9th sdn expert group seminar - session1

Modern SDN Solutions for

Data Centers

ROB SHERWOOD, CHIEF TECHNOLOGY OFFICER

JULY 2015

OUTLINE

• Technology Philosophy

– Open SDN Fabrics

• Company Overview

• Two SDN Products

– Big Tap Monitoring Fabric

– Big Cloud Fabric

(c) 2015, BIG SWITCH NETWORKS, INC. PROPRIETARY AND CONFIDENTIAL

Technology Philosophy

OPEN SDN FABRICS


Do you ?

We take network designs proven in hyperscale data centers and

adapt them as products for enterprise and service provider use

HYPERSCALE DATA CENTER R&D LEADERSHIPThey Are Leading the Charge


ALIGNMENT WITH GOOGLE DC NETWORKINGBig Switch Architecture: Open SDN Fabric


Project Jupiter

Ref: https://www.youtube.com/watch?v=FaAZAII2x0w

Google DC Networking Principle

Big Switch Architecture(Open SDN Fabric)

Merchant Silicon✓

(Merchant silicon based

Open networking HW)

Centralized Control ✓(SDN Controller)

Clos Topology ✓(Clos Fabric)

https://www.youtube.com/watch?v=FaAZAII2x0w

BIG SWITCH PORTFOLIO – OPEN SDN FABRICS

BIG TAP

CONTROLLER

SWITCH LIGHT™ OS

ONIE BOOT LOADER

BIG CLOUD

FABRIC

CONTROLLER

• ONIE: Open Network Install Environment• See HCL for HW Support Details

10G/40G

(Trident-II)1G/10G/40G


EVOLUTION OF SDN ARCHITECTURESErector Set Fit for Purpose


SDN in 2010 SDN in 2015

“ONE BIG SWITCH”Disaggregation of the “MainFrame”

Traditional Chassis Pair

FABRIC CARD

SUPERVISOR(S

)

LINE CARD(S)

LINE CARD

LINE CARD

LINE CARD

LINE CARD

LINE CARD

SUPERVISOR

2

FA

BR

IC

CA

RD

FA

BR

IC

CA

RD

LINE CARD

LINE CARD

LINE CARD

LINE CARD

LINE CARD

SUPERVISOR

1

FA

BR

IC

CA

RD

FA

BR

IC

CA

RD

LINE CARD

LINE CARD

LINE CARD

LINE CARD

LINE CARD

SUPERVISOR

2

FA

BR

IC

CA

RD

FA

BR

IC

CA

RD

LINE CARD

LINE CARD

LINE CARD

LINE CARD

LINE CARD

SUPERVISOR

1

FA

BR

IC

CA

RD

FA

BR

IC

CA

RD

BIG CLOUD

FABRIC

CONTROLLER

HierarchicalControl Plane

1 3

SPINE SWITCHES

2

10G/40G

Backplane

41 32 4

COMPUTE

WORKLOAD

SERVICES &

CONNECTIVITY

RACKS

COMPUTE WORKLOAD

LEAF SWITCHES

Physical&

VirtualWorkloads

1G/ 10G/40G

Workloads

• Disaggregated frame – One “Big Switch”

• Open, Simple, Economical, Vendor Choice, Scale-out

• Traditional frame design

• Single point of management

• Proprietary, Expensive, Lock-in, Fixed Slots


NET

NET

NET

SDN & Clos Fabric Necessary for NetFrame Disaggregation

BIG SWITCH PORTFOLIO – OPEN SDN FABRICSReplaces Network Packet Broker or Data Center Switch


VISIBILITY TOOLS

NETWORK PERF MONITORING

APPLICATION PERF MONITORING

SECURITY TOOLS

VOIP MONITORING

PR

OD

UC

TIO

N

NETW

OR

K

TAP

& S

PA

N P

OR

TS

WORKLOADS1/10/40G ETHERNET SWITCH FABRIC

FIL

TER

P

OR

TS

SERVICE PORTS

DELI

VER

Y P

OR

TS

OptionalNPBNPB

1 32

1G/ 10G/40G

Workloads

10G/40G

Backplane

Big CloudFabric

Big TapMonitoring

Fabric

Company Overview

INVESTORS AND BOARDKey industry thought leaders

13

Bill Meehan (Board) • Lecturer, Stanford GSB• Former Head of McKinsey High-Tech, Venture Practices;

