Welcome!

SDN Journal Authors: Elizabeth White, Pat Romanski, Liz McMillan, Gil Allouche, Pat O'Day

Related Topics: SDN Journal

SDN Journal: Blog Feed Post

F5 Application Layer SDN: Now with Extreme Programmability

As you move up the network stack, you move from directing packets to managing flows

"If you look at the standard SDN model, [Layer 4-7 services] are applications that can basically run on the [SDN] controller platform. But that's not the only way to do them. We'll hear about different approaches. Network services for SDN are going to be a big story in 2013."

-- Brad Casemore, "Networking outlook: Controllers, Layer 4-7 will roil SDN 2013 market" [emphasis mine]

Since SDN became the darling du jour of the networking industry, there's been a lot of head nodding and ancillary mention of L4-7 services eventually becoming part of the overall fabric. What there hasn't been is a lot of discussion on the challenges inherent in bringing those services to bear in what has become the de facto standard model: a centralized controller responsible for directing the flow of packets throughout the network.

That's challenging, because as you move up the network stack there's a natural evolution that occurs. You move from directing packets to managing flows, and managing flows requires a completely different set of features. That's because the closer to layer 7 you get, the more stateful the network necessarily must become. It can no longer act on individual packets; it must aggregate those packets and it must do it often - far more often than is presupposed when working at layer 2 and 3 of the network stack.

John Giacomoni said it well when he explained in a recent post, "Beyond SDN Fabric: Complex problems require L7+ SDN technologies":

“To implement even basic load balancing with OpenFlow the majority of packets, and all ACKs in particular, need to be forwarded to the controller so session flow state can be accurately tracked.”

Consider that in a router, about 1 in every 1 million packets needs to be forwarded to the controller. In a switch, that ratio is on the order of 1 in every 1 billion. For TCP that ratio drops to a mere 1 out of every 10 packets. If you climb a bit higher in the network stack to layer 7, you might as well consider every packet a candidate to be forwarded on to the controller.

The SDN model upon which most solutions today are based work on the assumption that most packets don't need to be examined by the controller. Thus they are able to scale and maintain wire speed while adding agility and programmability to the lower layers of the network.

A different model is required for Application Layer SDN to ensure agility and performance can be maintained while gaining the benefits of application intelligence and programmability. The SDN Network Fabric (layer 2-3) operates on the premise of centralized control and execution. The SDN Application Services Fabric (layer 4-7) must operate on the premise of centralized control and decentralized execution in order to scale without sacrificing the many benefits of stateful network devices enjoyed by current models of network architecture such as security-related functions, fault tolerance and isolation, and performance enhancing services.

Extreme Programmability: Enter LineRate Systems

As SDN matures, its focus will continue to move up the network stack, toward the application layers. The programmable, scalable services at the application layer comprising the Application Services Fabric are necessary to fully realize the benefits of SDN and software-defined data centers, particularly in environments where network function virtualization (NFV) is adopted as a strategy to achieve maximum agility. Network function virtualization requires not only the improved performance of today’s modern x86 hardware platforms, but software capable of scaling on demand while maintaining optimal performance and offering a high-degree of programmability for superior software defined control over the network.

Programmability is required for reducing operational costs through automation and centralized control, but it is also needed to enable customers to develop innovative, application-specific services that work in concert with SDN architectures. Critical to the success of these architectures are security, acceleration, optimization, and routing services at the application layers that are able to meet modern expectations of flexibility, scale, and performance.

LineRate brings a programmable, scalable platform to the Application Layer SDN table. Its platform is not only capable of scaling on demand and meeting performance expectations on commoditized x86 hardware, but it is highly programmable. In fact it is designed specifically to be programmed to execute purpose-built business and operational logic at high speeds. It's a proxy-based architecture, similar to that of F5 BIG-IP, and offers what I can only describe as "extreme programmability" as its core capability. Rather than insert lightweight rules into the data plane as is the operating procedure for SDN L2-3 fabrics, LineRate SDN Services act as independently operating service nodes that maintain the scaling properties expected of SDN solutions and of modern high-availability architectures, i.e. unlike the centralized SDN controller architecture, a decentralized execution model is fault tolerant even when maintaining state, a requirement for the Application Services Fabric.

As networks continue to become commoditized, it is the application layer services in an SDN that will provide organizations with the competitive advantage they need. A programmable data path is required for organizations desiring to roll their own services and it must be scalable and fast; organizations are unwilling (and rightfully so) to sacrifice performance. LineRate Systems offers such a platform and its addition to the F5 portfolio expands F5's continued leadership in application layer networking in both traditional and Application Layer SDN architectures.

Read the original blog entry...

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@CloudExpo Stories
SYS-CON Events announced today that Windstream, a leading provider of advanced network and cloud communications, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Windstream (Nasdaq: WIN), a FORTUNE 500 and S&P 500 company, is a leading provider of advanced network communications, including cloud computing and managed services, to businesses nationwide. The company also offers broadband, p...
The cloud is becoming the de-facto way for enterprises to leverage common infrastructure while innovating and one of the biggest obstacles facing public cloud computing is security. In his session at 15th Cloud Expo, Jeff Aliber, a global marketing executive at Verizon, discussed how the best place for web security is in the cloud. Benefits include: Functions as the first layer of defense Easy operation –CNAME change Implement an integrated solution Best architecture for addressing network-l...
The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech? In his session at @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, discussed the underlying factors that are driving the economics of intelligent systems. Discover ...
“We help people build clusters, in the classical sense of the cluster. We help people put a full stack on top of every single one of those machines. We do the full bare metal install," explained Greg Bruno, Vice President of Engineering and co-founder of StackIQ, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.

