SlideShare uma empresa Scribd logo

Cloudstack collab talk

Midokura
Midokura

Making a case for network virtualization

Tecnologia
1 de 37
Baixar para ler offline
Making a case for distributed overlay-based network virtualization Ben Cherian Chief Strategy Officer @bencherian Midokura
So, you’re building a cloud?
Requirements
1 2 3 4 5 vs 1 New 1 Horizontal scaling
Building blocks of an IaaS cloud
Cloud management system
Compute
Storage
Networking
Traditional networking devices scale up
Service interruptions
High churn, micro granularity
Limitations of VLANs
Traffic trombones
Human costs don’t scale
Additional Requirements
IaaS Cloud Networking Requirements • Multi-tenancy • ACLs • L2 isolation • Stateful (L4) Firewall  Security Groups • L3 routing isolation  VPC • VPN  Like VRF (virtual  IPSec routing and forwarding) • BGP gateway • Scalable control • REST API plane • Integration with CMS  ARP, DHCP, ICMP  CloudStack • NAT (Floating IP)  OpenStack
IaaS Cloud Networking Requirements Typical Network Topology uplink - Creat e one provider rout er upon deployment - Link to uplink - Creat e a rout er f or a t enant - BGP multi-homing - M ap a bridge f or a quant um net work - Global NAT/route settings, e.g. for floating ip Provider Virtual Router (L3) - Tenant router for FW, LB, DHCP and NAT Tenant/Project A Tenant/Project B Tenant B Tenant A Virtual Router Virtual Router Network A1 Network A2 Network B1 TenantB office Virtual L2 Virtual L2 Virtual L2 Switch A1 Switch A2 Switch B1 Tenant B VPN Router VM1 VM3 VM5 VM2 VM4 VM6 Office Network
Solution: Distributed overlay-based network virtualization
Use encapsulation to build a virtual network
Handle network intelligence / network state at the edge
Require less of the physical network
Edge to Edge IP Overlays • Isolation not using VLANs  IP encapsulation • Decouple from physical network • Provisioning VM doesn’t change underlay state • Underlay delivers to destination host IP • Use scalable IGP (iBGP, OSPF) to build multi-path underlay • Inspired by VL2 from MSR
Market trends supporting overlay model • Packet processing on x86 CPUs (at edge) – Intel DPDK facilitates packet processing – Number of cores in servers increasing fast • Clos Networks (for underlay) – Spine and Leaf architecture with IP – Economical and high E-W bandwidth • Merchant silicon (cheap IP switches) – Broadcom, Intel (Fulcrum Micro), Marvell – ODMs (Quanta, Accton) starting to sell directly – Switches are becoming just like Linux servers • Optical intra-DC Networks
The MidoNet Solution • Virtual L2 Distributed Switching • Virtual L2 Isolation • Virtual L3 Distributed Routing • Virtual L3 Isolation • L4 Services (Load Balancing, Firewall) • NAT • Access Control Lists (ACLs) • Virtual port and device monitoring • Restful API • Web based management control panel
The MidoNet Solution Logical Topology vPort Virtual Tenant A Switch A1 Virtual vPort Router vPort Provider Virtual Virtual Switch A2 vPort Router Tenant B vPort Virtual Virtual Router Switch B1 vPort VM MN MN VM BGP BGP Multi To ISP1 Homing Internet Private IP VM MN Network MN VM BGP To ISP2 Tunnel BGP To ISP3 VM MN MN VM MN MN MN Network State Database Physical Topology
The MidoNet Solution • Distributed and scalable control plane  Handle all control packets at local MidoNet agent adjacent to VM • Scalable and fault tolerant central database  Stores virtual network configuration  Dynamic network state  MAC learning, ARP cache, etc  Cached at edges on demand • All packet modifications at ingress Packet Tunnel Ingress  One virtual hop MN  No travel through middle boxes Encapsulated  Drop at ingress Drop/Block
Scale out model
The MidoNet Solution • Scalable edge gateway interface to external networks – Multihomed BGP to ISP • REST API and GUI • Integration with popular open source cloud stacks – OpenStack • Removes SPOF of network node • Scalable and fault tolerant NAT for floating IP • Implements security groups efficiently – CloudStack (in progress)
CloudStack integration • Currently have L2 integration • Full integration is slated for Q1, 2013 – L3 isolation (without VM / appliance) – Security groups (stateful firewall) – Floating IP (NAT) – Load balancing (L4)
Questions? Slides: http://www.slideshare.net/midokura
Backup slides
Candidate Models • Traditional network • Centrally controlled OpenFlow based hop- by-hop switching fabric • Edge to edge overlays
Traditional Netowrk • Ethernet VLANs for L2 isolation  4096 limit  VLANs will have large spanning trees terminating on many hosts  High churn in switch control planes doing MAC learning non-stop  Need MLAG for L2 multi-path  Vendor specific • MPLS VPN? • VRFs for L3 isolation  Not scalable to cloud scale  Expensive hardware  Not fault tolerant
OpenFlow Fabric • State in switches  Proportional to virtual network state  Need to update all switches in path when provisioning  Not scalable, not fast enough to update, no atomicity of updates • Not good for IaaS cloud virtual networking
Spine and Leaf Network Architecture
Deep OpenStack Integration • Quantum Plugin – L2 isolation, of course • Also… – L3 isolation (without VM / appliance) – Security groups (stateful firewall) – Floating IP (NAT) – Load balancing (L4) 37

