Welcome!

SDN Journal Authors: Destiny Bertucci, Jignesh Solanki, Liz McMillan, Elizabeth White, Daniel Gordon

Related Topics: Containers Expo Blog, Microsoft Cloud, @CloudExpo, SDN Journal

Containers Expo Blog: Blog Post

Attention: Overlay Tunnel Construction Ahead

It's good to see folks from VMWare and Microsoft try and come together to create a single tunnel mechanism

A while ago I wrote a few articles describing the various tunnel protocols used for network virtualization between vSwitches on servers, and between vSwitches and physical network gateways. These are the mechanisms that construct overlay networks on top of a physical network. VMWare uses STT as the tunneling mechanism between vSwitches on servers and VXLAN to communicate with gateways to the non virtualized world. NVGRE is used mostly by Microsoft, and is an extension to GRE tunneling that has been around for a while.

Each one of these mechanisms have their pros and cons. They are all pretty much standard, or at least published by a standards organization, and multiple implementations exist of most of them. Outside of my complaint about the stream like nature of STT, the biggest problem with all of them is the fact that they are fixed in their definition. The header definition is fixed, the fields are fixed, the sizes of the headers are fixed.

The 24 bits used for a Virtual Network Identifier providing for 16 million different virtual network may seem like an amount we can live with for a long time to go. But creative minds will find ways to use those 24 bits to signal all sorts of meta information between the tunnel endpoints, or to intermediate switches and other services forwarding these tunneled packets. Additional summarized information about the content of a packet is extremely useful for any device or service that makes intelligent decisions on this packet.

And once you start that thought process, those 24 bits will disappear really quickly. And when 24 bits are not enough, it requires an update to the protocols and their implementations, and those are extremely painful, especially if portions of those protocols are handled in hardware.

Enter GENEVE, an Internet Draft published on Valentine’s day this year, which looks to take a more holistic view of tunneling. GENEVE takes its queue from many other protocols that have shown themselves to have a long life. Protocols like BGP, LLDP, ISIS and many others have been around for multiple decades and are still as popular as they have ever been. And the reason is simple, they are extendable. They evolve over time with new capabilities, not by revising the base protocols, but by adding new optional capabilities.

All of these protocols have a set of fixed headers, parameters and values, but then leave room for non-defined optional fields. New fields can be added to the protocol by simply defining and publishing them. The protocol is created in such a way that implementations know there may be optional fields that they may or may not understand.

Think of my favorite BGP. When its 4th version was created in the mid 90s, it had no ability to carry IPv6 (which wasn’t even called IPv6 at the time). It had no ability to carry multicast routes, Communities, ORFs or act as a Route Reflector. BGP has many optional attributes that have been added over the years and as a result is the most powerful routing protocol in existence. It is the result of a solid protocol design practice: we don’t know everything we may want to use this for at the moment we create it, so we design in the ability to simply add new capabilities.

GENEVE Header

Like VXLAN, GENEVE runs on top of UDP. It adds its own header, which is only 8 bytes of fixed header, containing that same 24 bit Virtual Network Identifier and a 16 bit Protocol Type as the main fields. After that, the initial definition is remarkably empty, every else is left open as options that follow a specific format if and when they get defined.

And that is the beauty of an extensible protocol, only those implementations that care about some specific option will have it implemented and acted upon. Everyone else has to quietly accept and ignore these options. Backward compatibility by design.

Along the way, a few more recommended practices are articulated, including one I complained about in my description of STT. While the language could be a bit stronger, it is recommended that each GENEVE encapsulated packet includes the entire header, which means I can actually reconstruct fragmented packets if I need to during debugging, each packet on the network has the entire original packet and the added GENEVE encapsulation.

Whether you like overlays, tunnels and everything that comes along with it or not, it is good to see folks from VMWare and Microsoft try and come together to create a single tunnel mechanism that is sensible and extensible. It seems to have all the right bits and pieces to have a long life and certainly provides mechanisms that allow for much better orchestration and cooperation between the overlay and physical network.

Of course it will take a while before it becomes a complete definition, with real implementations and hardware support. But when it does, we will have a better toolkit as a result.

[Today's fun fact: The city of Geneva (which is French of course is spelled Geneve) has the shortest commute time of any major city in the world. How appropriate.]

The post Attention: overlay tunnel construction ahead appeared first on Plexxi.

Read the original blog entry...

More Stories By Marten Terpstra

Marten Terpstra is a Product Management Director at Plexxi Inc. Marten has extensive knowledge of the architecture, design, deployment and management of enterprise and carrier networks.

