Lippis Report 191: What I Learned at the Open Networking Summit about Software-Defined Networking
On March 30th I met with Dave Husak, the Founder and CEO of Massachusetts Software-Defined Networking (SDN) start-up Plexxi, along with two other employees. For those who don’t know Dave, he’s intense and driven. Out of this two-hour meeting, Dave provided the inspiration to describe SDN as the third epoch of computer networking. In a nutshell, the first epoch was IBM mainframes and SNA, the second is client-server computing and LAN/WANs, with the third being mobile plus cloud computing and SDN. After attending the second Open Network Summit (ONS) last week to sold-out crowds, the main question I walk away with is this: is SDN the third epoch or a new set of features added to layer 2/3 networking? In other words is SDN a new disruptive market or a high-end networking technology like InfiniBand? In this Lippis Report Research Note, I share the top ten observations at ONS and answer the above question.
Gaining Control and Visibility of Web 2.0 Applications with Broadcom’s App-IQ
First Epoch: The first epoch of computer networking started in the mid 1950s with mainframe computers and the first version of sneaker net, that being batch followed by Binary Synchronous Communication (BSC) and SNA over multipoint lines. The public switched network was based upon circuit switching and the national entertainment network as analog broadcast with all but three or four channels. The Internet was non-existent. IBM states that in the past 30 years, businesses have invested some $20 trillion in labor and money in developing CICS and IMS over SNA applications. But by the mid 1980s, IT business leaders were growing increasingly frustrated with this computing model’s high cost plus long application development times, which were often over budget and feature deficient. In short, SNA was viewed as not flexible or too rigid to support a new computing model. Alas the first epoch’s reign of 35 years was coming to an end.
Second Epoch: During the mid 80s, personal computing was heating up, marked by Apple’s 1984 Super Bowl commercial. At the same time, Ethernet hubs were available and growing as the infrastructure for client-server computing. TCP/IP was standardized in this time frame, which defined the second epoch of computer networking as Routing and Switching aggregated traffic and forwarded layer 2 and 3 (L2/L3) packets. This was the golden internet age of networking. This model was/is so powerful that it’s the core of the public switched telephone network, mobile network and national entertainment network. You can’t say that the second epoch is over but you can hear IT business leaders complain loudly that the network is in the way of their needs and business desires to spin up and down applications, move workloads, etc. The same complaints that were voiced in the 1980s are starting to be said now; network operational cost is too high and that networks are not flexible or too rigid to support a new computing model. So is the second epoch’s reign of 35 years coming to an end?
New Active-Active Ethernet Fabric Test and Flexible Schedule
Third Epoch: Computing drives network architecture and over the past few years, computing has fundamentally changed to mobile and cloud with virtualization providing compute density and efficiency. Networking’s Third Epoch is the era in which we are living today, the era of network programmability, and in particular SDN, which enables the democratization of network application programs and features. With SDN, the notion of layering in the forwarding plane in network switches disappears. Indeed the switches become protocol-ignorant, while layering remains meaningful in hosts and at transition points between networks with different control mechanisms. On the computing side, this is the era of mobility, virtualization and the cloud, with applications finally freed from having to be aware of specific details of network plumbing, like IP addresses and ports.
But established vendors such as Cisco, Juniper, HPN, IBM, Brocade, Dell, Arista, Avaya, Alcatel-Lucent, Extreme and others are dialed into the new network requirements. While most of the above firms have either announced their support of OpenFlow and SDN, many will offer programmable Layer 2/3 networks to address 80% of IT business leader requirements, slowing down SDN deployments. Also remember architectural shifts take a long time to materialize.
Arista’s Jayshree Ullal on Software-Defined Networking
So is SDN the third epoch or a new set of features added to layer 2/3 switching/routing networks? My top ten observations from attending this year’s ONS may help answer the question.
