Network infrastructure of DPC – modern transport of information flows

In recent times the network of a data processing center represented fast and scalable local network which connects all equipment of DPC, mainly, servers. However a talk on Ethernet speeds became a private, at all not most debatable question recently. The traditional centralized model of DPC assuming that all data, services and applications are concentrated on one platform which provides the guaranteed levels of availability and data security remained, perhaps, only with the small organizations. In general construction based on the uniform centralized DPC is succeeded by the concept of network of DPCs.

Keep within this new concept as the geographically distributed structures of the main and reserve DPC connected by high-speed links of communication in the uniform computer system, and hierarchical complexes of regional and peripheral DPCs and also the hybrid constructions integrating local and cloud storage areas and data processings. Being guided by these trends in moods of owners of DPCs, analysts of Gartner in the research Magic Quadrant for Data Center and Cloud Networking 2020 note, began to expand functionality of visibility of network, network the politician and also abilities to manage with network for support of the workloads located in public clouds.

In a research the sign trend is noted: by 2023 10% of the enterprises completely integrate network activity of data processing centers into "pipelines" of continuous integration of CI/CD (Continuous Integration/Continuous Delivery). At the beginning of 2020 this activity was practically at zero level.

The happening changes should change significantly in the next years network infrastructure of corporate DPCs. However these changes will happen against the background of a significant trend which already gains strength in all the world, - transition to the principles of a program opredelyaemost in network infrastructure.

Software-defined networks: approach is developed

From the point of view of networks, in DPCs action of current trends was shown in distribution of software-defined SDN technologies and technologies of virtualization of the network NFV functions, - Alexey Malyshev, the founder and the CEO says SONET.-Today leading manufacturers of network infrastructure of DPC offer the next generations of deeply worked network factories which work rotates around applications. Now customer requirements to business applications are at the head of a corner that significantly increases efficiency of workflows and allows to move on route digital transformation at all levels of modern business.

Architecture of SDN. Source: Open Networking Foundation

The concept of software-defined network SDN (Software-defined Networking), consists, according to the principle of a program opredelyaemost, in separation of level of network management (Control Plane) from the transmission level of these (Data Plane) and implementation of functions of network management of a program method using virtualization of computing resources. Data management at the same time is transferred to the controller that allows to simplify switches, having removed from them computing loading.

Source: Cisco

One of methods of implementation of network virtualization — as the application which works based on the SDN controller uses the basic protocol of software-defined network OpenFlow and the politician, redirecting flows to the matching virtual network defines virtual networks on the basis, using Parts L1-L4 of heading. This approach is often called the network virtualization based on the switching matrix.

Network virtualization based on the switching matrix. Source: VMware

The SDN controller is a brain of software-defined network, Dmitry Chindyaskin, the head of technical directorate of AiTeco tells:

It is a certain central supervisory console on which information from network devices is flown down, the decision on optimization of settings is made and the centralized configuration change is executed.

Such approach means an opportunity to manage network at the level the politician of applications and provides integration with cloud platforms of orchestration.

Thus, management of network infrastructure which becomes more transparent and effective becomes simpler, and transfer of data management on the controller gives the chance to simplify switches, having removed from them computing loading.

Problems of automation of switching of traffic and software-defined networks are implemented first of all because of growth of volume of traffic and the need for flexibility of response to changes which should be connected as with applications, and consumption, - Vladimir Leonov, the technical director of AMT Group notes.

From technology about which speak much, but very few people use the software-defined network in recent years turned into the main technology for implementation of seamless integration of private and public clouds, creation hybrid and multiclouds, the automated deployment of workloads, migration of applications or their components in a cloud, ensuring uniform security policy with zero level of trust for workloads of any type (virtual machines, containers, physical servers, etc.), increase in transparency in network, implementation of supervision and continuous control of compliance.

According to IHS Markit, as of the end of 2019 of 38% of North American DPCs already implemented network infrastructure based on SDN. In the Russian companies approximately the same situation. By estimates of AiTeco company, the number of the DPCs constructed in recent years using the SDN controller is about 40:60 for benefit of conservative approach.

