic
 no need for IP multicast in the physical network
22
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
IBM Software Defined Network for Virtual Environments
Enabling the era of virtual networking
Provision multiple virtual networks on a common physical infrastructure using
IBM’s virtual overlay technology (DOVE)
Benefits
Key Features
 Faster time to value
 Deploy applications and network connectivity services faster
 Create networks as quickly as virtual servers through
automation
 Reduce OPEX




 Scale up or down
 Support up to 16 million virtual LANs
 Create and deallocate networks as needed
 Enhance security
 Eliminate error prone manual configuration when moving VMs
 Logically separate virtual networks for multi-tenancy
Centralized network creation vs. hundreds of physical switches
No change needed to physical infrastructure
Automate VM movement along with policies and configurations
Multiple hypervisor support for consistent virtual networking
IBM SDN VE is a multi-hypervisor solution
23
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
A comprehensive software-defined networking platform
network
access
control
path
optimization
cloud
integration
application
provisioning
NETWORK ABSTRACTIONS and APIs
network control
applications and
integration points
logical network models
and application APIs
network “system calls”
NETWORK SERVICES and ORCHESTRATION
global network view
OpenFlow
24
SDN VE
network runtime state
L2/L3 device
configuration
IBM SDN Strategy Overview | October 2013
topology
discovery
event
collection
logical – physical translation ,
arbitration, network-wide services
“drivers” for controlling network
devices and capabilities
© 2013 IBM Corporation
System Networking
Software Defined Environments – generalizing SDN
Software Defined Environments are workload-aware,
leveraging best practices with patterns of expertise
Simplified
Responsive
Adaptive
Continuous Optimization
Policies
Presentation
Tier
Application
Tier
Solution Definition
Data Tier
Software Pattern
Infrastructure Pattern
APIs
Software Defined Infrastructure
Infrastructure
25
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
IBM leadership in Open Source
Open  Standards based  Open Source
Enabling a rich ecosystem across all of our platforms and services
Client value: interoperability, agility, and flexibility
through a common cloud computing stack
250+ IBMers working on OpenStack
Client value: unified, open, interoperable SDN platform, so
clients can evolve to SDN with confidence that solutions
will be interoperable
IBM platinum member
Client value: ensure cloud users have freedom of
choice, flexibility, and openness they have with
traditional IT environments
400+ organizations participate, IBM founding sponsor
Client value: provides as enterprise-grade, cost effective
and open virtualization alternative with KVM
IBM founding & governing Board member of both
organizations
and
600+ IBM developers contribute to the open source community
26
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
What is the Open Daylight Project?
Daylight is an open source project under the Linux Foundation
with the mutual goal of furthering SDN adoption and innovation
through the creation of a common industry supported framework.
Platinum
Gold
Silver
27
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
OpenDaylight community and code update
 Project bootstrapped with significant amount of working code available for download
– Cisco ONE controller with OpenFlow (~125K)
– BigSwitch Networks OpenFlow controller and virtualization app (~250K)
– IBM OpenFlow applications (~50K)
 New project proposals over the last 2 months
– Open DOVE (IBM)
– VTN – virtual tenant networking (NEC)
– LISP Mapping Service (ConteXtream)
– YANG tools (Cisco)
– OpenDefenseFlow (Radware)
– BGP and PCEP (Cisco)
– OpenFlow 1.3 (Ericsson, IBM, Cisco, Pantheon)
– Affinity Metadata Language (Plexxi)
– OVSDB Integration (Univ. of Kentucky)
– Plugin for commodity Ethernet switches (ITRI/Taiwan)
 Open community ; 3 well-attended “hackfests” in Bay Area and Portland
28
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
IBM involvement and contribution to Open Daylight