Recomendados

Networking in the cloud: An SDN primer
Networking in the cloud: An SDN primerNetworking in the cloud: An SDN primer
Networking in the cloud: An SDN primerMidokura
 
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS Clouds
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS CloudsBayLISA: MidoNet Overlay Based Network Virtualization for IaaS Clouds
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS CloudsAdam Johnson
 
Drd700
Drd700Drd700
Drd700ciperi
 
evolution towards NGN
evolution towards NGNevolution towards NGN
evolution towards NGNAJAL A J
 
Encoder
EncoderEncoder
EncoderTELE-audiovision eng
 
Quality of Experience
Quality of ExperienceQuality of Experience
Quality of ExperienceThomas Kernen
 
Ibc forum 2012-divitel
Ibc forum 2012-divitelIbc forum 2012-divitel
Ibc forum 2012-divitelVerimatrix
 
Network policies
Network policiesNetwork policies
Network policiesshanj
 

Recomendados

Networking in the cloud: An SDN primer
Networking in the cloud: An SDN primerNetworking in the cloud: An SDN primer
Networking in the cloud: An SDN primerMidokura
 
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS Clouds
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS CloudsBayLISA: MidoNet Overlay Based Network Virtualization for IaaS Clouds
BayLISA: MidoNet Overlay Based Network Virtualization for IaaS CloudsAdam Johnson
 
Drd700
Drd700Drd700
Drd700ciperi
 
evolution towards NGN
evolution towards NGNevolution towards NGN
evolution towards NGNAJAL A J
 
Encoder
EncoderEncoder
EncoderTELE-audiovision eng
 
Quality of Experience
Quality of ExperienceQuality of Experience
Quality of ExperienceThomas Kernen
 
Ibc forum 2012-divitel
Ibc forum 2012-divitelIbc forum 2012-divitel
Ibc forum 2012-divitelVerimatrix
 
Network policies
Network policiesNetwork policies
Network policiesshanj
 
Scalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware NetworksScalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware Networksmgrafl
 
Windows Server 8 Hyper V Networking
Windows Server 8 Hyper V NetworkingWindows Server 8 Hyper V Networking
Windows Server 8 Hyper V NetworkingAidan Finn
 
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLANFlexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLANCisco Canada
 
Sao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - VerimatrixSao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - VerimatrixVerimatrix
 
2008 EBU Training BBC Scotland Infrastructure
2008 EBU Training BBC Scotland Infrastructure2008 EBU Training BBC Scotland Infrastructure
2008 EBU Training BBC Scotland InfrastructureEuropean Broacasting Union
 
Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]APNIC
 
10209
1020910209
10209ronsito
 
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, VerimatrixMulti-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, VerimatrixVerimatrix
 
