© 2013 IBM Corporation

Software Defined Networkingbased System Intelligence

Renato Recio

IBM Fellow &System Networking CTO

Network Service Apps

SDN Controller OS

NOS DOVE OF DriverSDN Platform

© 2013 IBM Corporation

Tough reality:Life is not fair

…for Networking Professionals

© 2013 IBM Corporation3

Comparing servers, storage and networkProgrammable by

orchestration application

Orchestration

Application

Virtualization layer (Hypervisor)

Ap

ach

e

Websh

ere

DB

2

Virtualized System

Servers ? Network

Virtualization layer (NAS, SCSI LUNs, SVC ….)

Virtualized Storage

LUN 2LUN 1

NAS

Storage

Statically provisioned Box level scale PhD in vendor hardware Under utilized

Lack API ecosystem

& programmability

Dynamically provisioned Scalable capacity Abstracted HW complexity Highly utilized storage

Dynamically provisioned Scalable capacity Abstracted HW complexity Highly utilized servers

Analytics & API based data placement that balance storage performance & cost

Client value examples: Policy based automation

that uses analytics to model workload requirements

Client issues: John Manville, Cisco IT SVP

“It takes about 5 days from an end-end point of view to provision something like that (a multi-tier system).”

© 2013 IBM Corporation4

Getting life back for the Network Administrator

Dynamically provisioned

Scalable capacity

Abstracted HW complexity

Highly utilized networkNetwork Hypervisor

Tenant 2 cloud Tenant 1 cloud

Open SDN Platform

Open SDN Controller

Apps and ServicesPath

ServiceConnectivity

Service …

Control PlaneLayer (Native)

OverlayLayer (VXLAN)

Programmable by orchestration applicationOrchestration

Application

LinkLayer

Data Plane Layer (OF)

SecurityAppliance

© 2013 IBM Corporation5

Smarter Commerce Example

Service

Buy

Sell

Market

Superbowl

add

e Big Data Analytics

detect social

media spike

Supply chain

updated

Target

marketing

Web

transactions

Update for

brick & mortar

In-store

transactions

Client

follow-up

Channel

follow-up

13

2

4

6

5

7

PhysicalFabric

NetworkHypervisor

Clients require fast response to market demands

For the above to be possible, 5 days needs to be minutes.

IntrusionPrevention

Firewall

Web Servers Application Server

FirewallLoad

Balancer

DatabaseCluster

© 2013 IBM Corporation6

Software Defined Networking Requirements

Automate connectivity of multi-tier system patterns (Lower OpEx)

Hyperscale(Lower CapEx)

De-couple virtual network from physical network (Lower OpEx)

Flow optimization (Lower CapEx)

Provide global network visibility with “real-time” control (Lower CapEx)

New network interaction paradigm (Lower OpEx)

Tenant 1 cloud

Network Hypervisor

Tenant 2 cloud

Site A Site BStorage

Firewall

Web Server

Database

Application Server

IntrusionPrevention

Hoursto Days

Minutes

© 2013 IBM Corporation7

What disruptive technologiesenable a betternetworking life?

Converged Ethernet,

Network Virtualization, &

Software Defined Networking

© 2013 IBM Corporation8

Disruptive Technology Trend: SDN

Industry

Apps

Closed

Eco-systemNetwork OS

Data

Plane HW

Mgt Plane

Control Plane

• Orchestration loop lacks network feedback• Labor intensive system orchestration• Network oblivious to App requirements• No App eco-system• Closed APIs for Network Apps• Closed OS & protocols (vendor lock-in)• Merchant silicon HW

• Orchestration loop includesnetwork feedback

• Automated system orchestration

• Network cognizant of App• App eco-system• Open APIs for Network Apps• Open OS & protocols• Merchant silicon HWSDN Controller

Cluster

Mgt Plane

Control Plane

Network

Ctrl Apps

OpenDaylight

SDN-enabled

switches

vSwitchHW Switch

SDN ProtocolsData Plane

network

integration

cloud securitysvc

mgmnt

Capability

Time

Reference: Clayton M. Christensen, The innovator's dilemma: when new technologies cause great firms to fail

www.opendaylight.org

9

What is Project Open Daylight?Daylight is an open source project under the Linux Foundationwith the mutual goal of furthering SDN adoption and innovation

through the creation of a common industry supported framework.

