Wednesday, December 21, 2011

The Case for a Distributed Software-Defined Networking Control Plane

- Joel Brand, vice president of marketing at ConteXtream

Software-Defined Networking (SDN) is a novel approach coming out of Stanford University for constructing cloud networks using new virtualization concepts. It liberates the design of connectivity from the limitations of traditional hop-by-hop, line-configured, virtual bridges (VLANs) and routers (VPNs) when constructing multi-tenant and virtual-machine-based clouds in order to support dynamic environments where resources can be spun up/down and move around at will. As with all new architectures, it allows the industry to leverage more updated principles such as map-reduce and Hadoop for scaling connectivity, learning, and forwarding at any layer.

SDN: The Early Days
The early and simple interpretations of the theoretical model proposed by the academia for SDN face some severe practical limitations. To begin with, they are not designed to map onto existing networks. Instead, they are designed to completely replace relatively simple and homogenous networks, by heavily relying on an unlikely unified OpenFlow implementation across the board. Furthermore, they implement a trivialized model of a centralized controller that is extremely sensitive to topology changes of thousands of links that will inevitably result in loss of synchronization between the momentary view of the controller and the actual data plane – binding cloud virtual networking to the very physical constrains it needs to transcend.

While the commercial SDN controller products are depicted outside of the data path, in reality they must receive significant amount of traffic such as the first packet on every flow. This allows these controllers to correctly set the forwarding rules in the data plane. Clearly, a centralized controller model introduces reliability and security problems as a choke-point in the network. And, while the SDN model is touted as ‘open’, centralized controller implementations lock the customer to a specific vendor both in the control and the pre-integrated OpenFlow Data-path. Integrating different controllers would be the equivalent of integrating an Oracle and DB2 databases to the same schema. Quite unlikely.

Ethernet Fabric Schemes
With the introduction of Ethernet fabric schemes, leading switch vendors took initial steps toward the implementation of a fully distributed control plane that is embedded in every node in the data path. While these solutions improve flat networking scalability, they are still bound to limitations of traditional virtual bridges and routers protocols, and their spine-focused implementation mandate a de-facto single vendor solution. This rigidity does not address the new requirements of cloud networking for multi-tenancy and elasticity. A combined and field-tested philosophy of fully distributed control plane can be applied to SDN in order to address network virtualization and L4-7 functions (such as load balancing to facilitate elasticity). Such overlay distribution practice is physical topology agnostic, thus leverages any bridged or routed network already in place. This model can also easily adapt to a range of existing and new APIs, such as OpenFlow, to control elements of the underlying networks.

In addition to preserving network investment, a fully distributed control model offers the ultimate robustness as it does not introduce any new point of failure. Furthermore, it ensures perfect synchronization between the control and data planes as these are physically collocated. Unlike a centralized controller, it can be implemented using simple enhancements to existing standards and technologies such as Location-ID Separation Protocol (LISP) and Distributed Hash Tables (DHT) that ultimately could offer vendor interoperability.

ConteXtream Implementation of the Distributed Control Plane
Based on the principles of SDN, ConteXtream recently announced the launch of the ConteXtream Grid, a distributed virtual L4-7 switch that works as an overlay on existing networks to connect an unlimited number of endpoints to a flat network. ConteXtream Grid creates a natural separation between networking and compute at the top-of-rack in the data center and fundamentally changes the way cloud providers can address elasticity, multi-tenancy and scale challenges.

The commercially-available ConteXtream Grid is different from other proposed SDN solutions in many ways, but most notably through the implementation of a fully distributed control plane as opposed to reliance on a centralized controller. Its distributed control plane maintains autonomy of network elements to increase reliability and security, eliminate network chokepoints and prevent vendor lock in.

With ConteXtream’s network virtualization software, customers can offer tenants sophisticated networking and security services, achieve optimal utilization of physical resources, reduce capital costs for network infrastructure and drive down operational expenditures. ConteXtream Grid provides cloud and managed hosting companies with the type of advanced network virtualization that cloud pioneers, such as Amazon and Google, have built for themselves.

No comments:

Post a Comment