IPv6 in 3G Core Networks
IPv6 in 3G Core NetworksIPv6 in 3G Core Networks
IPv6 in 3G Core NetworksJohn Loughney
 
Trill and Datacenter Alternatives
Trill and Datacenter AlternativesTrill and Datacenter Alternatives
Trill and Datacenter AlternativesAricent
 
Netup dvb-tc-ci
Netup dvb-tc-ciNetup dvb-tc-ci
Netup dvb-tc-ciTELE-audiovision eng
 
Backhaul considerations-ver2
Backhaul considerations-ver2Backhaul considerations-ver2
Backhaul considerations-ver2Rafael Junquera
 
Mobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLSMobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLSCisco Canada
 
David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009eCommConf
 
Ultra high definition TV over IP networks
Ultra high definition TV over IP networksUltra high definition TV over IP networks
Ultra high definition TV over IP networksThomas Kernen
 
Waris l2vpn-tutorial
Waris l2vpn-tutorialWaris l2vpn-tutorial
Waris l2vpn-tutorialrakiva29
 
Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01ciperi
 
Unified MPLS
Unified MPLSUnified MPLS
Unified MPLSCisco Service Provider
 
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewCISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewAmeen Wayok
 
オープンソースになったMidoNet
オープンソースになったMidoNetオープンソースになったMidoNet
オープンソースになったMidoNetMidokura
 
MidoNet US Launch - Oct 15
MidoNet US Launch - Oct 15MidoNet US Launch - Oct 15
MidoNet US Launch - Oct 15Midokura
 
MidoNet Future -ミドネットの未来-
MidoNet Future -ミドネットの未来-MidoNet Future -ミドネットの未来-
MidoNet Future -ミドネットの未来-Midokura
 

Mais conteúdo relacionado

Mais procurados

Scalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware NetworksScalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware Networksmgrafl
 
Windows Server 8 Hyper V Networking
Windows Server 8 Hyper V NetworkingWindows Server 8 Hyper V Networking
Windows Server 8 Hyper V NetworkingAidan Finn
 
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLANFlexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLANCisco Canada
 
Sao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - VerimatrixSao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - VerimatrixVerimatrix
 
Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]APNIC
 
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, VerimatrixMulti-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, VerimatrixVerimatrix
 
IPv6 in 3G Core Networks
IPv6 in 3G Core NetworksIPv6 in 3G Core Networks
IPv6 in 3G Core NetworksJohn Loughney
 
Trill and Datacenter Alternatives
Trill and Datacenter AlternativesTrill and Datacenter Alternatives
Trill and Datacenter AlternativesAricent
 
Backhaul considerations-ver2
Backhaul considerations-ver2Backhaul considerations-ver2
Backhaul considerations-ver2Rafael Junquera
 
Mobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLSMobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLSCisco Canada
 
David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009eCommConf
 
Ultra high definition TV over IP networks
Ultra high definition TV over IP networksUltra high definition TV over IP networks
Ultra high definition TV over IP networksThomas Kernen
 
Waris l2vpn-tutorial
Waris l2vpn-tutorialWaris l2vpn-tutorial
Waris l2vpn-tutorialrakiva29
 
Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01ciperi
 
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewCISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewAmeen Wayok
 

Mais procurados (19)

Scalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware NetworksScalable Video Coding in Content-Aware Networks
Scalable Video Coding in Content-Aware Networks
 
Windows Server 8 Hyper V Networking
Windows Server 8 Hyper V NetworkingWindows Server 8 Hyper V Networking
Windows Server 8 Hyper V Networking
 
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLANFlexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
Flexible Data Centre Fabric - FabricPath/TRILL, OTV, LISP and VXLAN
 
Sao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - VerimatrixSao Paulo Multi-network Event 2012 - Verimatrix
Sao Paulo Multi-network Event 2012 - Verimatrix
 
2008 EBU Training BBC Scotland Infrastructure
2008 EBU Training BBC Scotland Infrastructure2008 EBU Training BBC Scotland Infrastructure
2008 EBU Training BBC Scotland Infrastructure
 
Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]Optical Transport SDN by Peter Landon [APRICOT 2015]
Optical Transport SDN by Peter Landon [APRICOT 2015]
 