ARMONK, N.Y., Nov. 20, 2014 /PRNewswire/ --  IBM (NYSE: IBM) today announced that it is bringing a greater level of control, security and flexibility to cloud-based application development and delivery with a single-tenant version of Bluemix, IBM's

SYS-CON Events announced today that IDenticard will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. IDenticard™ is the security division of Brady Corp (NYSE: BRC), a $1.5 billion manufacturer of identification products. We have small-company values with the strength and stability of a major corporation. IDenticard offers local sales, support and service to our customers across the United States and Canada...
SYS-CON Events announced today that AIC, a leading provider of OEM/ODM server and storage solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. AIC is a leading provider of both standard OTS, off-the-shelf, and OEM/ODM server and storage solutions. With expert in-house design capabilities, validation, manufacturing and production, AIC's broad selection of products are highly flexible and are conf...
Leysin American School is an exclusive, private boarding school located in Leysin, Switzerland. Leysin selected an OpenStack-powered, private cloud as a service to manage multiple applications and provide development environments for students across the institution. Seeking to meet rigid data sovereignty and data integrity requirements while offering flexible, on-demand cloud resources to users, Leysin identified OpenStack as the clear choice to round out the school's cloud strategy. Additional...
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete...
“DevOps is really about the business. The business is under pressure today, competitively in the marketplace to respond to the expectations of the customer. The business is driving IT and the problem is that IT isn't responding fast enough," explained Mark Levy, Senior Product Marketing Manager at Serena Software, in this SYS-CON.tv interview at DevOps Summit, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Mobile commerce traffic is surpassing desktop, yet less than 20% of sales in the U.S. are mobile commerce sales. In his session at 15th Cloud Expo, Dan Franklin, Segment Manager, Commerce, at Verizon Digital Media Services, defined mobile devices and discussed how next generation means simplification. It means taking your digital content and turning it into instantly gratifying experiences.
“In the past year we've seen a lot of stabilization of WebRTC. You can now use it in production with a far greater degree of certainty. A lot of the real developments in the past year have been in things like the data channel, which will enable a whole new type of application," explained Peter Dunkley, Technical Director at Acision, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The major cloud platforms defy a simple, side-by-side analysis. Each of the major IaaS public-cloud platforms offers their own unique strengths and functionality. Options for on-site private cloud are diverse as well, and must be designed and deployed while taking existing legacy architecture and infrastructure into account. Then the reality is that most enterprises are embarking on a hybrid cloud strategy and programs. In this Power Panel at 15th Cloud Expo (http://www.CloudComputingExpo.com...
Verizon Enterprise Solutions is simplifying the cloud-purchasing experience for its clients, with the launch of Verizon Cloud Marketplace, a key foundational component of the company's robust ecosystem of enterprise-class technologies. The online storefront will initially feature pre-built cloud-based services from AppDynamics, Hitachi Data Systems, Juniper Networks, PfSense and Tervela. Available globally to enterprises using Verizon Cloud, Verizon Cloud Marketplace provides a one-stop shop fo...
The move in recent years to cloud computing services and architectures has added significant pace to the application development and deployment environment. When enterprise IT can spin up large computing instances in just minutes, developers can also design and deploy in small time frames that were unimaginable a few years ago. The consequent move toward lean, agile, and fast development leads to the need for the development and operations sides to work very closely together. Thus, DevOps become...
"Our premise is Docker is not enough. That's not a bad thing - we actually love Docker. At ActiveState all our products are based on open source technology and Docker is an up-and-coming piece of open source technology," explained Bart Copeland, President & CEO of ActiveState Software, in this SYS-CON.tv interview at DevOps Summit at Cloud Expo®, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
"BSQUARE is in the business of selling software solutions for smart connected devices. It's obvious that IoT has moved from being a technology to being a fundamental part of business, and in the last 18 months people have said let's figure out how to do it and let's put some focus on it, " explained Dave Wagstaff, VP & Chief Architect, at BSQUARE Corporation, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
"People are a lot more knowledgeable about APIs now. There are two types of people who work with APIs - IT people who want to use APIs for something internal and the product managers who want to do something outside APIs for people to connect to them," explained Roberto Medrano, Executive Vice President at SOA Software, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
“We are a managed services company. We have taken the key aspects of the cloud and the purposed data center and merged the two together and launched the Purposed Cloud about 18–24 months ago," explained Chetan Patwardhan, CEO of Stratogent, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The Internet of Things is a misnomer. That implies that everything is on the Internet, and that simply should not be - especially for things that are blurring the line between medical devices that stimulate like a pacemaker and quantified self-sensors like a pedometer or pulse tracker. The mesh of things that we manage must be segmented into zones of trust for sensing data, transmitting data, receiving command and control administrative changes, and peer-to-peer mesh messaging. In his session a...