@CloudExpo Stories
Smart cities have the potential to change our lives at so many levels for citizens: less pollution, reduced parking obstacles, better health, education and more energy savings. Real-time data streaming and the Internet of Things (IoT) possess the power to turn this vision into a reality. However, most organizations today are building their data infrastructure to focus solely on addressing immediate business needs vs. a platform capable of quickly adapting emerging technologies to address future ...
In his general session at 21st Cloud Expo, Greg Dumas, Calligo’s Vice President and G.M. of US operations, discussed the new Global Data Protection Regulation and how Calligo can help business stay compliant in digitally globalized world. Greg Dumas is Calligo's Vice President and G.M. of US operations. Calligo is an established service provider that provides an innovative platform for trusted cloud solutions. Calligo’s customers are typically most concerned about GDPR compliance, application p...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settle...
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every real-life scenario that a Kubernetes user might encounter? How do you leverage advanced scheduling techniques to shape and describe each scenario in easy-to-use rules and configurations? In his session at @DevOpsSummit at 21st Cloud Expo, Oleg Chunikhin, CTO at Kublr, answered these questions and demonstrated techniques for implementing advanced scheduling. For example, using spot instances and co...
Blockchain. A day doesn’t seem to go by without seeing articles and discussions about the technology. According to PwC executive Seamus Cushley, approximately $1.4B has been invested in blockchain just last year. In Gartner’s recent hype cycle for emerging technologies, blockchain is approaching the peak. It is considered by Gartner as one of the ‘Key platform-enabling technologies to track.’ While there is a lot of ‘hype vs reality’ discussions going on, there is no arguing that blockchain is b...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily own their code into production, but want to use platforms instead of raw automation. That’s changing the landscape that we understand as DevOps with both architecture concepts (CloudNative) and process redefinition (SRE). Rob Hirschfeld’s recent work in Kubernetes operations has led to the conclusion that containers and related platforms have changed the way we should be thinking about DevOps and...
The need for greater agility and scalability necessitated the digital transformation in the form of following equation: monolithic to microservices to serverless architecture (FaaS). To keep up with the cut-throat competition, the organisations need to update their technology stack to make software development their differentiating factor. Thus microservices architecture emerged as a potential method to provide development teams with greater flexibility and other advantages, such as the abili...
Product connectivity goes hand and hand these days with increased use of personal data. New IoT devices are becoming more personalized than ever before. In his session at 22nd Cloud Expo | DXWorld Expo, Nicolas Fierro, CEO of MIMIR Blockchain Solutions, will discuss how in order to protect your data and privacy, IoT applications need to embrace Blockchain technology for a new level of product security never before seen - or needed.
Leading companies, from the Global Fortune 500 to the smallest companies, are adopting hybrid cloud as the path to business advantage. Hybrid cloud depends on cloud services and on-premises infrastructure working in unison. Successful implementations require new levels of data mobility, enabled by an automated and seamless flow across on-premises and cloud resources. In his general session at 21st Cloud Expo, Greg Tevis, an IBM Storage Software Technical Strategist and Customer Solution Architec...
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection between Coke and its customers. Digital signs pair software with high-resolution displays so that a message can be changed instantly based on what the operator wants to communicate or sell. In their Day 3 Keynote at 21st Cloud Expo, Greg Chambers, Global Group Director, Digital Innovation, Coca-Cola, and Vidya Nagarajan, a Senior Product Manager at Google, discussed how from store operations and ...
"As we've gone out into the public cloud we've seen that over time we may have lost a few things - we've lost control, we've given up cost to a certain extent, and then security, flexibility," explained Steve Conner, VP of Sales at Cloudistics,in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Blockchain is a shared, secure record of exchange that establishes trust, accountability and transparency across business networks. Supported by the Linux Foundation's open source, open-standards based Hyperledger Project, Blockchain has the potential to improve regulatory compliance, reduce cost as well as advance trade. Are you curious about how Blockchain is built for business? In her session at 21st Cloud Expo, René Bostic, Technical VP of the IBM Cloud Unit in North America, discussed the b...
The use of containers by developers -- and now increasingly IT operators -- has grown from infatuation to deep and abiding love. But as with any long-term affair, the honeymoon soon leads to needing to live well together ... and maybe even getting some relationship help along the way. And so it goes with container orchestration and automation solutions, which are rapidly emerging as the means to maintain the bliss between rapid container adoption and broad container use among multiple cloud host...
In his session at 21st Cloud Expo, Michael Burley, a Senior Business Development Executive in IT Services at NetApp, described how NetApp designed a three-year program of work to migrate 25PB of a major telco's enterprise data to a new STaaS platform, and then secured a long-term contract to manage and operate the platform. This significant program blended the best of NetApp’s solutions and services capabilities to enable this telco’s successful adoption of private cloud storage and launching ...
Imagine if you will, a retail floor so densely packed with sensors that they can pick up the movements of insects scurrying across a store aisle. Or a component of a piece of factory equipment so well-instrumented that its digital twin provides resolution down to the micrometer.
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they responded to were some very unique security capabilities that we have," explained Mark Figley, Director of LinuxONE Offerings at IBM, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, whic...
Sanjeev Sharma Joins June 5-7, 2018 @DevOpsSummit at @Cloud Expo New York Faculty. Sanjeev Sharma is an internationally known DevOps and Cloud Transformation thought leader, technology executive, and author. Sanjeev's industry experience includes tenures as CTO, Technical Sales leader, and Cloud Architect leader. As an IBM Distinguished Engineer, Sanjeev is recognized at the highest levels of IBM's core of technical leaders.
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory? In her Day 2 Keynote at @DevOpsSummit at 21st Cloud Expo, Aruna Ravichandran, VP, DevOps Solutions Marketing, CA Technologies, was jo...