Bruce Davie, former Cisco Distinguished Engineer and now Principal Engineer in the Networking & Security Division of VMware via Nicira, did a pretty good job at confusing the audience this week at the Open Networking Summit (ONS) during his presentation. While most other presenters talked about Network Virtualization as an application of Software Defined Networking (SDN), Davie wanted to state repeatedly they are different and that network virtualization is possible without SDN. This is true, and unlike most vendors, he was actually trying not to SDN-wash. Shouldn’t that be a good thing?
For anyone that’s been following the SDN space for a while knows that this falls in line with what Martin Casado, OpenFlow creator and Nicira co-founder, has stressed over the years -- Nicira’s goal is/was to virtualize the network, not evangelize or sell Software Defined Networking (SDN).
Here is the thing. It is possible to deploy network virtualization without SDN and without a controller. For example, in the current vCNS VMware networking architecture (pre-Nicira), it is possible to deploy VXLAN along with vShield Edge and App appliances. You can also deploy Cisco Nexus 1000V with vPath, VXLAN, ASA 1000V, and VSG. These designs offer properties of the physical network in the virtual network by abstracting the underlying network hardware deployed via overlay protocols (w/ mcast) and NFV (network functions on VMs) with centralized management and integration to Cloud Management Platforms.
With Nicira networking, a controller is used as the control plane in that it manages the proactive setup of certain flows by creating MAC to VTEP entries (using VXLAN as an example; STT could be using different terminology). The solution also offers gateways to get from the overlay to the traditional/legacy world and then other nodes that are used for controlling BUM traffic. Does what they are doing make the Nicira solution SDN or simply a control plane for an overlay encapsulation protocol that compliments local MAC learning?
By the most concrete and succinct definition given at ONS, it may not be SDN. This definition was that of Nick McKeown, Professor at Stanford, co-founder of Nicira, Board Member at the Open Networking Foundation (ONF), and PhD advisor to Martin Casado. The definition went something like this: SDN has two properties (1) physical separation of the control plane and data plane and (2) a single controller (control plane) can control multiple devices.
The control plane Nicira developed adds entries to the already existing MAC table in Open vSwitch. So, OVS still performs local MAC learning. It still has a control plane, no? If this is incorrect, please let me know. Nicira also handles BUM traffic with their complementary control plane. The point – there is still a local control plane on each switch – Nicira did not want to re-invent basic functions of switches as can be inferred from reading several articles by Nicira and Casado at Network Heresy.
However, since their controller cluster is integrated to Cloud Platforms such as OpenStack, it could be possible to fully extract each switch’s control plane and manipulate the MAC/flow tables as new VMs are created, moved, etc. Maybe we’ll see it evolve to this; because of their current architecture, it is already completely possible to accomplish though. They would only need to write their own control plane to replace local MAC learning.
But, other vendors are leveraging controllers to manage overlays like Nicira and selling it as SDN while Nicira sells the Software Defined Data Center (SDDC). The way each enables MAC to VTEP manipulation or any type of control plane could be different. That would be a point to compare between different network virtualization solutions.
Personal perspective: While Nicira executives may like to really be specific on Network Virtualization vs. SDN, you know their sales teams are in fact selling SDN solutions today regardless of what is written or said at public conferences.
Based on McKeown ‘s definition, here are two closing questions. (1) Can a switch that performs MAC learning be called SDN? (2) Can a MAC table exist on a switch and be called SDN?
At the end of the day, what really matters? If network virtualization fixes the problem and it’s not with OpenFlow or SDN, should that matter?
As usual, if anything is not accurate as stated, please let me know.
Related links:
Thanks,
Jason
Twitter: @jedelman8
Here is the thing. It is possible to deploy network virtualization without SDN and without a controller. For example, in the current vCNS VMware networking architecture (pre-Nicira), it is possible to deploy VXLAN along with vShield Edge and App appliances. You can also deploy Cisco Nexus 1000V with vPath, VXLAN, ASA 1000V, and VSG. These designs offer properties of the physical network in the virtual network by abstracting the underlying network hardware deployed via overlay protocols (w/ mcast) and NFV (network functions on VMs) with centralized management and integration to Cloud Management Platforms.
With Nicira networking, a controller is used as the control plane in that it manages the proactive setup of certain flows by creating MAC to VTEP entries (using VXLAN as an example; STT could be using different terminology). The solution also offers gateways to get from the overlay to the traditional/legacy world and then other nodes that are used for controlling BUM traffic. Does what they are doing make the Nicira solution SDN or simply a control plane for an overlay encapsulation protocol that compliments local MAC learning?
By the most concrete and succinct definition given at ONS, it may not be SDN. This definition was that of Nick McKeown, Professor at Stanford, co-founder of Nicira, Board Member at the Open Networking Foundation (ONF), and PhD advisor to Martin Casado. The definition went something like this: SDN has two properties (1) physical separation of the control plane and data plane and (2) a single controller (control plane) can control multiple devices.
The control plane Nicira developed adds entries to the already existing MAC table in Open vSwitch. So, OVS still performs local MAC learning. It still has a control plane, no? If this is incorrect, please let me know. Nicira also handles BUM traffic with their complementary control plane. The point – there is still a local control plane on each switch – Nicira did not want to re-invent basic functions of switches as can be inferred from reading several articles by Nicira and Casado at Network Heresy.
However, since their controller cluster is integrated to Cloud Platforms such as OpenStack, it could be possible to fully extract each switch’s control plane and manipulate the MAC/flow tables as new VMs are created, moved, etc. Maybe we’ll see it evolve to this; because of their current architecture, it is already completely possible to accomplish though. They would only need to write their own control plane to replace local MAC learning.
But, other vendors are leveraging controllers to manage overlays like Nicira and selling it as SDN while Nicira sells the Software Defined Data Center (SDDC). The way each enables MAC to VTEP manipulation or any type of control plane could be different. That would be a point to compare between different network virtualization solutions.
Personal perspective: While Nicira executives may like to really be specific on Network Virtualization vs. SDN, you know their sales teams are in fact selling SDN solutions today regardless of what is written or said at public conferences.
Based on McKeown ‘s definition, here are two closing questions. (1) Can a switch that performs MAC learning be called SDN? (2) Can a MAC table exist on a switch and be called SDN?
At the end of the day, what really matters? If network virtualization fixes the problem and it’s not with OpenFlow or SDN, should that matter?
As usual, if anything is not accurate as stated, please let me know.
Related links:
Thanks,
Jason
Twitter: @jedelman8
RSS Feed