 IBM conceived of an open, industry-wide effort to create a common SDN platform
– Focused effort to identify participants across the networking, systems, and software industries
– Open Daylight launched in April 2013 with 13 member companies
 Leadership post-formation
– IBM elected as founding chairman of Open Daylight board
– IBM continues to coordinate OpenDaylight technical workstream meetings
 Code contributions
– Open DOVE – open source version of SDN-VE network virtualization for KVM and Open vSwitch
(target 3Q2013)
– OpenFlow load balancer and other applications
– Controller enhancements for performance, scalability, and improved routing/forwarding services
29
IBM OpenDaylight overview | October 2013 | Confidential
© 2013 IBM Corporation
System Networking
IBM SmartCloud offerings based on OpenStack
Related Standards &
Organizations
Using open, common, standards based architecture
providing choice, flexibility, interoperability,
portability
Clean upgrade paths with progression to fully
integrated and factory optimized PureApplication
System
Significant customer benefits above and beyond base
OpenStack
OSLC
CCRA
CIMI &
OVF
TOSCA
SmartCloud Orchestrator
Platform as a Service
SmartCloud Entry
Accelerate Service Delivery
Automate IT Delivery
Infrastructure as a Service
OpenStack APIs
OpenStack plus Enterprise Extensions
PureFlex System or Client Hardware
30
IBM SDN Strategy Overview | October 2013
PureApplication
System
Automate Optimized
Workloads
© 2013 IBM Corporation
System Networking
SDN integration with OpenStack Networking (Neutron)
 SDN (incl. OpenDaylight) provides an implementation for Neutron virtual network model
and APIs
 IBM System Networking is enabling our SDN portfolio for OpenStack Networking
(Neutron)
OpenStack networking manager
API
extensions
core Neutron
REST API
nova
(compute)
glance
(image lib)
cinder
(block stg)
neutron
(network)
Neutron plugin
SDN controller
(OpenDaylight)
…
VM
VM
31
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
Additional material
33
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
OpenFlow packet handling and flow tables
OpenFlow
switch packet
Packet
pipeline
Packet +
ingress
port +
metadata
Ingress
Port
In
Table
0
Empty
Action
Set
Match Fields
OpenFlow Switch
Packet
Table
1
Execute
Action
Set
Table
n
Action Set
Actio
n
Set
Instructions Counters Cookie Timeouts Priority
Opaque controller chosen value
Packet + byte counters
1.
Modify Action Set – example actions
•
•
•
•
2.
Modify processing pipeline
•
•
3.
4.
Switch
Port
34
Forward packet to port(s)
Encapsulate and forward to controller
Group
Drop packet
OpenFlow packet
matching and actions
Go to Table N
Send to normal pipeline
Meter
Write Metadata
MAC
MAC
Eth
VLAN
IP
IP
IP
TCP
TCP
src
dst
type
ID
Src
Dst
Prot
sport
dport
flexible TLV based match fields (OXM) – based on these fields + mask
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
Research activity in SDN / OpenFlow
IBM Research started a strategic initiative in data center networking in 2010
• global participation from multiple labs (US, India, China, Haifa)
• partnered with STG Systems Networking product division
• software-defined networking is one of the focus areas of the DCN strategic initiative
Flow replication / recovery
Cloud network services
Security integration
SDN applications
(selected)
network control apps, IT-network integration
SDN advanced
controller
capabilities
NETWORK OPERATING SYSTEM
orchestration, workflows, network services
network device control and
management (plugins / drivers)
SDN
Network fabric /
virtualization
35
application APIs, network abstractions
NETWORK APIs
IBM SDN Strategy Overview | October 2013
DOVE –
distributed
overlay
virtual Ethernet
OpenFlow mgmnt tools
Scalable, flexible, converged
data center fabric
© 2013 IBM Corporation
System Networking
SDN Adoption Options
SDN Edge Only
SDN Fabric Only
SDN Edge and Fabric
What elements use SDN?
• VMware & Linux vSwitch
• Gateway to non-SDN
• Physical switches
• Linux vSwitches
• Gateway to non-SDN
• Physical switches
• vSwitches across Hypervisors
• Gateway to non-SDN
• NEC, Big
IBMSwitch, IBM
• IBM
• Lack VMware & Microsoft
• Best of both worlds
Examples?