Board of Juniper Networks

Michelangelo Volpi (Board)• Partner, Index Ventures• Former SVP, Cisco; Board Member, Ericsson

Mark Leslie (Board) • Former CEO Veritas, Lecturer Stanford GSB• Former Board Member of VMware, NetApp, Avaya

Tony Bates (Board)• President, GoPro• Former SVP, Cisco; EVP Business Development,

Microsoft; CEO, Skype

Michael Dell (Angel Investor)• CEO, Dell

Douglas Murray, CEO (Board) • Former SVP, Asia-Pacific, Japan & GC; SVP & GM at

Juniper Networks Security BU; • Former Exec at Extreme, Sun and AT&T• Former Board, FireEye, Altor

Kyle Forster, Founder (Board)• Founder, Big Switch• Former Cisco Product Management and Strategy

Satish Dharmaraj• Partner, Redpoint• Former CEO, Zimbra


BIG SWITCH NETWORKSMarket Momentum


Customer/Revenue Traction:

• 5 quarters of 30-40% sequential growth, $1M+ BCF & BT customers

• 1st ELA on both BCF & Big Tap products

• Top customers expanding footprints (additional $1M deals in 2015)

• Customers in North America, EMEA, Expansion to Japan, Korea. Dell partnership.

Benefits Seen by Customers:

• Operational Efficiencies – single mgmt. point & scale-out fabric, not box-by-box complexity.

• 50%+ CapEx savings, ongoing OpEx benefits including via Analytics

Industry Recognition:

• Gartner Cool Vendor 2015 (Enterprise Networking)

• Best of Interop SDN Finalist

(VMware NSX, Cisco ACI, Big Switch BCF)

FREE PRODUCT TRIAL ONLINE WITH BSN LABS


Both

Products

Create free

account now at

http://labs.bigswitc

h.com

OUTLINE

• Technology Philosophy

– Open SDN Fabrics

• Company Overview

• Two SDN Products

– Big Tap Monitoring Fabric

– Big Cloud Fabric


Big Tap Monitoring Fabric

EVERY ORGANIZATION NEEDS TO MONITOR...

© 2015, BIG SWITCH NETWORKS, INC. PROPRIETARY AND CONFIDENTIAL18

Application

Performance

Monitoring

Network

Performance

Monitoring

Security

Monitoring

Traffic

Analytics /

Recorders

Customer

Experience

Monitoring

TOO

LSTR

AD

ITIO

NA

L

NPB

s B

ASED

MO

NIT

OR

ING VISIBILITY TOOLS

NETWORK PERF

MONITORING

APPLICATION PERF

MONITORING

SECURITY TOOLS

VOIP MONITORINGPR

OD

UC

TIO

N N

ETW

OR

K

TAP

& S

PA

N P

OR

TS

WORKLOADS NETWORK PACKET BROKERS

ISSU

ES

Complex (Box-by-Box)

Proprietary

Expensive

NETWORK MONITORING INFRASTRUCTURE TRENDSHow do you enable Pervasive Visibility?

19 (c) 2015, BIG SWITCH NETWORKS, INC.

• Complex • Proprietary • Expensive

• Monitor Everywhere

• Share Tools Across

Teams (security, ops, …)

• Scale-out Monitoring

Infrastructure

NETWORK MONITORING EVOLUTION2nd Generation 3rd Generation SDN-based Approach


SECOND GENERATION ARCHIITECTURE

TAP AND TOOL SILOS WITH NETWORK PACKET BROKERS

SPAN

SPAN

TAP 1/10G

TAP 1/10G

NPB

NPB

NPB

THIRD GENERATION ARCHIITECTURE

MULTI-TENTANT SDN MONITORING FABRICS FOR TAP SHARING

Control

Network

NPB NPB

Ba

re M

eta

l Ba

sed

Sc

ala

ble

Fa

bric

1/10/40 GETool

Farm

NPB

Services

Big Tap Controller

SPAN

SPAN

TAP 10/40G

TAP 1/10G

Monitored Traffic

BIG TAP MONITORING FABRICSimple, Scalable, Economical


• Simple to Provision

• Simple to Manage

• Simple to Troubleshoot

• Centralized Programmability

Simple

• Monitor Any Rack (1000’s of Links)

