WAN - Packet Pushers Future of Networking Summit - Interop Las Vegas 2016

Transcript

1. © 2015 Packet Pushers Interactive LLC Page Future of Networking

   WAN Interop Las Vegas 2016 1

2. © 2015 Packet Pushers Interactive LLC Page Presentation Style •

   My presentation style is …. different • Going to hit a bunch of big ideas • and leave lots of pieces on the ground for you to pickup 2

3. © 2015 Packet Pushers Interactive LLC Page Signing a 10

   year supply contract on WAN bandwidth with 3 year termination clause vs Public Cloud ? 3

4. © 2015 Packet Pushers Interactive LLC Page 4

5. © 2015 Packet Pushers Interactive LLC Page WAN is Broken

   • WAN is 40-80% of networking budgets • WAN performance is massive issue • Routers are hard to operate and maintain 5

6. © 2015 Packet Pushers Interactive LLC Page 6

7. © 2015 Packet Pushers Interactive LLC Page 7 Source: https://twitter.com/tim_szigeti/status/717042695773036545

   Source: DM Martins Research, using data from Company Reports and Yahoo Finance

8. © 2015 Packet Pushers Interactive LLC Page What Does the

   WAN Do ? • Shares resources in the data centre • Line of Business applications • Supporting apps - HR, Accounting, • Email, Messaging/Voice, • Internet • IP telephony • used for cost avoidance (not a profit centre) • replace with smartphone 8

9. © 2015 Packet Pushers Interactive LLC Page Why Dedicated Bandwidth

   ? • There was no shared bandwidth in the 1990s • You bought dedicated circuits end-to-end • L1 clocking from A to B • Packet/Frame networks allow shared backbones, oversubscription, • There was no Internet in the 1990’s • Shared bandwidth is “unnatural” state • Until the Internet proved it wasn’t “unnatural” • TCP/IP protocol is packet-based and natively multiplexed 9

10. © 2015 Packet Pushers Interactive LLC Page Do we VALUE

    WAN services ? • Service providers take months to install • Multi-year contracts for circuits • single company, non-competitive, multi year contracts • Migration is difficult 10

11. © 2015 Packet Pushers Interactive LLC Page Consumer Impact -

    1 • Smartphones mean investment is being made in Internet not private WAN • Particularly in the last mile • 4G/LTE and 5G 11

12. © 2015 Packet Pushers Interactive LLC Page Consumer Impact -

    2 • Rapid replacement of handsets/smartphones • Growing market • 5G adoption will be fast • Enterprise should be planning to use 5G 12

13. © 2015 Packet Pushers Interactive LLC Page Will We Need

    WAN do tomorrow ? • SaaS ? (HR, Accounting, Sales Tracking) • Public Cloud - new Apps 13

14. © 2015 Packet Pushers Interactive LLC Page Low Power WAN

    • Huawei NB-IOT • 10 Years on a single battery • 50000 devices per cell • Better signal than GSM (3G) 14 source: http://www.huawei.com/minisite/hwmbbf15/en/nb-iot-accelerating-cellular-iot.html

15. © 2015 Packet Pushers Interactive LLC Page 5G Networking 15

    Source: Ten key rules of 5G deployment - Nokia Networks

16. © 2015 Packet Pushers Interactive LLC Page Internet As WAN

    16 source: http://www.huawei.com/minisite/hwmbbf15/en/nb-iot-accelerating-cellular-iot.html • Can we use the internet as WAN ? • Internet is already business-critical • not everything is time sensitive however • Everyone has Internet already.