At customers conservative approach to management of network infrastructure remains, - Dmitry Chindyaskin notices. - Such customers use modern solutions at creation of network infrastructures, but regarding management apply classical approach using the command interface.

Most large corporate networks are configured on business challenges which do not require and do not assume big flexibility. Their main objective – continuous, smooth operation, - Stanislav Cherkov, the head of infrastructure solutions of CROC company considers.

For example, changes in the IT infrastructure servicing a banking system, as a rule, are strictly regulated.

The commercial and state organizations, generally use complete solutions from vendors. The commercial organizations are static and conservative, they need the predictable solution with a certain level of service and guarantees.

For example, Cisco ACI which allows very quickly can be an example of such solutions and with the minimum experience to start and operate factory of switching of traffic, or the complete solution VMware integrated with the systems of virtualization. A shortcoming at these solutions some, the expert believes, – high cost.

Software-defined networks allow to integrate flexibly different DPCs among themselves and public cloud providers. Besides, SDN solutions were firmly justified in e-commerces: an opportunity quickly and flexibly to configure networks under the current loadings is highly demanded in this business. All spheres which are connected with wavy connection of users also already estimated pluses of software-defined networks and their flexibility.

But even in the companies with traditionally static infrastructure DevOps-divisions appear today, and for them there is relevant too a flexibility which is offered by SDN.

Even if yet not for production environment, and for DevOps-segments is already explicit trend, - Stanislav Cherkov notices.

Besides, there are two big segments in the field of IT infrastructure to which "the doctor prescribed" use of SDN. First, it is software-defined balancers of loading.

They allow to do very flexible load distribution when the company uses "мультиклауд" - works at the same time and with several public clouds, and with a frequent cloud, - Stanislav Cherkov explains.

Secondly, SDN provides an opportunity to granulyarno configure security policies, it is possible to manage access rights then at the level of a segment or even the virtual machine.

Thus, it is possible to manage security parameters in a private cloud, in a public cloud and also interaction of segments within a hybrid cloud, etc, - Stanislav Cherkov emphasizes.

As the expert believes, information security and performance improvement of networks are an essential incentive for implementation of SDN in those companies where the flexibility of a system is not so important.

Using software-defined networks it is possible to manage traffic including at the level of containers, - Stanislav Cherkov notes.

Evolutionary process of implementation of SDN

The movement towards full-scale implementation of SDN restrains a load of legacy IT infrastructure. For this reason the main care of operators and companies is in providing transformation of traditional networks in SDN solutions, having minimized impact on the existing services and volume of required investments. A method most popular today – the organization of the new network structure imposed over old physical using the SDN controller.

Source: Cisco

For virtualization implementation in this case encapsulation and tunneling for creation of the numerous topology of a virtual network imposed on typical physical network is used. This approach is often called the network virtualization based on imposing. Recently for the organization of such network virtualization the protocol of the virtual expanded LAN (VXLAN) is used.

Architecture of VXLAN. Source: Arista

VTEP - VXLAN Tunnel End Point. VTI - VXLAN Tunnel Interface. VNI - Virtual Network Identifier

The imposed network is created using software, for example, of virtual switchboards which can be created in a hypervisor, or using the imposed software which is started from within the virtual machine. In other words, over traditional network which just provides connections of devices the logical network providing automatic configurations is created.

Thus, when using of the imposed infrastructure due level for readdressing and separation of management is provided, and use of the SDN controller gives the chance to centralize network politicians, to virtualize and to flexibly plan network resources. As services and resources are exempted from the restrictions connected with their physical location it allows to create big logical network Level 2 where resources of DPC will be shared.

The second option of implementation of architecture of SDN - adding of hardware switches which maintain complete programmability and provide automatic configuring.

Dmitry Chindyaskin notes that the increasing number of customers began to look towards the solutions constructed on the basis of control of the controller. Really, their application reduces time required on making changes in a configuration, and risk of an error of the configuration connected with a human factor. Plus to it operating costs of maintenance by infrastructure at the expense of the intuitive graphical interface of management which allows to manage infrastructure without skills of deep understanding of work of network protocols are reduced. Troubleshooting in network infrastructure of DPC thanks to existence of monitoring from an intellectual component becomes simpler.

