SDN Journal Authors: Liz McMillan, Yeshim Deniz, Elizabeth White, Pat Romanski, TJ Randall

Related Topics: @CloudExpo, Containers Expo Blog, SDN Journal, sysconmobile

@CloudExpo: Blog Post

Software Defined Networking | Part 2 By @MJannery | @CloudExpo [#SDN #Cloud]

SDN technologies are broadly split into two fundamentally different paradigms - "overlay" SDN and "underlay" SDN

In our initial part in this blog series on SDN, I gave a quick background overview.  This part of the series will cover overlay SDN and underlay SDN.

SDN technologies are broadly split into two fundamentally different paradigms - "overlay" SDN and "underlay" SDN.  With overlay SDN the SDN is implemented on top of an existing physical network.  With underlay SDN, the fabric of the underlying network is reconfigured to provide the paths required to provide the inter-endpoint SDN connectivity.

Overlay SDN (e.g., VMware NSX and Contrail) use tunneling technologies such as VXLAN, STT and GRE to create endpoints within the hypervisor's virtual switches and rely on the existing network fabric to transport the encapsulated packets to the relevant endpoints using existing routing and switching protocols.  One advantage of using encapsulation is that only the tunneling protocol end-point IP addresses (TPEP IPs) are visible in the core network - the IP addresses of the intercommunicating VMs are not exposed (of course the downside of this is that without specific VXLAN awareness, traffic sniffers, flow analyzers, etc. can only report on TPEP IP-IP conversations and not inter-VM flows).  Another advantage of encapsulated overlay networks is that there is no need for tenant segregation within the core (e.g. using MPLS VPNs, 802.1q VLANs, VRFs, etc.) as segregation is implicitly enforced by the tunneling protocol and the TPEPs.

One of the major drawbacks with overlay SDN (such as NSX) is that there is little, if any, network awareness - i.e. it cannot control,  influence or see how traffic flows through the network from one TPEP to another.  This has serious implications for traffic engineering, fault isolation, load distribution, security, etc.  Proponents of overlay SDN often assert that since datacenter network fabric is invariably highly resilient and significantly over-provisioned this is not a significant issue.  The argument is less convincing when heading out of the datacenter into the campus and across the WAN.

Underlay SDN (Openflow, Cisco ACI, QFabric, FabricPath, etc.) directly manipulate network component forwarding tables to create specific paths through the network - i.e. they intrinsically embed the end-to-end network paths within the network fabric.  The SDN controller is responsible for directly manipulating network element configuration to ensure that the requirements presented at the controller's northbound API are correctly orchestrated.  With intimate knowledge of network topology, configured paths through the fabric and link-level metrics (e.g. bandwidth, latency, cost), much more efficient utilization of network infrastructure can be achieved using more complex route packing algorithms - e.g., sub-optimal routing.  Another advantage of underlay SDN is that the controller dictates exactly where in the network each traffic flow traverses which is invaluable for troubleshooting, impact analysis and security.

The industry is currently split between network architects preferring overlay networks to those preferring underlay networks.  It is not a decision to be taken lightly as it has far-reaching implications on complexity, troubleshooting, monitoring, SLA compliance, performance management, RCA and cost.

The next installment in this series will cover whether it's ideal to have an all virtual environment or if you need some physical hardware.

More Stories By Michael Jannery

Michael Jannery is CEO of Entuity. He is responsible for setting the overall corporate strategy, vision, and direction for the company. He brings more than 30 years of experience to Entuity with 25 years in executive management.

Prior to Entuity, he was Vice President of Marketing for Proficiency, where he established the company as the thought, technology, and market leader in a new product lifecycle management (PLM) sub-market. Earlier, Michael held VP of Marketing positions at Gradient Technologies, where he established them as a market leader in the Internet security sector, and Cayenne Software, a leader in the software and database modeling market. He began his career in engineering.

CloudEXPO Stories
Automation is turning manual or repetitive IT tasks into a thing of the past-including in the datacenter. Nutanix not only provides a world-class user interface, but also a comprehensive set of APIs to allow the automation of provisioning, data collection, and other tasks. In this session, you'll explore Nutanix APIs-from provisioning to other Day 0, Day 1 operations. Come learn about how you can easily leverage Nutanix APIs for orchestration and automation of infrastructure, VMs, networking, and even backup/DR. We'll review available APIs and conduct live demonstrations of integrations and the automating common IT tasks.
ClaySys Technologies is one of the leading application platform products in the ‘No-code' or ‘Metadata Driven' software business application development space. The company was founded to create a modern technology platform that addressed the core pain points related to the traditional software application development architecture. The founding team of ClaySys Technologies come from a legacy of creating and developing line of business software applications for large enterprise clients around the world.
The dream is universal: heuristic driven, global business operations without interruption so that nobody has to wake up at 4am to solve a problem. Building upon Nutanix Acropolis software defined storage, virtualization, and networking platform, Mark will demonstrate business lifecycle automation with freedom of choice and consumption models. Hybrid cloud applications and operations are controllable by the Nutanix Prism control plane with Calm automation, which can weave together the following: database as a service with Era, micro segmentation with Flow, event driven lifecycle operations with Epoch monitoring, and both financial and cloud governance with Beam. Combined together, the Nutanix Enterprise Cloud OS democratizes and accelerates every aspect of your business with simplicity, security, and scalability.
In today's always-on world, customer expectations have changed. Competitive differentiation is delivered through rapid software innovations, the ability to respond to issues quickly and by releasing high-quality code with minimal interruptions. DevOps isn't some far off goal; it's methodologies and practices are a response to this demand. The demand to go faster. The demand for more uptime. The demand to innovate. In this keynote, we will cover the Nutanix Developer Stack. Built from the foundation of software-defined infrastructure, Nutanix has rapidly expanded into full application lifecycle management across any infrastructure or cloud .Join us as we delve into how the Nutanix Developer Stack makes it easy to build hybrid cloud applications by weaving DBaaS, micro segmentation, event driven lifecycle operations, and both financial and cloud governance together into a single unified st...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in this new hybrid and dynamic environment.