• Monitor Any Location

• 1/10/40G Performance

• Elastic Infrastructure

Scalable

• Over 60% Reduction in

Total Cost of

Ownership

• Reduced CapEx

• Reduced OpEx

Economical

BIG TAP MONITORING FABRICBest Monitoring Fabric for Pervasive Security & Visibility

BIG TAP CONTROLLER

FIL

TER

P

OR

TS

DELI

VER

Y

PO

RTS

SERVICE PORTS

VISIBILITY TOOLS

NETWORK PERF MONITORING

APPLICATION PERF MONITORING

SECURITY TOOLS

VOIP MONITORING

PR

OD

UC

TIO

N

NETW

OR

K

TAP

& S

PA

N P

OR

TS

SWITCH LIGHT™ OSOPEN NETWORK LINUX

1/10/40G ETHERNET SWITCH FABRIC

OptionalNPB NPB

WORKLOADS

BROWNFIELD NETWORK ETHERNET SWITCHING FABRIC WITH NPB SERVICE NODES CENTRALIZED TOOL FARM

(c) 2015, BIG SWITCH NETWORKS, INC.22

USE CASE 1: PERVASIVE SECURITY / TAP EVERY RACK

23

CentralizedTool Farm

(c) 2015, BIG SWITCH NETWORKS, INC.

Tier-1 US Financial Services Institution

• Centralized tool farm for 120 racks

• Mix of 1GE, 10GE and 40GE taps and tools

• Re-used legacy NPBs as ‘service nodes’

USE CASE 1: PERVASIVE SECURITY / TAP EVERY RACK

24

CentralizedTool Farm

(c) 2015, BIG SWITCH NETWORKS, INC.

USE CASE 2: MOBILE / LTE NETWORK MONITORINGEnabling Advanced Monitoring for Mobile Core Networks


SPAN SPAN

4G

(eNode B)

RAN MOBILE CORE / DATA CENTER

3G

S5/S8S1-U

S12

SGi

TA

P

TA

P

TA

P

TA

P

SPAN

TA

P

TA

P

SPAN

S-GW P-GW

NPB

MONITORING FABRIC

NPB

Big Tap Controller

Tier-1 Mobile Service Providers in Japan

• Scale-out Deployment: 1K+ Taps, growing to 5K+

• Support for matching multiple 3G/4G/LTE protocols

• Load Balance traffic to multiple tools (3rd party/Internal)

USE CASE 2: MOBILE / LTE NETWORK MONITORINGEnabling Advanced Monitoring for Mobile Core Networks


SPAN SPAN

4G

(eNode B)

RAN MOBILE CORE / DATA CENTER

3G

S5/S8S1-U

S12

SGi

TA

P

TA

P

TA

P

TA

P

SPAN

TA

P

TA

P

SPAN

S-GW P-GW

NPB

MONITORING FABRIC

NPB

Big Tap Controller

Flexible & Deeper

Packet Matching

Policies based on Tunnel

End-point ID (TEID), GTP

version, SCTP port number,

etc.

Match inner headers of

encapsulated packets like

VXLAN, MPLS... (up to 128

bytes)

Replicate and load

balance traffic to any tool

CUSTOMER VALIDATIONS


“…We have a number of packet analysis tools and we were using Gigamon to gatherpackets, but when you want to gather packets from everywhere that price point gets toohigh…

So we decided to go with a white box solution and Big Tap from Big Switch to gatherpackets and forward them to the tools as needed. We’re using software-definednetworking first in non-production, in our monitoring space, and evaluating where we wantto go next. It’s done well for us. We used it through our first peak of tax year 2014, whichwas in early February…

-Ted Turner, Sr. Network Engineer

BIG TAP MONITORING FABRIC: FEATURE COMPARISONS


Feature Big Tap Legacy NPBs

Filtering / Aggregation / Load Balancing

VM-to-VM Traffic monitoring

1G/10G/40G (100G on Roadmap)

Event based Policy Management / API

RBAC / TACACS+

Inter-DC Tunneling

Deeper packet Matching

Service Node chaining

Scale-out, Multi-tier Fabric

Specialized Functions (timestamp, de-dup) with NPB*

In-line Deployment Mode

Flow Generation

Inbuilt Packet Capture

Analytics (host/DNS/DHCP tracking)