10209
1020910209
10209
 
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, VerimatrixMulti-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
Multi-network Solutions in the Real World, CABSAT: Steve Oetegenn, Verimatrix
 
IPv6 in 3G Core Networks
IPv6 in 3G Core NetworksIPv6 in 3G Core Networks
IPv6 in 3G Core Networks
 
Trill and Datacenter Alternatives
Trill and Datacenter AlternativesTrill and Datacenter Alternatives
Trill and Datacenter Alternatives
 
Netup dvb-tc-ci
Netup dvb-tc-ciNetup dvb-tc-ci
Netup dvb-tc-ci
 
Backhaul considerations-ver2
Backhaul considerations-ver2Backhaul considerations-ver2
Backhaul considerations-ver2
 
Mobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLSMobile Transport Evolution with Unified MPLS
Mobile Transport Evolution with Unified MPLS
 
David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009David A. Burgess's Presentation at eComm 2009
David A. Burgess's Presentation at eComm 2009
 
Ultra high definition TV over IP networks
Ultra high definition TV over IP networksUltra high definition TV over IP networks
Ultra high definition TV over IP networks
 
Waris l2vpn-tutorial
Waris l2vpn-tutorialWaris l2vpn-tutorial
Waris l2vpn-tutorial
 
Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01Bnova flyer blankomdigital_rev04_web_01
Bnova flyer blankomdigital_rev04_web_01
 
Unified MPLS
Unified MPLSUnified MPLS
Unified MPLS
 
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewCISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
 

Destaque

オープンソースになったMidoNet
オープンソースになったMidoNetオープンソースになったMidoNet
オープンソースになったMidoNetMidokura
 
MidoNet US Launch - Oct 15
MidoNet US Launch - Oct 15MidoNet US Launch - Oct 15
MidoNet US Launch - Oct 15Midokura
 
MidoNet Future -ミドネットの未来-
MidoNet Future -ミドネットの未来-MidoNet Future -ミドネットの未来-
MidoNet Future -ミドネットの未来-Midokura
 
Midokura Enterprise MidoNet Overview
Midokura Enterprise MidoNet Overview Midokura Enterprise MidoNet Overview
Midokura Enterprise MidoNet Overview Midokura
 
MidoNet Differentiation and Overview
MidoNet Differentiation and OverviewMidoNet Differentiation and Overview
MidoNet Differentiation and OverviewMidokura
 
クラウドネットワークの仮想化そしてVxLAN Offloadによる高速化
クラウドネットワークの仮想化そしてVxLAN Offloadによる高速化クラウドネットワークの仮想化そしてVxLAN Offloadによる高速化
クラウドネットワークの仮想化そしてVxLAN Offloadによる高速化Midokura
 

Destaque (6)

オープンソースになったMidoNet
オープンソースになったMidoNetオープンソースになったMidoNet
オープンソースになったMidoNet
 
MidoNet US Launch - Oct 15
MidoNet US Launch - Oct 15MidoNet US Launch - Oct 15
MidoNet US Launch - Oct 15
 
MidoNet Future -ミドネットの未来-
MidoNet Future -ミドネットの未来-MidoNet Future -ミドネットの未来-
MidoNet Future -ミドネットの未来-
 
Midokura Enterprise MidoNet Overview
Midokura Enterprise MidoNet Overview Midokura Enterprise MidoNet Overview
Midokura Enterprise MidoNet Overview
 
MidoNet Differentiation and Overview
MidoNet Differentiation and OverviewMidoNet Differentiation and Overview
MidoNet Differentiation and Overview
 
クラウドネットワークの仮想化そしてVxLAN Offloadによる高速化
クラウドネットワークの仮想化そしてVxLAN Offloadによる高速化クラウドネットワークの仮想化そしてVxLAN Offloadによる高速化
クラウドネットワークの仮想化そしてVxLAN Offloadによる高速化
 

Semelhante a Cloudstack collab talk

Networking in the Cloud: An SDN Primer
Networking in the Cloud: An SDN PrimerNetworking in the Cloud: An SDN Primer
Networking in the Cloud: An SDN PrimerOpenStack Foundation
 