Such software-defined networks are ready to transition to completely software-defined DPCs, infrastructure of DPC becomes flexible and is ready to adapt in the shortest possible time under requirements of business, - Dmitry Chindyaskin emphasizes. - SDN controllers have open API which allow to be integrated with other platforms and to use additional resources of automation.

From proprietary solutions – to openness

Ideally SDN technologies are considered as an opportunity to reach vendoro-independence, having provided support in one network SDN of the equipment of different producers. However, the reality is still far from an ideal.

Open SDN solutions which combine different producers for receiving an optimal combination of the price and quality are distributed in the operators proposing cloud solutions for the broad market of customers at the moment, - Vladimir Leonov tells.

These companies, as a rule, locate own staff of programmers who are capable to write the necessary functionality, but not to expect until it makes vendor.

In spite of the fact that vendors gradually address practice of release of the software modules of software without binding to the equipment, after all currently, Vladimir Leonov considers, the question of openness and leaving from the closed vendor solutions is open. The solutions SDN remain significantly vendoro-dependent. However, intentions of bigger compatibility and openness are declared by all.

Huawei

In the magic quadrant of Gartner Magic Quadrant for Data Center and Cloud Networking published in June, 2020, the Huawei company is carried to the class Challenger. The main idea of network solutions of Huawei – openness and compatibility with solutions of other vendors. They are implemented in the solution Huawei Cloud Fabric which includes the open network architecture constructed on open components, the open controller and an open partner ecosystem where the principle of complete interchangeability is regarded as of paramount importance.

The core of the solution Huawei Cloud Fabric, Agile Controller for DPC networks and the CloudEngine switches for DPC are the open API allowing to implement integration and interaction not only into the corporate solution Huawei FusionSphere but also with cloud platforms based on the open OpenStack platform. They are offered by third-party developers among whom there are Microsoft, Hewlett Packard Enterprise and Red Hat.

Products of Huawei are constructed based on an open architecture. For example, Agile Controller is compatible to the open platform for the organization of work of OpenDaylight and Open Network Operating System (ONOS) SDN networks, the operating system with the open code intended for creation of solutions of SDN/NFV. Besides, the Huawei CloudEngine switches became the first-ever platform for data processing centers which was certified on compliance to the OpenFlow 1.3 interface.

Analysts of Gartner note that Huawei offers extremely economic switching products in comparison with other participants of this research. At the same time the intelligent network of data processing centers of AI Fabric from Huawei well is suitable for the high-performance computing requiring zero losses of packets and networks with a low delay, for example, for support of algorithms of machine learning.

The company sees further development of this direction in further integration of network equipment with computing resources, for example, for enrichment of program switches useful data from different external sources, for example, this for recognition of threats of information security.

Dell EMC

More than six years ago the Dell Technologies first company among network producers took a step to open networks, having like the revolutionary idea — to separate a hardware platform of network equipment from the software to expand possibilities of clients.

Then the concept of open networks of Dell EMC based on a new network paradigm which, according to Mikhail Orlenko, gave to users the chance to refuse proprietary network hardware and software systems which often were monolithic and expensive was formulated.

Open Networking initiative, among other, provided equipment suppliers with more standardized approach which is based on joint design using ready chips. And disaggregated approach for rack switches in a data processing center gives the chance to equipment suppliers and to software to concentrate attention on specifics of implementation specific solutions in which they specialize.

Today the portfolio of the Dell EMC PowerSwitch switches for open networks of DPC contains more than 15 models with support of all popular speeds of Ethernet used in DPC: from 1GE to 400GE. These switches provide support of various operating systems: in addition to two own OS (SmartFabric OS10, Networking OS9), five OS from technology partners and two OS with an open source code (SONiC from Open Compute Project and OpenSwitch from Linux Foundation).

The choice of OS depends on business challenges of the customer, his assessment of capital costs and risks. Also influences the choice whether the customer is going to pass to practicians of DevOps in the IT infrastructure or remains committed to traditional approach, - Mikhail Orlenko comments.