17. © 2015 Packet Pushers Interactive LLC Page Internet As WAN

    17 source: http://www.huawei.com/minisite/hwmbbf15/en/nb-iot-accelerating-cellular-iot.html • Increasing Internet bandwidth improves EVERYTHING • More bandwidth solves all problems • Internet is EVERYWHERE • already connected • provisioning delays in days instead of months ? • “cloud WAN” LOLOLOLOL

18. SD-WAN Perspectives

19. © 2015 Packet Pushers Interactive LLC Page 19 Hop-by-Hop, Device-by-Device

    Network PE PE Internet PE PE PE PE MPLS pCore PE PE Site Rtr Rtr Rtr Rtr Site PE PE Rtr Rtr PE PE Rtr Rtr DC Cloud1 Cloud2 PE PE Rtr Rtr PE PE Rtr Rtr DC Rtr Rtr Site Rtr Site © Greg Ferro 2015

20. © 2015 Packet Pushers Interactive LLC Page One Thing about

    SD-WAN • Flows not Packets 20 Server ACKs to confirm inbound session open and sends SYN to establish outbound connection Client sends SYN Packet Server receives ACK. Now has two sessions: inbound & outbound Client Server Client receives ACK to complete inbound session complete Client receives SYN, establishes outbound session, sends ACK to confirm SYN SYN/ACK ACK Packet Flow © Greg Ferro 2015 1 Flow state created from client to server 2 1 Flow state created Server to Client 2

21. © 2015 Packet Pushers Interactive LLC Page Flows of Packets

    21 Client Server Flow Appliance Server Client How Much Data Shall I Send My Buffer is 1.2MB, Send 1.2 MB Sends 1.2MB of Packets Sends 250KB of Packets My buffer overflowed © Greg Ferro 2015 Send in 1.2MB Chunks 1 3 2 Decrease Chunks to 900KB

22. © 2015 Packet Pushers Interactive LLC Page 22 - -

    MPLS VXLAN VLAN Tag VLAN or MPLS tag Flow Record Flow Record SRC/DST IP, TCP Port Flow Record © Greg Ferro 2014 Output Output Output Input Input Input Flow Table & Action VLAN Trunk Overlay Edge MPLS Edge

23. © 2015 Packet Pushers Interactive LLC Page 23 SD-WAN Device

    Managing Flow Paths End to End Flow path require a control plane - a controller is most common Next Hop Next Hop Next Hop © Greg Ferro 2015 SD-WAN Device Next Hop Next Hop Next Hop SD-WAN Device App Network Controller App © Greg Ferro 2015 ‣ Stitching flow paths needs a control plane ‣ software controller/ application is needed for this level of control

24. © 2015 Packet Pushers Interactive LLC Page 24 SD-WAN SD-WAN

    Deployment Complexity at Edge, Simplicity at Core Core © Greg Ferro 2015 Core Core Core Core Edge Edge Edge Edge 2 SD-WAN devices direct connection to WAN (LTE, Ethernet) 1 SD-WAN adds to existing edge routers 1 1 2 SD-WAN SD-WAN SD-WAN SD-WAN SD-WAN 2

25. © 2015 Packet Pushers Interactive LLC Page 25 SDN Controller

    Network Network Network Network Network Network Distributed Controller Models © Greg Ferro 2014 SDN WAN Orchestrator Controller Controller Controller Controller Controller Controller Continental Europe Continental USA Network Controller Network Network Network Network © Greg Ferro 2014 Mgmt Mgmt Mgmt Network Controller Active Clustering Mgmt Active Network Network Network Network © Greg Ferro 2014 Mgmt Mgmt Mgmt Network Controller Clustering Mgmt Network Controller Network Controller Network Controller © Greg Ferro 2014 Continental Europe Continental USA Network Network Network Network © Greg Ferro 2014 Mgmt Mgmt Mgmt Network Controller Clustering Mgmt Network Controller Network Controller Network Controller

26. © 2015 Packet Pushers Interactive LLC Page Integration of Common

    Components • SD-WAN is made of common stuff • IPSec, SSL VPN, PKI Crypto, x86 • You could DIY SD-WAN by hacking stuff together on your existing routers • some vendors are doing that • feedback on Cisco IWAN is highly negative so far. • Repurposing old ways doesn’t work • DMVPN, CLI, ACLs, Static Keys 26