Cherian networking in_the_cloud_041613
Cherian networking in_the_cloud_041613Cherian networking in_the_cloud_041613
Cherian networking in_the_cloud_041613OpenStack Foundation
 
Windows server 8 hyper v networking (aidan finn)
Windows server 8 hyper v networking (aidan finn)Windows server 8 hyper v networking (aidan finn)
Windows server 8 hyper v networking (aidan finn)hypervnu
 
Advanced network services insertions framework
Advanced network services insertions frameworkAdvanced network services insertions framework
Advanced network services insertions frameworksalv_orlando
 
OpenStack Load Balancing Use Cases and Requirements
OpenStack Load Balancing Use Cases and RequirementsOpenStack Load Balancing Use Cases and Requirements
OpenStack Load Balancing Use Cases and RequirementsJohn Gruber
 
VoIP Connectivity Table
VoIP Connectivity TableVoIP Connectivity Table
VoIP Connectivity TableBraun Mincher
 
Network virtualization with open stack quantum
Network virtualization with open stack quantumNetwork virtualization with open stack quantum
Network virtualization with open stack quantumMiguel Lavalle
 
Brokerage 2007 presentation wireless
Brokerage 2007 presentation wirelessBrokerage 2007 presentation wireless
Brokerage 2007 presentation wirelessimec.archive
 
Networking is NOT Free: Lessons in Network Design
Networking is NOT Free: Lessons in Network DesignNetworking is NOT Free: Lessons in Network Design
Networking is NOT Free: Lessons in Network DesignRandy Bias
 
Architecting data center networks in the era of big data and cloud
Architecting data center networks in the era of big data and cloudArchitecting data center networks in the era of big data and cloud
Architecting data center networks in the era of big data and cloudbradhedlund
 
Technical introduction to MidoNet
Technical introduction to MidoNetTechnical introduction to MidoNet
Technical introduction to MidoNetMidoNet
 
Ryu: network operating system
Ryu: network operating systemRyu: network operating system
Ryu: network operating systemIsaku Yamahata
 
Virtual Network Performance Challenge
Virtual Network Performance ChallengeVirtual Network Performance Challenge
Virtual Network Performance ChallengeStephen Hemminger
 
Quantum grizzly summit
Quantum grizzly summitQuantum grizzly summit
Quantum grizzly summitDan Wendlandt
 
Quantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptxQuantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptxOpenStack Foundation
 
MFH3 Overview
MFH3 OverviewMFH3 Overview
MFH3 Overviewrorcutt
 
Hungary Usergroup - Midonet overlay programming
Hungary Usergroup - Midonet overlay programmingHungary Usergroup - Midonet overlay programming
Hungary Usergroup - Midonet overlay programmingMarton Kiss
 
OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)Dan Wendlandt
 

Semelhante a Cloudstack collab talk (20)

Networking in the Cloud: An SDN Primer
Networking in the Cloud: An SDN PrimerNetworking in the Cloud: An SDN Primer
Networking in the Cloud: An SDN Primer
 
Cherian networking in_the_cloud_041613
Cherian networking in_the_cloud_041613Cherian networking in_the_cloud_041613
Cherian networking in_the_cloud_041613
 
Windows server 8 hyper v networking (aidan finn)
Windows server 8 hyper v networking (aidan finn)Windows server 8 hyper v networking (aidan finn)
Windows server 8 hyper v networking (aidan finn)
 
Advanced network services insertions framework
Advanced network services insertions frameworkAdvanced network services insertions framework
Advanced network services insertions framework
 
OpenStack Load Balancing Use Cases and Requirements
OpenStack Load Balancing Use Cases and RequirementsOpenStack Load Balancing Use Cases and Requirements
OpenStack Load Balancing Use Cases and Requirements
 
Link Virtualization based on Xen
Link Virtualization based on XenLink Virtualization based on Xen
Link Virtualization based on Xen
 
VoIP Connectivity Table
VoIP Connectivity TableVoIP Connectivity Table
VoIP Connectivity Table
 
Network virtualization with open stack quantum
Network virtualization with open stack quantumNetwork virtualization with open stack quantum
Network virtualization with open stack quantum
 