Besides, in Dell EMC portfolio - devices of universal access (uCPE) Virtual Edge Platform for solutions of the global SD-WAN and NFV software-defined networks supporting a broad spectrum of software from different producers, and SD-WAN Edge devices for the solutions VMware SD-WAN.

VMware

Our approach was from the very beginning connected with the concept of software-defined networks, abstractions from a hardware platform and implementation of all network subsystems and services as the software which is executed in the form of virtual machines on servers of standard architecture h86.

According to him, VMware NSX — the only exclusively software platform in the industry for net surfing and security offering a full range of L2-L7 services for workloads deployed in infrastructures of any type: in the form of virtual machines, in containers, on physical servers, in private and public clouds.

And all this within uniform security policy. Unified safe environment, - Andrey Kosenko emphasizes.

And as there is no binding to a hardware platform, there is an opportunity to change suppliers of network equipment needlessly something globally to change in architecture of network, - Andrey Kosenko emphasizes.

Researchers of Gartner found at VMware only one essential faults of the flagman solution - the virtualization platform of network and ensuring the network security intended for a program data processing center (SDDC) of VMware NSX Data Center - it is high cost that interferes with widespread introduction of these products.

In the field VMware realized the vision of further development in the concept of Virtual Cloud Network which is based on an ecosystem of solutions for net surfing and security, management, control and supervision, search and elimination of incidents of security, analytics and sensors of network malfunctions, as in physical and virtual infrastructure: from local DPC and to network edge, with support of VMware SD-WAN, AWS, VMware Cloud on AWS, Azure, etc.

Cisco

The open expanded program-controlled architecture of a digital network of Cisco Digital Network Architecture (DNA) covers, both campuses, and branches and also SD-WAN networks. Cisco DNA Center is the network controller allowing operators to project, configure, manage, optimize and to debug networks on the basis of Cisco DNA. Its functions include the expanded automation using certain politicians for creation and distribution of configurations of network devices and also intellectual analytics.

Using architecture of SDN it is possible to implement Intent-Based Networking (IBN) - network on the basis of intentions which gives the chance to automate problems of network management at the expense of elements of artificial intelligence and machine learning. From the point of view of the administrator, it means higher level of abstraction at network management: it is enough to appoint access to a user group to the application, and tuning of network equipment necessary for this purpose will be performed automatically.

In fact, the network on the basis of intentions is able to model the current business objectives and to connect with them certain politicians of resource management. There is also specific element – guarantees (Assurance) which confirms compliance selected the politician to business objectives. Actually the network on the basis of intentions expands the concept of SDN, adding network management on a basis the politician, automation of network and complex analytics for detection and the problem resolution for more complete approach.

Cisco: network on the basis of intentions

The solution Cisco Network Assurance Engine provides continuous check and the analysis of all network of a data processing center using creation of some of "intellectual events". Their task - to reveal deviations from intentions and offer recommendations about correction, providing to operators confidence that their network works according to intentions.

Cisco Network Assurance Engine: how it works

Cisco Application Centric Infrastructure (ACI) is a software-defined architectural platform in which center – applications. Cisco ACI supports Wednesdays with several clouds and several domains, providing a possibility of deployment in any place and also mass scaling for bigger flexibility of applications and automation of data processing centers. ACI promises a possibility of start on any platform (a hypervisor, a container), in any place (onpremise, cloud and edge) and supports of any workload. Consecutive deployment of policy irrespective of location with high availability is supposed.

Aruba, Hewlett Packard Enterprise company

The network can and should facilitate work of department of administration, provide high-quality services and increase profitability of the enterprise. Here also the artificial intelligence which undertakes a role of the chief adviser capable to supply to IT department with the exact information is connected, to quickly define the reason of malfunctions and to advise methods of its elimination", - Mikhail Komarov, the head of department of preparation of network solutions Aruba, Hewlett Packard Enterprise company in Russia says.