27. © 2015 Packet Pushers Interactive LLC Page Visibility • Visibility

    • x86 has a lot of processing power • packet handling is superior to previous generation router platforms • SD-WAN delivers visibility as standard feature • you don’t pay extra 27

28. Advances in SD-WAN

29. © 2015 Packet Pushers Interactive LLC Page Multipath Internet •

    WAN multipathing is now a standard service • e.g. Internap now offers “Managed Internet Route Optimiser” service • selects the best path • latency, loss, bandwidth and stability 29 http://www.internap.com/resources/miro-controller-infographic/

30. © 2015 Packet Pushers Interactive LLC Page 30 Rtr Rtr

    Rtr Rtr Rtr Rtr Rtr Rtr Rtr Rtr Rtr Rtr 50% of Opex & Capex UNUSED Typical Hub/ Spoke WAN with redundancy 
 
 (only 50% used)

31. © 2015 Packet Pushers Interactive LLC Page 31 Voice -

    Full Mesh Internet Internet Internet SD SD SD SD SD SD SD SD SD SD SD SD Voice uses client-to-client any-to-any connections

32. © 2015 Packet Pushers Interactive LLC Page 32 Overlays and

    Arbitrary Topologies Internet Internet pEdge content detection Distributed Internet Gateways SD SD SD SD SD SD © Greg Ferro 2015 Send to best Internet egress

33. © 2015 Packet Pushers Interactive LLC Page 33 Overlays and

    Arbitrary Topologies DC DC pEdge content detection Dual Active Data Centers SD SD SD SD SD SD © Greg Ferro 2015 Dual Data Centre

34. © 2015 Packet Pushers Interactive LLC Page Microsegmentation • Multiple

    concurrent overlays means microsegmentation • Security can be substantially enhanced • MORE IMPORTANT, the security i 34

35. © 2015 Packet Pushers Interactive LLC Page WAN Hardware •

    WAN Hardware is now x86 for all hardware • Virtual is standard offering (inc. Cisco) 35

36. © 2015 Packet Pushers Interactive LLC Page Containers in your

    WAN appliance • All new NOS will support containers in their operating system • Current purpose is telemetry (collecting data) • Long term ? • appliances - firewalls, WAN accelerators • x86 CPU is more than enough 36 Source: http://www.cisco.com/assets/global/DK/seminarer/pdfs/XR60.pdf

37. Network Functions Virtualization

38. © 2015 Packet Pushers Interactive LLC Page NFV • Using

    virtual appliances contained in hardware routers = NFV • Using appliance VMs on x86 servers = NFV 38 ISP vRtr Internet ISP ISP vRtr vRtr ISP vRtr vRtr vRtr © Greg Ferro 2016 SVR2 SVR1 iBGP

39. © 2015 Packet Pushers Interactive LLC Page NFV 39 vLB

    vLB vLB vLB vLB vLB FW FW FW FW FW FW SVR SVR SVR SVR © Greg Ferro 2016 vLB vLB vLB vLB vLB vLB FW FW FW FW FW FW SVR SVR SVR SVR

40. © 2015 Packet Pushers Interactive LLC Page Unsolved Problems •

    If VMs can move around, how do I secure the virtual paths between VMs ? • How do I control them if they move dynamically ? • Service Chains / Network Service Headers and other encapsulations. 40

41. WAN Routing

42. © 2015 Packet Pushers Interactive LLC Page Internet as WAN

    • Private WAN vs Public WAN • Carrier MPLS vs Internet • Certain vs Uncertain • Expensive vs Cheap • Slow Provision vs Fast Provision • Value Added vs Commodity 42

43. © 2015 Packet Pushers Interactive LLC Page The Internet isn’t

    reliable • Internet performs better because last mile is faster • because you can’t afford high speed private WAN tails • Internet/Public WAN backbones are higher speed • because there are more devices connected to it 43