1) It’s All about OpEx: Early SDN messages were about cheap switching products from Asia being controlled by sophisticated controllers from the likes of Big Switch Networks, Nicira, NEC, et al. But SDN is all about reducing the cost to operate networks. Consider this: it takes one engineer to manage 8,000 nodes in a mobile network but it takes one engineer to manage 75 nodes (switches or routers) in an enterprise network. The industry has prided its self on a value prop based upon capital cost being 25%, operational cost at 60% and facilities being 15%. Centralizing network control is all about reducing operational cost, and if capital cost gets cheaper too, then so be it, but it’s not the driver.
2) First Virtualize then Customize: It’s becoming apparent that SDN pilots and early implementations are all about virtualizing the network. Yes, we have had network-virtualizing technologies for years with VLANs, MPLS, VRF-Lite and Cisco’s latest Easy Virtual Network, but SDN does it without the huge operational cost of configuring each switch and/or router, and there is complete separation of the address space. There are many requirements for virtualizing the network, including offering unique attributes to common users, segmenting departments and businesses, delivering multi-tenant services, and even offering each employee his/her own virtual network where credentials are checked and IT services allowed; this is huge for BYOD and mobile employees. Once a network is virtualized, these logical networks can be customized, thanks to layer 4-7 services being moved into the virtualization domain. This flexibility is huge in the enterprise campus, data center and service provider markets.
Infoblox Launches First Software-Defined Network Product in Automation Tasks Board Tools
3) Limited Number of Real SDN Implementations: There are only approximately 30 to 60 SDN projects taking place around the world, a small number, so expect limitations and setbacks in SDN promises being made.
4) New WAN: One of the highlights of ONS was the keynote from Urs Hölzle, SVP Technical Infrastructure and Google Fellow. Urs demonstrated SDN in the WAN with a custom built 10GbE switch via merchant silicon equipped with 100s of ports of non-blocking 10GbE, OpenFlow support, Open source BGP, ISIS and scale to Tbps. What was striking about this is the reported improved re-route time, convergence time, increased performance and reliability plus greater control and flexibility afforded by SDN in the WAN than offered by traditional hop-by-hop routing.
5) Can SDN Move Down Market? Early SDN adopters and promoters are the largest of data center owners such as Google, Yahoo, etc., that were represented at ONS. The question is can SDN move down market? Only a few firms can afford to build their own 10GbE switch and experiment over the wide area as Urs did at Google. Yahoo!’s principal architect, Igor Gashinsky, was hopeful to be able to access the Linux kernel of switching and routing devices for greater programmability, but there aren’t too many IT organizations that would enjoy that opportunity. But many may find what Igor builds interesting and potentially useful if it was made available to others.
The Critical Role of the Network in Big Data Applications
6) Wither OpenFlow? While OpenFlow has enjoyed much industry discussion, privately, many firms, both large and small, expressed that OpenFlow is all but one approach or mechanisms available to program switches.
7) VMware Has a Big Hand to Play: It’s becoming clear that VMware has a huge hand to play in the emerging SDN market. vSwitch, a VMware innovation, started the SDN and network virtualization journey. Its vDS enabled pooling of network ports across clusters via aggregation of vSwitches. To extend or overlay layer 2 virtual networks over layer 3 boundaries, it jointly developed VXLAN with Arista, Cisco, RedHat, Citrix, Intel, et al, and is now a draft IETF RFC. VXLAN extends large layer 2 VM domains well beyond the 4K VLAN limit to 16 million. It is touted as a key standard that avoids proprietary overlay networks plus allowing VM domains to span virtual and physical networks. In addition, its vCloud Director enables alignment of elastic compute and networking diameters. Via vShield, VMware has added virtual firewalls, load balancing, VPN, IPAM, hybrid cloud extensions, and the ability to logically insert partner services, like IDS/IPS and WOC or WAN Optimization controllers. With this growing SDN stack, VMware is in an excellent position to offer APIs to application developers exposing virtual network topologies and other stateful information.