Analysts of Gartner entered the special concept "AIOps" (Artificial Intelligence for IT operations) — technologies of the automated administration of networks using Big Data and machine learning which allow to define communications between events, to reveal anomalies and to define their reasons. Besides, the solution AI automates a considerable part of the transactions which were earlier executed manually. Such functionality is implemented by the Edge Services Platform platform provided by Aruba company, Hewlett Packard Enterprise companies in June.

Fragmentation of operating activities can negatively affect the overall level of security and capability of the administrator to debug network, - Mikhail Orlenko comments.

Thanks to correlation of data of analytics with historical information on events administrators receive the instrument of fast detection and fault recovery and also response to problems, - Mikhail Orlenko emphasizes.

AOS-CX is the network operating system of new generation constructed according to the cloud principles on the basis of microservice architecture with high fault tolerance. It is completely programmable and supports the REST API interfaces practically for each function. Besides, AOS-CX maintains functionality of the dynamic organization and verification of the selected imposed network topology (overlay) for applications and services, provides complete programmability for automation of daily, but difficult network tasks. All functionality of switches of DPC is available through RESTful API the interface.

The modular architecture of Aruba OS-CX in style of micro services allows to expand quickly functionality of the switch, to develop the platform depending on trends of the modern network world, to add unique tools.

AOS-CX provides ample opportunities of scaling. For example, running this OS all lineup of the Aruba switches functions: from high-performance switches of a core of modern DPC and to inexpensive devices of the access level of a LAN.

Central ArubaOS-CX component. – database. It provides interaction between processes, allows to reduce dependence of processes from each other and from other components. Such approach differs from traditional architecture of network OS at which processes directly communicate among themselves, creating a complex array of mezhprotsessovy interaction and dependences. In ArubaOS-CX the database undertakes an exclusive role in terms of communication between processes. All statuses and events generated by processes register in the database from where they are available to reading to other processes in OS.

Development of SDN in the near future

• Network as a Service. According to Cloud4Y company, today we are in the beginning of the second wave of cloud computing. The first began with centralization and virtualization of servers, and the second mentions development of software-defined networks, centralization and virtualization of network management in a cloud and takes a form of Network as aService (NaaS) - network as service.

Evolution of the concept of SDN in Network as a Service

• Network processors. The Center of Application Studies of Computer Networks (CASCN) believes that during creation of the SDN switch of the OpenFlow standard the most optimal method is use of network processors.

They, on the one hand, allow to change with rather broad range behavior of the device by its reprogramming. And, on the other hand, - to provide the high density of ports, big performance at traffic handling, to take less places in a rack, in comparison with the server, to work quickly with tables and memory of a different type, including associative.

Use of network processors will allow in the future, by change of the software to achieve obtaining the necessary functionality according to those changes which will happen at a release of new versions of the OpenFlow protocol.

• Network accelerators. During an era of Big Data these data are in different sources, quite often geographically distributed. To optimize functioning, both controllers of network traffic, and use of processor resources of computing infrastructure, useful specialized network accelerators similar to the Mellanox ConnectX device.

These network accelerators undertake functions of fast data transmission to the destination while central processors of servers are released for data processing.

• SDN for Internet of Things of Internet of Things (IoT)|[[Internet of Things of Internet of Things (IoT)|Internet of Things (IoT)]]]]. Internet of Things puts new calls before software developers for computing and network infrastructure. Today structures of IoT consist of the separate networks which are poorly connected between themselves. For example, office and residential buildings the set of networks for management of heating, ventilation, conditioning, telephone communication, security, lighting is established.

But in process of development of IoT technologies these and many other networks will be connected to each other and to purchase more and more ample opportunities in the field of security, analytics and management. In other words, IoT assumes a high integration scale with support of a set of standards of communication and also interaction of a set of different network applications which communicate among themselves by means of both wire, and wireless networks. For these tasks, consider in TsPIKS, the concept of a cloud of IoT which architecture should be based on technologies of virtualization of network functions (NFV) and the program configured networks (SDN) well approaches.

Thus, software-defined networks are a network revolution which comes true before our eyes, and the network future which already came. Focus of attention is displaced from control of separate network devices to management of the whole network services. On this way already there passed the companies, the most ready to changes, the rest should undergo this transformation in the nearest future.