Brokerage 2007 presentation wireless
Brokerage 2007 presentation wirelessBrokerage 2007 presentation wireless
Brokerage 2007 presentation wireless
 
Networking is NOT Free: Lessons in Network Design
Networking is NOT Free: Lessons in Network DesignNetworking is NOT Free: Lessons in Network Design
Networking is NOT Free: Lessons in Network Design
 
Architecting data center networks in the era of big data and cloud
Architecting data center networks in the era of big data and cloudArchitecting data center networks in the era of big data and cloud
Architecting data center networks in the era of big data and cloud
 
Technical introduction to MidoNet
Technical introduction to MidoNetTechnical introduction to MidoNet
Technical introduction to MidoNet
 
Ryu: network operating system
Ryu: network operating systemRyu: network operating system
Ryu: network operating system
 
Virtual Network Performance Challenge
Virtual Network Performance ChallengeVirtual Network Performance Challenge
Virtual Network Performance Challenge
 
Quantum grizzly summit
Quantum grizzly summitQuantum grizzly summit
Quantum grizzly summit
 
Quantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptxQuantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptx
 
MFH3 Overview
MFH3 OverviewMFH3 Overview
MFH3 Overview
 
Hungary Usergroup - Midonet overlay programming
Hungary Usergroup - Midonet overlay programmingHungary Usergroup - Midonet overlay programming
Hungary Usergroup - Midonet overlay programming
 
Contrail Enabler for agile cloud services
Contrail Enabler for agile cloud servicesContrail Enabler for agile cloud services
Contrail Enabler for agile cloud services
 
OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)OpenStack Quantum Intro (OS Meetup 3-26-12)
OpenStack Quantum Intro (OS Meetup 3-26-12)
 

Mais de Midokura

Journey to an Intelligent Industrial Network - Pino de Candia, CTO Midokura
Journey to an Intelligent Industrial Network - Pino de Candia, CTO MidokuraJourney to an Intelligent Industrial Network - Pino de Candia, CTO Midokura
Journey to an Intelligent Industrial Network - Pino de Candia, CTO MidokuraMidokura
 
ネットワーク仮想化ソフトウェアMidoNet ユースケースとユーザメリット
ネットワーク仮想化ソフトウェアMidoNet ユースケースとユーザメリットネットワーク仮想化ソフトウェアMidoNet ユースケースとユーザメリット
ネットワーク仮想化ソフトウェアMidoNet ユースケースとユーザメリットMidokura
 
OpenStack Networkingとネットワーク仮想化ソフトMidoNet最新動向
OpenStack Networkingとネットワーク仮想化ソフトMidoNet最新動向OpenStack Networkingとネットワーク仮想化ソフトMidoNet最新動向
OpenStack Networkingとネットワーク仮想化ソフトMidoNet最新動向Midokura
 
OpenStack Havanaのネットワーキング新機能と適用事例
OpenStack Havanaのネットワーキング新機能と適用事例OpenStack Havanaのネットワーキング新機能と適用事例
OpenStack Havanaのネットワーキング新機能と適用事例Midokura
 
Network Virtualization with MidoNet in CloudStack
Network Virtualization with MidoNet in CloudStackNetwork Virtualization with MidoNet in CloudStack
Network Virtualization with MidoNet in CloudStackMidokura
 
20130614 Interop SDN ShowCase-OpenStage2-MidoNet with Sakura Internet
20130614 Interop SDN ShowCase-OpenStage2-MidoNet with Sakura Internet20130614 Interop SDN ShowCase-OpenStage2-MidoNet with Sakura Internet
20130614 Interop SDN ShowCase-OpenStage2-MidoNet with Sakura InternetMidokura
 
Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...
Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...
Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...Midokura
 
OSC Osaka 2013
OSC Osaka 2013OSC Osaka 2013
OSC Osaka 2013Midokura
 
20130517 midokura-ncc
20130517 midokura-ncc20130517 midokura-ncc
20130517 midokura-nccMidokura
 