OpenScape Unified Communications Interworking with, complementing, and extending the value of Microsoft products
8) Network Influence/Control Shifts to Virtualization Domain: There are two tectonic shifts that potentially threaten networking as we know it and networking professionals. The first one is the migration to technologies that recognize the relevance in the hypervisor switch of L2/L3 designs. The second shift is L4-L7 services that are cost optimized and compatible with VMs. Let me explain.
With OpenFlow, Open vSwitch and Quantum providing the base network virtualization tools for KVM, Virtual Box and Xen while VMware providing its own tools mentioned above, a shift in network control or balance of power is occurring into the virtualization domain. When networks are virtualized, they can stay in the virtualized domain, traverse physical layer 2/3 networks or some combination of both.
Broadcom App-IQ Technology for Web 2.0 Application Intelligence in the Enterprise Edge Network
At the heart of virtual networks is how they traverse physical switches and routers. There are layer 2 tunnels and layer 2 over layer 3 tunnels such as VXLAN and NVGRE. There is OpenFlow in “native” mode, which is OpenFlow supported by all of the switches and routers in a network, and OpenFlow in “overlay” mode where only the hypervisor switches are OpenFlow enabled, and the OpenFlow network is overlaid on the physical L2/L3 design using tunnels. Nicira does overlay mode using its custom STT tunneling technology. Big Switch uses plain vanilla OpenFlow so that it supports overlay and native as well as hybrids of the two.
Both firms envision networking being provisioning and controlled from the virtualization domain where virtual networks are created, managed and layer 4-7 services administered. If and when this model comes to fruition then physical networking becomes less strategic as network services move to the virtualization domain. Firms with large virtualized data centers like this model as they have stranded CPU resources, thanks to memory limitations in virtualized servers. Layer 4-7 network servers are CPU intensive but use little memory, a perfect fit to move these services in to the virtualized domain; a sunk cost that is already being managed. In essence, they view it as getting Layer 4-7 services for free.
At ONS, there were many firms offering virtualized layer 4-7 services such as: vArmour with its distributed firewall, Embrane providing layer 4-7 virtualized services, Radware with its load balancer and firewall, LineRate with its ADC, and don’t forget Cisco, F5, Brocade and many others that have virtualized their Layer 4 -7 appliances.
9) SDN Definition…or What You Thought It Was…Will Be Totally Different Next Year: The definition of SDN as an OpenFlow interface on virtual and physical switches that are controlled by a centralized controller will be totally different next year. As Cisco, IBM, Dell, Juniper, HP, Arista, ALU and others wrap their minds and product lines around SDN, it will take a decisively different shape.
Cisco’s CTO and Chief Architect of the Service Provider Division, David Ward provided a glimpse of things to come as Cisco provides programmatic interfaces in a hope to provide new services and functionality by augmenting existing network control, management and forwarding state. Cisco and all networking firms will offer ways to program L2/3 networks and expose network intelligence to applications. Juniper, for example, offered an SDN over Qfabric option to consider. IBM offered a way to ease control of a converged data center fabric of storage and networking with SDN. Dell offered a multi-tenancy data center solution, thanks to an OpenFlow-based SDN.
10) Pervasive SDN: ONS presentations demonstrated pervasive SDN use cases that spanned the service provider market, cloud computing facilities, enterprise campus networking, wide area networking, data centers and mobile infrastructure. Each use case was driven by the centralization of control to both reduce operational cost and increase functionality. In short, SDN promises to reap more from networking at lower operational cost.
So is SDN the third epoch or a new set of features added to L 2/3 switching/routing networks? From what I learned at ONS, you can make the case for both, but pay close attention to observation number nine, that is “SDN Definition…or What You Thought It Was…Will Be Totally Different Next Year” is key. The networking industry is in hyper-innovation mode, embracing SDN concepts such as exposing network intelligence to applications, exploring programmable networking and SDN-like architectures where more control is centralized to reduce operations. I get the feeling that SDN is the third epoch, but as it’s cranked through the meat grinder of the industry, it will take on a form and shape that is indistinguishable from its current form. What do you think?