Confidential

MidoNet  NVO  

Pros  • Deploy  over  IP  • Decoupling  of  workloads  from  network  • Distributed  L2-­‐L4  services    Caveats  • Poor  visibility  when  underlay  doesn’t  work  • Weak  QoS  

1  

Confidential

MidoNet  Logical  &  Physical  View  

2  

Confidential

Private  IP  Network  

3  

Confidential

Fabric  IntegraLon  

• Correlate  overlay  and  fabric  flows  • Configure  QoS  on  fabric  – Classify  and  mark  at  edge  • AcLvely  monitor  when  ECMP  hashes  badly  • Working  with  Cumulus  Networks  

4  

Confidential

VTEPs  3K\VLFDO�6HUYHUV

/RJLFDO�1HWZRUN�1HXWURQ�QHWZRUN�ERXQG�WR�97(3V�

0LGR1HW�3URYLGHU�9LUWXDO�5RXWHU

01�7HQDQW�9LUWXDO�5RXWHU 01�7HQDQW�9LUWXDO�5RXWHU

7HQDQW�% 7HQDQW�&

01�7HQDQW�9LUWXDO�5RXWHU

7HQDQW�$

9LUWXDO�6HUYHUV

5  

Confidential

VTEP  Physical  

&ORV�,3�)DEULF

97(3

+\SHUYLVRU

3K\VLFDO�6HUYHUV

5DFN�� 5DFN��

6  

Confidential

Fabric  IntegraLon  Goals  

• Metering,  with  aggregaLon  by  various  • Time  series  data  monitoring  for  operator  visibility  – link  uLlizaLon  – fabric  buffer  uLlizaLon  – packet  drops  • TroubleshooLng  focused  data,  like  flow  traces  • CorrelaLng  flow  malfuncLons  with  fabric  issues  • PredicLve  analyLcs  that  can  trigger  self-­‐  • ConnecLng  virtual  and  physical  networks  -­‐  e.g.  HW  VTEP  • Configuring  the  fabric  (mainly  L3)  

7  

Confidential

Hybrid  Clouds  

8  

Confidential

MulL-­‐cloud  FederaLon  

• The  future  is  Hybrid  Cloud  • Several  use  cases  – Private  OpenStack  cloud  peering  with  AWS  – Private  OpenStack  clouds  peering  with  each  other  

• Several  Types  of  Peering  – Peering  over  the  Internet  – Peering  over  private  networks  • Direct  Connect  

9  

Confidential

FederaLon  

Internal Site Network

Internet

edge

MNOVS

BGPBGP Multihoming

VPN terminator

MN

OVS

Inter-site control proxy

MN

OVS

edge

MNOVS

BGP

edge

MNOVS

BGP

Inter-site control proxy

MN

OVS

VPN terminator

MN

OVSCompute Nodes

Another Site

Control Traffic (RPC)

Data Traffic (VPNs)

Data Traffic (Ethernet)

10  

Confidential

Docker  

11  

Confidential

Policy  Networking  

• Current  Model  is  Topology  Based  – Networks,  Routers  • AlternaLve  DeclaraLve  Model  – Cisco  ACI  – Neutron  Group  Policy  

12  

Confidential

Thank  You  

13