12th Japan CloudStack User Group Meetup
12th Japan CloudStack User Group Meetup12th Japan CloudStack User Group Meetup
12th Japan CloudStack User Group MeetupMidokura
 

Mais de Midokura (10)

Journey to an Intelligent Industrial Network - Pino de Candia, CTO Midokura
Journey to an Intelligent Industrial Network - Pino de Candia, CTO MidokuraJourney to an Intelligent Industrial Network - Pino de Candia, CTO Midokura
Journey to an Intelligent Industrial Network - Pino de Candia, CTO Midokura
 
ネットワーク仮想化ソフトウェアMidoNet ユースケースとユーザメリット
ネットワーク仮想化ソフトウェアMidoNet ユースケースとユーザメリットネットワーク仮想化ソフトウェアMidoNet ユースケースとユーザメリット
ネットワーク仮想化ソフトウェアMidoNet ユースケースとユーザメリット
 
OpenStack Networkingとネットワーク仮想化ソフトMidoNet最新動向
OpenStack Networkingとネットワーク仮想化ソフトMidoNet最新動向OpenStack Networkingとネットワーク仮想化ソフトMidoNet最新動向
OpenStack Networkingとネットワーク仮想化ソフトMidoNet最新動向
 
OpenStack Havanaのネットワーキング新機能と適用事例
OpenStack Havanaのネットワーキング新機能と適用事例OpenStack Havanaのネットワーキング新機能と適用事例
OpenStack Havanaのネットワーキング新機能と適用事例
 
Network Virtualization with MidoNet in CloudStack
Network Virtualization with MidoNet in CloudStackNetwork Virtualization with MidoNet in CloudStack
Network Virtualization with MidoNet in CloudStack
 
20130614 Interop SDN ShowCase-OpenStage2-MidoNet with Sakura Internet
20130614 Interop SDN ShowCase-OpenStage2-MidoNet with Sakura Internet20130614 Interop SDN ShowCase-OpenStage2-MidoNet with Sakura Internet
20130614 Interop SDN ShowCase-OpenStage2-MidoNet with Sakura Internet
 
Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...
Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...
Introduction to Network Virtualization for IaaS Cloud by Midokura at LinuxCon...
 
OSC Osaka 2013
OSC Osaka 2013OSC Osaka 2013
OSC Osaka 2013
 
20130517 midokura-ncc
20130517 midokura-ncc20130517 midokura-ncc
20130517 midokura-ncc
 
12th Japan CloudStack User Group Meetup
12th Japan CloudStack User Group Meetup12th Japan CloudStack User Group Meetup
12th Japan CloudStack User Group Meetup
 

Último

A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...amber724300
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 

Último (20)