44. © 2015 Packet Pushers Interactive LLC Page QoS or Bandwidth

    • Speed and bandwidth means you don’t need QoS • Jitter and packet loss have less impact than people think • If it did lots of things would never works • GoToMeeting, Skype, Facetime, Youtube etc • Lets ignore Webex and Lync (software is broken) 44

45. © 2015 Packet Pushers Interactive LLC Page Carrier Routing 45

    1 1. Routing & MPLS Tagging 2. Routing between LAN and WAN interfaces 3. Simple policies for QoS, Path Control and Monitoring Enterprise WAN Edge Carrier Core Provider Edge Customer Edge Edge Routing Today Limited functions applied at customer site © Greg Ferro 2014 2 1. MPLS Tagging 2. Policy for QoS, Path Control and Monitoring 3. Virtual Router located in Exchange using NFV Enterprise WAN Edge Carrier Core Provider Edge Customer Edge © Greg Ferro 2014 1 2. Routing between LAN and WAN interfaces Edge Routing with NFV Replace site router functions in the carrier edge

46. © 2015 Packet Pushers Interactive LLC Page 46 2 1.

    MPLS Tagging 2. Policy for QoS, Path Control and Monitoring 3. Virtual Router located in Exchange using NFV Enterprise WAN Edge Carrier Core Provider Edge Forwarding Engine © Greg Ferro 2014 1 2. Routing between LAN and WAN interfaces Distributed Control NFV Replace site router functions in the carrier edge Control Plane

47. © 2015 Packet Pushers Interactive LLC Page Cisco NFV /

    DNA • Cisco Digital Network Architecture • commits to a virtual appliance world • that runs on Cisco hardware ie. E-series UCS servers • PREDICTION: • With Cisco fully embracing NFV, the market demand will grow strongly 47

48. Monitoring the SD-WAN Internet

49. © 2015 Packet Pushers Interactive LLC Page How Do You

    Monitor the Internet ? • You can monitor the Internet • Lets talk about the fundamental methods • Probes • BGP Peering • Edge nodes • Telemetry/Flow Data 49

50. © 2015 Packet Pushers Interactive LLC Page How - Probes

    • Put probes around the internet • co-locations, clouds etc • Monitor lots of stuff 50

51. © 2015 Packet Pushers Interactive LLC Page How - BGP

    Peers • BGP instances in various location • Peering with various carriers • Get to see 51

52. © 2015 Packet Pushers Interactive LLC Page How - Edge/Cloud

    • Sell products that lots of customers buy • Get them to report data to a central cloud • Analyse the heck out of the data • Sell it back to customers as Internet Visibility 52

53. © 2015 Packet Pushers Interactive LLC Page Flow Data /

    Telemetry • Telemetry = collecting data • Analytics = making sense of the data • Big Data • Maths / Machine Learning • mainly using open source software • Lots of work to produce interfaces that people can understand (UI/UX) 53 Reference: http://etherealmind.com/analytics-of-everything/

54. © 2015 Packet Pushers Interactive LLC Page Pricing ? •

    Most of us need to monitor the internet anyway • But we haven’t because it was hard • You haven’t been monitoring your WAN performance • How many have flow analysis ? • packet loss, jitter, application performance 54 Thousand Eyes - http://packetpushers.net/podcast/podcasts/show-247-thousandeyes-network-visibility-sponsored/ Kentik - http://packetpushers.net/podcast/podcasts/pq-show-71-kentik-real-time-network-visibility-sponsored/

55. © 2015 Packet Pushers Interactive LLC Page Break Time Coffee

    55

56. © 2015 Packet Pushers Interactive LLC Page Newsletters 56 Deep

    Dive Podcasts Latest News http://packetpushers.net/podcasts/ http://packetpushers.net/the-network-break/ http://packetpushers.net/free-newsletter-magazine-subscriptions/