NPB

MONITORING FABRIC

NPB

Big Tap Controller

PRODUCTION

NETWORK

TOOL FARM

Leverage Existing NPBs Efficiently

Optional NPB Service Nodes

ADVANCED DEPLOYMENT MODESScenario 1: Extending Tool Farm to Taps in Remote Locations


NPBFIL

TER

P

OR

TS

DELI

VER

Y

PO

RTS

SERVICE PORTS

MONITORING FABRIC VISIBILITY TOOLS

NETWORK PERF

MONITORING

APPLICATION PERF

MONITORING

SECURITY TOOLS

VOIP MONITORING

NPB

PRIMARY DATA CENTER

CENTRALIZED

BIG TAP CONTROLLER

REMOTE DATA CENTER(S)

L2-GRE Tunnels

REM

OTE

FP

TUN

NEL

PO

RTS

PRODUCTION TAP & SPAN

Remote Location Monitoring:Trouble-shoot network problems in remote locations

via centralized tools

ADVANCED DEPLOYMENT MODESScenario 2: Pervasive Security with Inline Deployment Mode


CENTRALIZED

OUT-OF-BAND

TOOL FARM

INLINE TOOL CHAINS

TRAFFIC DISTRIBUTION / LOAD SHARING

BIG TAP

CONTROLLER

PERIMETER FIREWALL

DMZ FIREWALL

1/10/40G

ETHERNET SWITCH

TRUSTED ZONE

DATA CENTER / ENTERPRISE / CAMPUS

UNTRUSTED ZONEACL BASED

SPAN

WEBPROXY

IINTRUSION PREVENTION

SSLDECRYPT

INTERNET DMZ(INLINE) (OUT OF BAND)

Big Cloud Fabric

BIG CLOUD FABRICBest Leaf-Spine Clos Fabric for Private Clouds

32

BIG CLOUD

CONTROLLER

(CLI or GUI)

SWITCH LIGHT OS SWITCH LIGHT OS SWITCH LIGHT OS

SWITCH LIGHT OS SWITCH LIGHT OS

L2 + L3 CLOS FABRIC

MANAGED BY SDN CONTROLLER

OPENSTACK & VMWARE

Single Programmatic Interface

for up to 16-Rack Fabric

SDN CONTROLLER

Full Automation for Provisioning,

HA/Resiliency & Management

L2 + L3 CLOS FABRIC

Native VM Mobility Across

640+ Servers/Nodes

SWITCH LIGHT OS

Open Network Linux (ONL) Based

OS for Dell-ON or Whitebox Switches

Whitebox

Switchesor

Other Servers & Storage

or

(c) 2015, BIG SWITCH NETWORKS, INC.32

POD-LEVEL DEPLOYMENTInter-operate with Existing PODs in Data Center


Data Center

Core Routers

L3L2

L3L2

Example BCF PODs:• Private Cloud: Dev/Test• Analytics (Hadoop)• VDI• Server Virtualization (vSphere)• SDN Underlay (e.g. NSX)

Internet/WA

N

Big Cloud Fabric

Controller

RACK NRACK N-

1RACK 2RACK 1

INGRESS/EGRESS

40G

10G

Big Cloud Fabric

Controller

RACK NRACK N-

1RACK 2RACK 1

INGRESS/EGRESS

40G

10G

! tenant

tenant BLUE

logical-router

route 0.0.0.0/24 tenant system

interface segment web

ip address 10.1.1.254/24

segment web

member-port-group pg-bm0 vlan 20

WHY CUSTOMERS BUY: 1) SIMPLICITY

External Core

Router

WEB WEB APP APP DB DB

Segment-Web Segment-DB

MULTIPLE L2 SEGMENTS

Segment-App

Logical Router

(w/ policy)

LB

FWTENANT BLUE

Application Agility(Logical Networking,

Provisioning Templates)

Hitless FabricUpgrade

~15Minutes

Rapid Upgrade(Controller coordinated)

Zero-Touch Fabric(REST APIs, GUI, CLI)

