Presentation is loading. Please wait.

Presentation is loading. Please wait.

The role of networking in the Dynamic Data Center Niels Friis-Hansen Senior IT Specialist, CCIE IBM Communication & Collaboration.

Published byCody Garrett Modified over 9 years ago

Similar presentations

Presentation on theme: "The role of networking in the Dynamic Data Center Niels Friis-Hansen Senior IT Specialist, CCIE IBM Communication & Collaboration."— Presentation transcript:

1 The role of networking in the Dynamic Data Center Niels Friis-Hansen Senior IT Specialist, CCIE IBM Communication & Collaboration

2 What are we ultimately trying to solve? VN SHARED COMPUTING RESOURCE USER MPLS VPN USER MPLS VPN USER MPLS VPN VN SHARED SERVS COMMON SERVS ACCESS SECURITY VN INTERNET USER Provide consolidated and virtualized computing and storage resources to increase device utilization, improve system performance, and reduce power requirements and overall costs. Provide secure and flexible data center core network based on defined community groups using highly virtualized and shared networking platform and security resources to increase network utilization, improve performance, and reduce power consumption and overall costs. Provide secure yet flexible network access to specific services based on defined community groups (employees, partners, suppliers, customers, guests). COMMON APPLICATION DEDICATED APPLICATION SHARED APPLICATION DEDICATED APPLICATION ACCESS SECURITY SHARED STORAGE 3 2 1 DEDICATED SERVS SERVER ACCESS SECURITY …

3 Consolidation and virtualization of server and storage resources will increase the performance demands on the data center network  Consolidation and virtualization of server and storage resources will increase the performance demands on the data center network.  Increased server and storage utilization rates will increase the demands on the network to support new, more dense traffic patterns at the access layer  As traffic from multiple virtual servers is combined on a single physical link bandwidth utilization will increase. SERVER/BLADE SERVER … HBA LAN SW SRVR LAN ACCESS SW SRVR NICHBA SAN SW SRVR NICHBA SRVR NICHBA LAN ACCESS SW SAN SW LAN ACCESS SW SAN SW LAN ACCESS SW SAN SW

4 Server consolidation and virtualization involves a local LAN switch and maybe a virtual switch which presents networking challenges  Individual logical servers on a single physical server may communicate amongst themselves without entering the traditional network, representing a loss of control.  How extensive a topology should exist within the hypervisor?  How well does the logical switch interact with the physical access switch?  Can the logical switch support network virtualization (i.e., 802.1q, MPLS) such that segmentation remains intact?  Which operational domain owns the virtual switch – the server or the network team?  How well does the virtual switch handle the traditional functions delivered by the an access switch (e.g., multicast, port mirroring, security features)? SERVER/BLADE SERVER … HBA LAN SW SRVR LAN ACCESS SW SAN SW LAN ACCESS SW SAN SW VIRTUAL SERVER … HBA LAN SW SRVR LAN ACCESS SW SAN SW LAN ACCESS SW SAN SW VLAN

5 Storage virtualization and convergence pushes a transformation in organizations' storage and network infrastructures  Direct-attached storage is gradually giving way to network-attached storage (NAS) and storage area networks (SAN).  Mobility features of virtualization increases the resiliency given the disk is no longer associated with a single physical machine.  Fibre Channel has been the undisputed standard of choice as an interconnect in the data center  The arrival of 10 Gigabit Ethernet with FCoE threatens to challenge that - a protocol converging storage to Ethernet networks.  Although organizations will start migrating to Ethernet, Fibre Channel will still have a significant footprint in the data center given prior investments in the technology. SERVER/BLADE SERVER … HBA LAN NIC/SW SRVR LAN ACCESS SW SRVR NIC SAN SW LAN ACCESS SW SAN SW SAN STORAGE SAN CONVERGED LAN/SAN ACCESS SW VIRTUALIZED SERVER(S) SRVR … CNA CONVERGED LAN/SAN ACCESS SW

6 Increasing the distance between the user and the application can adversely impact user application response time  Data traveling across copper or fiber optic links is limited to the speed of light.  As the distance between the client and the user is increased the latency increases due to physical distance, serialization delay, WAN link congestion and hardware resource availability.  Applications that transmit a large number of small packets or that have a high number of application turns per transaction (“chatty applications”) are particularly susceptible to latency  WAN optimization solutions can aid in relieving some of the negative effects of long transmission distances but latency and WAN link bandwidth as well as traffic prioritization still need to be evaluated. MPLS WAN SERVER/BLADE SERVER … HBA LAN NIC/SW SRVR LAN ACCESS SW PC MPLS VPN CE RTR LAN CE RTR LATENCY BANDWIDTH SRVR NICHBA PC LAN ACCESS SW

7 In a virtualized and shared environment, secure network segmenting becomes more and more important  Network has to provide secure segmenting for different user communities and groups.  The network must support the segmentation policies set by the corporate security policies.  Consequently, secure segmenting with virtualized resources has to happen in layer 2 and layer 3.  Firewalls and other security devices will need to be evaluated to insure that they are compatible with new traffic patterns  Routing domains must be kept separate IP CORE L3 PC SERVER LAN ACCESS L2 DATACENTER SECURITY SERVICES VN ACCESS SECURITY SERVICES MPLS WAN VN CE RTR VN REMOTE LAN ACCESS L2 VN SERVER/BLADE SERVER … LAN NIC/SW SRVR

8 Access control to specific services should be based on defined policies and community groups as the enterprise edge blurs  Remote and mobile application access will drive the need for heightened network access as well as user and device security.  Successful authentication will determine network and server privileges.  User access control is generally part of the each stage of the implementation.  Increasing remote network access drives the need for login and client side device screening prior to providing systems access. IP CORE L3 PC SERVER LAN ACCESS L2 DATACENTER SECURITY SERVICES VN ACCESS SECURITY SERVICES MPLS WAN VN CE RTR VN REMOTE LAN ACCESS L2 VN SERVER/BLADE SERVER … LAN NIC/SW SRVR INTERNET PC FIXED MOBILE/WIRELESS