Platinum

Gold

Silver

Members

OpenFlow other std. protocols(ONF, IETF, …)

base network service functions

GUI

extensions / addn’l svcs

vendor-specific

interfaces

OpenDaylight APIs (REST)

virtual network manager

integration

service abstraction layer (plug-in mgr., capability abstractions, …)

1.0 1.3

SAN(SMI-S)

topology mgr

statsmgr

switch / device

mgrL4-L7 service

manager

fwding

multi-tenant virtual

networks

L4-L7 service

abstractions

storage services

OpenStackNeutron

CloudStack oVirt …CLI

hw-independent interfaces and data models

virtual forwarding

enhancements

Open switch

API

inte

r-co

ntro

ller

co

mm

…

Ne

two

rk A

pp

s&

Orc

hes

trati

on

Co

ntr

oll

er

Pla

tfo

rmP

hys

ica

l &

Vir

tua

l

Netw

ork

Devic

es

Members as of June 25, 2013 and growing

www.opendaylight.org

OpenDaylight Goals, Community and

Code update Goal

Robust, extensible, open source SDN code base (Eclipse Public License, EPL)

Broad industry acceptance (among vendors & users)

Thriving & growing community (code & products)

Project bootstrapped with significant amount of working code

available for download

Cisco ONE controller with OpenFlow (~125K)

BigSwitch Networks OpenFlow controller and virtualization app (~250K)

IBM OpenFlow applications (~50K)

New project proposals over the last 2 months

Open DOVE (IBM)

LISP Mapping Service (ConteXtream)

YANG tools, BGP and PCEP (Cisco)

OpenDefenseFlow (Radware)

On track for 4Q/13 code release

Technical architecture released June, 2013

Held 3 well-attended “hackfests” in Bay Area & Portland, planning additional events

10

OpenFlow 1.3 (Ericsson, IBM, Cisco, Pantheon)

Affinity Metadata Language (Plexxi)

OVSDB Integration (Univ. of Kentucky)

Ethernet switch commodity plug-in (ITRI/Taiwan)

© 2013 IBM Corporation

How can these technology discontinuities address client System Networking requirements?

© 2013 IBM Corporation12

HorizontalOr VerticalConsumptionModels

PoD

DC2DC1

IBM Software Defined Networking Strategy

• Dynamic virtual system provisioning• Lower cost, virtual appliances• Software Defined Network platform,

enables Apps to control the network.

SDN-VE Platform – Programmability

• Workload aware networking• Configure-once fabric. Period.• Abstracted hardware complexity

DOVE Network Hypervisor – SimpleTenant 1 cloud Tenant 2 cloud

Network Hypervisor

Cloud/Data Center

Provisioning Platforms

• Ethernet: Converged , scalable• OpenFlow: Global visibility, scalable,

path level control• Both: End-end quality of service

Ethernet & OpenFlow – Optimized

SDN AppsPath

ServiceConnectivity

Service

SDN-VE Platform

Open SDN ControllerControl PlaneLayer (Native)

OverlayLayer (VXLAN)

LinkLayer

Data PlaneLayer (OF)

Load Balancer

Firewall …

© 2013 IBM Corporation13

• 0.25 Rack• No TORs• 14 Servers

4x 8316 spines (16x 40GE each)

IBM SDN Scaling ExamplesOptimized

Traditional Layer-2/3

– Distributed control plane

– Large VM scale with DOVE

– HA with fast convergence

– Established technology

SDN stack with OpenFlow

– Clustered control plane

– Large VM scale

– HA with fast convergence

– Emerging technology

336 servers in 8 racks

(42 servers per rack),,

672 10 GE ports,

3:8:1 oversubscription

Each rack has 2x 8264 TORs

• 1-4 Racks• TORs• Up to 224 Servers

• 1-2 Racks• No TORs• Up to 112 Servers

© 2013 IBM Corporation14

SDN-VE: A hypervisor for the network

SDN for Virtual Environments (SDN-VE) is based on IBM’s

Distributed Overlay Virtual Ethernet (DOVE) networking technology

SDE-VE uses existing IP infrastructure: No change to existing network

Provides server-based connectivity for virtual workloads

Existing IP Network

Hypervisor

VM VM VM

IBM SDN VE vSwitch

Hypervisor

VM VM VM

IBM SDN VE vSwitch

Hypervisor

VM VM VM

IBM SDN VE vSwitch

Virtual Appliance

Cluster

IBM SDN VE Management

Console

IBM SDN VE

Virtualized

Network

VM

VM

VM

Virtual Appliance

Cluster

IBM SDN VE Connectivity

Server

VLAN Extension of DOVE

VN3 to non-DOVE aware

network devices

(e.g. servers / appliances)