• Nicira/VMware,
Nicira, IBM
IBM
Issues?
• Lack end-end QoS
Legend:
36
36
Traditional network
IBM SDN Strategy Overview | October 2013
SDN
© 2013 IBM Corporation
System Networking
Workload redeployment and consolidation
• “consolidation without reconfiguration”
Enterprise
• in-place, automatic recreation of application
network ACLs, firewall policies, network
addressing
rule: allow 7.6.*.*
7.2.3.4
DNS
LDAP
7.3.3.4
App
Svr
App
Svr
network
configuration
capture
7.8.3.4
Web
Server
rule: allow 7.2.3.4, 7.2.3.5
7.3.5.4
7.9.3.4
7.2.3.5
Firewall
7.3.2.4
• reduce delays and errors due to network
configuration for each application workload
7.1.3.8
Firewall
Web
Server
• simplify workload consolidation and migration onto
PureSystems platforms
deploy
configuration
onto target
7.3.2.5
Firewall
rule: allow 7.3.2.4, 7.3.2.5
7.5.2.3
37
DB2
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
Software-defined networking ≠ network management
 SDN focuses on control over network packets / traffic
– routing, forwarding, QoS, access control, replication, failover
– SDN provides a programmatic interface to the control plane
– dynamic, real-time, convergence
 Traditional network management focuses on network devices
– configuration (SNMP / CLI), monitoring (RMON, Netflow)
– typically operate at longer timescales than control plane
 but .. SDN requires interaction with management plane functions
– device discovery, topology views, failure notifications, traffic stats, …
– OpenFlow includes some management functions for OF devices (e.g., topology, statistics)
38
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
Networks are a bottleneck for the data center
To align with business needs, IT needs to decrease network
provisioning time
Days
Minutes
VM provisioning
time
39
IBM SDN Strategy Overview | October 2013
Network
provisioning time
© 2013 IBM Corporation
System Networking
Data centers need network virtualization
93%
48%
?
Percent of
servers
virtualized
Use storage
virtualization
Use network
virtualization
Server and storage virtualization numbers for strategic data centers. Source: 2012 IBM Data Center Study: http://www.ibm.com/data-center/study
40
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
IBM DVS 5000V for VMware
distributed Layer 2 virtual switch for the VMware ESX 5.0 hypervisor
supports up to 350 VMware ESX Hosts/Hypervisors in a single distributed switch (DVS)
Managed via 5000V Control Module
Managed by network administrator
Managed via the vCenter
Managed via workload administrator
5000V Control
Module
(Virtual Appliance)
VMware vCenter
IEEE 802.1Qbg on the physical switches and 5000V maintains network state sync
between the physical and the virtual
DVS 5000V
V
V
V
V
V
workload
admin
V
V
network
admin
ESX 5+
41
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
IBM End-to-End Integrated Solution
LAN
> 700G
Uplink BW
24 FC Ports
for Storage
SAN
End-to-End Solution
1. Soft switches
2. High performance embedded switches
3. High bandwidth TORs
4. Dense Aggregation switches
5. Common iNOS software
Get more with less
1. Over 700G of uplink BW
2. Low oversubscription (1:1 –
2.5:1)embedded switches
3. High cross-sectional b/w within rack
4. High east-west bandwidth
5. Intelligent HW based ACLs and QoS where
they make sense
Do more with less
1. Scalable switching for pay-as-you grow
needs
2. Converged fabric which is VM-aware
3. Policy-based integrated system
management
42
42
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
Security response services
Enterprise or Cloud
• automated or advisory network
reconfiguration in response to detected
threats
• automated network reconfiguration response to
compromised hosts, reducing risk of spread
• rapid quarantine of compromised hosts,
VMs, apps
• fully automatic or advisory mode to allow admins to
approve actions
• automatic installation of additional traffic
filters, ACLs, etc.