9 Another approach…what are the different planes of the network and nodes?  Management plane defines how the nodes are managed.  Service plane offers network services like security, or application forwarding.  Control place is responsible for specifying how the forwarding plane forwards the packets.  Forwarding plane is responsible for the transport of the packets. MANAGEMENT PLANE SERVICE PLANE FORWARDING PLANE CONTROL PLANE

10 What does Dynamic Data Center mean to the services plane?  Services Plane includes  Security – firewalls, security zones, intrusion detection and prevention  Application forwarding – server load balancing, SSL acceleration, WAN optimization, XML gateways, caching  Operations – traffic probes  Virtualized services deliver much like virtualized servers  One big physical node partitioned into multiple logical nodes  Appliance vs. integrated packaging options (i.e., switch modules)  Location independence requirement  Centralized intelligence and policy management simplifies operations and regulatory compliance MANAGEMENT PLANE SERVICE PLANE FORWARDING PLANE CONTROL PLANE IP CORE L3 LAN ACCESS L2 SECURITY SERVICES APPLICATION FORWARDING OPERATIONS IP CORE L3 LAN ACCESS L2

11 What does Dynamic Data Center mean to the management plane?  Control visibility and administrative capabilities to the appropriate logical resources rather than physical  Solutions highly dependent on vendor and product implementations  Examples:  VLANs and MPLS VPNs virtualizes the forwarding and control planes, but do not provide separate management planes – i.e., there is a single logical/physical node  Products have started coming to market with virtualized management planes  Cisco Catalyst Service Module contexts (Firewall, Application Control)  Juniper JUNOS Virtual Router capabilities and features MANAGEMENT PLANE SERVICE PLANE FORWARDING PLANE CONTROL PLANE IP CORE L3 LAN ACCESS L2 SECURITY SERVICES APPLICATION FORWARDING OPERATIONS IP CORE L3 LAN ACCESS L2 BA C A A C ABC MANAGEMENT BODIES

12 Networks for dynamic infrastructures must become flexible, responsive and managed together with the rest of the IT infrastructure Switch and specialized device sprawl Switch and specialized device virtualization Network virtualization Network services provisioning Server and storage provisioning Server network access virtualization Server and storage device virtualization Server and storage sprawl Scale-out complexityConsolidationVirtualizationDynamic Network Server/Storage Vision without action is a daydream Action without vision is a nightmare

Download ppt "The role of networking in the Dynamic Data Center Niels Friis-Hansen Senior IT Specialist, CCIE IBM Communication & Collaboration."

Similar presentations

M A Wajid Tanveer http://www.IctDirector.com Infrastructure M A Wajid Tanveer http://www.IctDirector.com.

M A Wajid Tanveer Infrastructure M A Wajid Tanveer
Chapter 7: Intranet LAN Design

Chapter 7: Intranet LAN Design
Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 E-VPN and Data Center R. Aggarwal

Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 E-VPN and Data Center R. Aggarwal
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.
The Case for Enterprise Ready Virtual Private Clouds Timothy Wood, Alexandre Gerber *, K.K. Ramakrishnan *, Jacobus van der Merwe *, and Prashant Shenoy.

The Case for Enterprise Ready Virtual Private Clouds Timothy Wood, Alexandre Gerber *, K.K. Ramakrishnan *, Jacobus van der Merwe *, and Prashant Shenoy.
ITGS: MUST KNOW TERMS NETWORK. Internet Global system of interconnected computer networks that use the standard Internet Protocol Suite (TCP/IP) to serve.

ITGS: MUST KNOW TERMS NETWORK. Internet Global system of interconnected computer networks that use the standard Internet Protocol Suite (TCP/IP) to serve.
Module 5 - Switches CCNA 3 version 3.0 Cabrillo College.

Module 5 - Switches CCNA 3 version 3.0 Cabrillo College.
Campus LAN Overview. Objectives Identify the technical considerations in campus LAN design Identify the business considerations in campus LAN design Describe.

Campus LAN Overview. Objectives Identify the technical considerations in campus LAN design Identify the business considerations in campus LAN design Describe.
Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.

Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.
1 Version 3.0 Module 8 Virtual LANs. 2 Version 3.0.

1 Version 3.0 Module 8 Virtual LANs. 2 Version 3.0.
Ch.6 - Switches CCNA 3 version 3.0.

Ch.6 - Switches CCNA 3 version 3.0.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
1 Chapter 8 Local Area Networks - Internetworking.

1 Chapter 8 Local Area Networks - Internetworking.
Cisco Confidential 1 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Small Business RV320/RV325 Product Overview.

Cisco Confidential 1 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Small Business RV320/RV325 Product Overview.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.
CISCO NETWORKING ACADEMY Chabot College ELEC 99.08 Router Introduction.

CISCO NETWORKING ACADEMY Chabot College ELEC Router Introduction.
Copyright Microsoft Corp. 2006 Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.

Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.
Network+ Guide to Networks 6 th Edition Chapter 10 Virtual Networks and Remote Access.

Network+ Guide to Networks 6 th Edition Chapter 10 Virtual Networks and Remote Access.
NETWORKS – NETWORK FUNDAMENTALS. How do computers connect to each other? Wired vs. Wireless Network cards Special device on computer that lets the computer.

NETWORKS – NETWORK FUNDAMENTALS. How do computers connect to each other? Wired vs. Wireless Network cards Special device on computer that lets the computer.

Similar presentations

Ads by Google