A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 

Cloudstack collab talk

  • 1. Making a case for distributed overlay-based network virtualization Ben Cherian Chief Strategy Officer @bencherian Midokura
  • 4. 1 2 3 4 5 vs 1 New 1 Horizontal scaling
  • 5. Building blocks of an IaaS cloud
  • 10. Traditional networking devices scale up
  • 12. High churn, micro granularity
  • 13. Limitations of VLANs
  • 17. IaaS Cloud Networking Requirements • Multi-tenancy • ACLs • L2 isolation • Stateful (L4) Firewall  Security Groups • L3 routing isolation  VPC • VPN  Like VRF (virtual  IPSec routing and forwarding) • BGP gateway • Scalable control • REST API plane • Integration with CMS  ARP, DHCP, ICMP  CloudStack • NAT (Floating IP)  OpenStack
  • 18. IaaS Cloud Networking Requirements Typical Network Topology uplink - Creat e one provider rout er upon deployment - Link to uplink - Creat e a rout er f or a t enant - BGP multi-homing - M ap a bridge f or a quant um net work - Global NAT/route settings, e.g. for floating ip Provider Virtual Router (L3) - Tenant router for FW, LB, DHCP and NAT Tenant/Project A Tenant/Project B Tenant B Tenant A Virtual Router Virtual Router Network A1 Network A2 Network B1 TenantB office Virtual L2 Virtual L2 Virtual L2 Switch A1 Switch A2 Switch B1 Tenant B VPN Router VM1 VM3 VM5 VM2 VM4 VM6 Office Network
  • 19. Solution: Distributed overlay-based network virtualization
  • 20. Use encapsulation to build a virtual network
  • 21. Handle network intelligence / network state at the edge
  • 22. Require less of the physical network
  • 23. Edge to Edge IP Overlays • Isolation not using VLANs  IP encapsulation • Decouple from physical network • Provisioning VM doesn’t change underlay state • Underlay delivers to destination host IP • Use scalable IGP (iBGP, OSPF) to build multi-path underlay • Inspired by VL2 from MSR
  • 24. Market trends supporting overlay model • Packet processing on x86 CPUs (at edge) – Intel DPDK facilitates packet processing – Number of cores in servers increasing fast • Clos Networks (for underlay) – Spine and Leaf architecture with IP – Economical and high E-W bandwidth • Merchant silicon (cheap IP switches) – Broadcom, Intel (Fulcrum Micro), Marvell – ODMs (Quanta, Accton) starting to sell directly – Switches are becoming just like Linux servers • Optical intra-DC Networks
  • 25. The MidoNet Solution • Virtual L2 Distributed Switching • Virtual L2 Isolation • Virtual L3 Distributed Routing • Virtual L3 Isolation • L4 Services (Load Balancing, Firewall) • NAT • Access Control Lists (ACLs) • Virtual port and device monitoring • Restful API • Web based management control panel
  • 26. The MidoNet Solution Logical Topology vPort Virtual Tenant A Switch A1 Virtual vPort Router vPort Provider Virtual Virtual Switch A2 vPort Router Tenant B vPort Virtual Virtual Router Switch B1 vPort VM MN MN VM BGP BGP Multi To ISP1 Homing Internet Private IP VM MN Network MN VM BGP To ISP2 Tunnel BGP To ISP3 VM MN MN VM MN MN MN Network State Database Physical Topology
  • 27. The MidoNet Solution • Distributed and scalable control plane  Handle all control packets at local MidoNet agent adjacent to VM • Scalable and fault tolerant central database  Stores virtual network configuration  Dynamic network state  MAC learning, ARP cache, etc  Cached at edges on demand • All packet modifications at ingress Packet Tunnel Ingress  One virtual hop MN  No travel through middle boxes Encapsulated  Drop at ingress Drop/Block
  • 29. The MidoNet Solution • Scalable edge gateway interface to external networks – Multihomed BGP to ISP • REST API and GUI • Integration with popular open source cloud stacks – OpenStack • Removes SPOF of network node • Scalable and fault tolerant NAT for floating IP • Implements security groups efficiently – CloudStack (in progress)
  • 30. CloudStack integration • Currently have L2 integration • Full integration is slated for Q1, 2013 – L3 isolation (without VM / appliance) – Security groups (stateful firewall) – Floating IP (NAT) – Load balancing (L4)
  • 33. Candidate Models • Traditional network • Centrally controlled OpenFlow based hop- by-hop switching fabric • Edge to edge overlays
  • 34. Traditional Netowrk • Ethernet VLANs for L2 isolation  4096 limit  VLANs will have large spanning trees terminating on many hosts  High churn in switch control planes doing MAC learning non-stop  Need MLAG for L2 multi-path  Vendor specific • MPLS VPN? • VRFs for L3 isolation  Not scalable to cloud scale  Expensive hardware  Not fault tolerant
  • 35. OpenFlow Fabric • State in switches  Proportional to virtual network state  Need to update all switches in path when provisioning  Not scalable, not fast enough to update, no atomicity of updates • Not good for IaaS cloud virtual networking
  • 36. Spine and Leaf Network Architecture
  • 37. Deep OpenStack Integration • Quantum Plugin – L2 isolation, of course • Also… – L3 isolation (without VM / appliance) – Security groups (stateful firewall) – Floating IP (NAT) – Load balancing (L4) 37

Notas do Editor

  1. Cloud ManagementComputeStorageNetworking
  2. The CMS (cloud management system) integration is critically importantWe have built a deep integration with OpenStackL2 isolation is a given!L2 isolation is not enoughL3 isolation (inter-network routing), scalable NAT, scalable security groups are also needed for a complete solution