BoxbyBox

Feature Big Cloud Fabric

Switch OS Install Automatic

LinkAggregation

Automatic

Fabric Formation

Automatic

Trouble-shooting Fabric-wide

L4-7 Service Chaining

Declarative (per tenant)

Add/Remove/Update Fabric

Automatic

Fabric Visibility Controller or API

BoxbyBox

BoxbyBox

16 racks, 40 devices


WHY CUSTOMERS BUY: 2) RESILIENCY @ SCALEChaos Monkey Resilience proves BCF is Best in class HA at Scale


Chaos Monkey Testing: 42k simulated

End-points/VMs of background load

and 640+ forced component failures

during the “under stress” test runs

32 leaf / 6 spine / 16 rack pod

Controller fail-over every 30 seconds

Switch fail-over every 8 seconds

Link fail-over every 4 seconds

Conclusion: 640 component failures in 30 minutes with no

impact on application performance

WHY CUSTOMERS BUY: 3) DESIGNBest in class operational support tools


Rapid flow tracing and Trouble-shooting

Fabric Trace Fabric Analytics

Unprecedented visibility and analytics

• Physical Fabric

• Tenants

• Virtual Network

• Vmware – vSphere & NSX-v

Fabric Programmability

DevOps Automation

Controller is single point of API Interaction

• Scalable & Fast transactions

dt-controller1# debug rest

***** Enabled display rest mode *****

dt-controller1# show tenant blue

REST-POST: POST http://127.0.0.1:8080/api/v1/data/controller/core/aaa/audit-event {"attribute": [{"value": ”show tenant blue", "key": "cmd_args"}], "event-type": "cli.command", "session-cookie": "yx6pjq6cwo5YXZwHsDyw6Z_3Zm5PITwE”}

REST-POST: http://127.0.0.1:8080/api/v1/data/controller/core/aaa/audit-event done

SDN NECESSARY FOR API SCALING & RESPONSE TIME

Box-by-box Networking

Vendor 1 SW

Vendor 1 HW

Vendor 1 SW

Vendor 1 HW

Vendor 1 SW

Vendor 1 HW

Vendor 1 SW

Vendor 1 HW

Vendor 1 SW

Vendor 1 HW

• Box-by-box, NetOps complexity

• Now w/ DevOps Programmability

• Expensive, Vendor lock-in

Many API

Interfaces

Open SDN Fabric

SWITCH LIGHT OS SWITCH LIGHT OS SWITCH LIGHT OS

SWITCH LIGHT OS SWITCH LIGHT OS

L2 + L3 CLOS FABRIC


BIG CLOUD

CONTROLLER

(CLI, GUI, API)

• Single point of management

• NetOps + DevOps

• Lower Capex & OpEx,

Vendor Choice

Single API Interface

(Scalable, Fast)


BIG CLOUD FABRIC 2.6 - VCENTER INTEGRATIONL2 Network Automation


BCF automates the L2 network segment creation to match the vCenter port-group configuration

BIG CLOUD FABRIC – TENANT TOPOLOGY & ANALYTICS


Tenant Logical Topology

Fabric Analytics for vCenter Integration

BCF UNDERLAY FOR NSX-vOptimal SDN Architecture across Overlay and Underlay


BCF Support for VMware NSX-v

vCenter

NSX

Manager

L2 + L3 CLOS FABRIC


BCF

Controller

NSX + BCF Advantages• Fabric Automation• Underlay Trouble-shooting• Underlay Analytics/Visibility

SDN OverlayOne Logical

vSwitch

SDN UnderlayOne Logical

pSwitch

Resources:

• Video demo

• Blog

• Webinar

http://www.bigswitch.com/videos/demo-big-cloud-fabric-support-for-vmware-nsx

http://www.bigswitch.com/blog/2015/05/11/big-cloud-fabric-26-designed-for-vmware-vsphere-and-nsx

http://www.bigswitch.com/?q=vef/load/53a3654dfdebc3e8a90631ee10033b66&width=640px&height=363

FREE PRODUCT TRIAL ONLINE WITH BSN LABS


Both

Products

Create free

account now at

http://labs.bigswitc

h.com

Thank you

9th sdn expert group seminar - session1

Technology

big switch open

big switch networks

big switch disaggregation

open sdn fabric c

confidential sdn

data center switch c

modern sdn solutions

purpose c