• integrated with security analytics e.g., IBM QRadar
• reduce attack surface in response to detected threats
Security Analytics
• Events from VM / host
firewalls (iptables, ebtables)
• Events from VPN, IPS/IDS
• Integrity management
information from hosts and
guests
network events, scan results …
43
IBM SDN Strategy Overview | October 2013
Security
response
application
dynamic network reconfiguration actions
© 2013 IBM Corporation
System Networking
PNC Example Production Server Topology
IBM PNC Access Network
Floating IP1
eth0
IBM PNC
#1
eth2
eth3
bond0
(for managing the controller)
(SSH and SNMP)
bond0
For cluster (connected directly)
eth5
eth4
Floating IP2
Floating IP3
eth3
eth5
eth2
eth0
IBM PNC #2
eth4
IBM PNC Switch Network
(for controlling OpenFlow switches)
 Redundancy provided by:
– NIC active / backup type bonding
• Only one NIC performs communication in
normal mode
• When a failure occurs, standby NIC
performs communication instead
– Dual PNC server
• Redundancy enabled by an Active/Standby
system
• Heartbeat monitoring between them
• Failure detection with active to standby
failover
 20-30 second failover, triggered by:
– Heartbeat timeout (e.g. active HW failure)
– OS panic
– Active PNC failure
– Disk breakdown (RAID failure)
– Software failure – Reboot of IBM PNC. No
switch to alternate IBM PNC instance.
– User space stall monitoring
No service interruption if rebooting active and standby separately.
44
44
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
IBM SDN VE connectivity service for existing infrastructure
VM
VM
VM
VM
VM
VM
IBM SDN VE vSwitch
IBM SDN VE vSwitch
Hypervisor
Hypervisor
Applications in IBM
SDN VE
IBM SDN VE
Virtualized Network
IBM SDN VE IP
Gateway
IBM SDN VE VLAN
Gateway
Layer 2 Network
ADC
ADC
ADC with Virtual IP
WAN
•
•
•
•
45
Engaged with multiple partners to provide connectivity service
Connectivity service with non-IBM SDN VE aware products via gateways
Connectivity service with IBM SDN VE aware products
Planned for Jun 2013
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
Ex: Accelerate Hadoop service update
With Optimized Deployment using Software-Defined Environments
LoB
Developer
Develop Hadoop fraud detection app
Role
Progress software delivery from Sandbox
to Limited Live environment
Requirements
Deployment for Limited Live Service
No SLA
Low/Medium Query Load
46
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
Ex: Accelerate Hadoop service update
With Optimized Deployment using Software-Defined Environments
LoB
Developer
Build Software Pattern
Role
Define software pattern capturing best
practices for Hadoop service
Specify required resources, interactions,
SLAs
Hadoop
Expert
Capabilities
• Name Node, Job Tracker cluster of Data
Nodes/Task Trackers
• Data requirements and sizing and
expected runtime requirements
Requirements
Storage: 500GB / 1500 IOP/s
Data Nodes/Task Trackers: not applicable
Data Nodes: 1TB Storage/High IOPS
47
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
Ex: Accelerate Hadoop service update
With Optimized Deployment using Software-Defined Environments
LoB
Developer
Build Infrastructure Pattern
Role
Define required resources in the cloud to
meet the needs of the Application
Developer
Resources
Hadoop
Expert
• 22 VMs with 16GB RAM
10 GB Network
Requirements
20VMs on same Power Systems rack
20VMs on host with DAS
IT
Expert
48
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation
System Networking
Ex: Accelerate Hadoop service update
With Optimized Deployment using Software-Defined Environments
LoB
Developer
Software Defined Infrastructure
Automated resource optimization driven
from workload definition
Optimal placement of server, storage
and network resources based on
workload requirements
Hadoop
Expert
Assessment of workload resource
requirements in consideration of
other workloads
IT
Expert
Adjustment of resources based on
changing needs and environment and
workload demands
Software
Defined
Infrastructure
49
IBM SDN Strategy Overview | October 2013
© 2013 IBM Corporation