VN3 mapped VLAN

IBM SDN VE

Gateway

Existing

IP Network

Automated

© 2013 IBM Corporation15

Hypervisor Platforms

IBM’s Open Stack based Strategy

OpenStack IaaS APIs

OpenStack Solutions

PureSystemsSolutions

IBM Cloud Solutions

3rd Party Solutions

Security & Authentication

IBM DB2 support

TechnicalComputingSolutions

OVF Images

Cinder

drivers

Nova

Compute

drivers

storage

IBM StorageIBM Servers

drivers

Network

IBM & Partner Network

Neutron

Enterprise Solutions

Deliver Optimization

Contribute Platform Support

SmartCloud Entry SmartCloud Orchestration PureSystem (integrated)

Live upgrades Security and authentication Membership services Globalization translation integration QA enhancements Support key IBM middleware

Automated service connectivity End-end (overlay-underlay)

optimization Open Daylight based SDN IBM server enablement Block storage enablement Cross platform test and assurance

SDN-VE

Open Daylight

Apps and Services

Overlay(DOVE)

ControlPlane

OpenFlowvCenter SC VMM

PowerVC zManager

RHEV-M

(oVirt)

Storage Virtualization Platforms

FileBlock Object

Integrated

© 2013 IBM Corporation16

SDN integration with OpenStack & SmartCloud

IBM SDN-VE Distributed Overlay Virtual Ethernet (DOVE)– De-couples virtual network from physical network

– Supports multi-tenancy at scale

– Consists of software running in the SDN-VE controllerand in each Hypervisor’s virtual switch.

– VMware DOVE switch available now, investing in: KVM, Power and other Hypervisor DOVE switches

Integrated

Physical Network

IntrusionPrevention

Firewall

Web ServerDOVE Domain

App ServerDOVE Domain

FirewallLoad

Balancer

Database ClusterDOVE Domain

SDN-VE provides a connectivity service used to automate the creation & optimization of multi-tier virtual systems, including the network appliances used between them. Done through:– OpenStack Neutron based APIs : service chain connectivity policy

& service appliance policy based configuration.

SmartCloud EntryAutomate IT Delivery

drivers

Neutron

SDN Apps

SDN-VE Platform

OpenDaylight

Connectivity Service

IPS FirewallLoad

Balancer

Agnostic to underlying, physical network– Physical network can be IBM, partner or competitor.

– Agents provide end-end (overlay-underlay) optimization

– Simple “configure once” physical network, which doesn’t have to be configured per VM or per tenant.

Network Hypervisor

Power

VM VM

DOVEVMware

VM

DOVE

VM

KVM

VM VM

DOVE

…

Physical AgentDrivers (OF, …)

Overlay Driver (DOVE)

© 2013 IBM Corporation17

IBM Systems Networking SDN products and 2013 product investments

Ne

two

rkV

irtu

ali

za

tio

nC

on

tro

ller

Pla

tfo

rms

Op

en

Flo

wP

hys

ica

lS

wit

ch

es

standards-compliantlayer-2 virtual switch

GA 2/2012

DVS 5000V Controller

GA 2/2012IBM PNC(OF Ctrl)

GA 10/2012

OF 1.0 10GE switch

GA 11/2011 AdditionalOpenFlowenabled

IBM Switches

DOVE: multi-tenant network virtualization

6/2013

IBM SDN-VE6/2013

Advanced Connectivity Service

with Application chaining

AdditionalDOVE enabled

vSwitches

OpenFlowSpec Currency

ReleaseOF 1.3.1

© 2013 IBM Corporation18

SDN-VE Summary

•Automated multi-tier connectivity•Traffic optimized end-end•Open source, open API network ecosystem

SDN Platform – SDN-VE Controller

•Virtualizes the physical network thru a Network Hypervisor

•Enables a “wire once” physical network•Interoperable with existing client network

Network Hypervisor – DOVE Network

•Global network visibility & control•Provides end-end feedback to SDN-VE•Simplified scalability

Optimized Fabric – Ethernet & OpenFlow

Cloud/Data Center

Provisioning Platforms

HorizontalOr VerticalConsumptionModels

PoD

DC2DC1

Tenant 1 cloud Tenant 2 cloud

Network Hypervisor

Services and AppsPath

ServiceConnectivity

Service

SDN-VE Platform

Open SDN ControllerControl PlaneLayer (Native)

OverlayLayer (DOVE)

LinkLayer

Data PlaneLayer (OF)

Load Balancer

Firewall …

© 2013 IBM Corporation19

© 2013 IBM Corporation20

Renato J RecioIBM Fellow & Systems

Networking CTO

11400 Burnett Road

Austin, TX 78758

512 973 2217

recio@us.ibm.com

Thank You