New SDN Technology Challenges VMware, Cisco
April 02, 2013
Nuage Networks, a wholly-owned venture funded by Alcatel-Lucent, has announced an SDN technology called Virtualized Services Platform (VSP). It's a network virtualization package that pits Nuage Networks (and Alcatel-Lucent) against network virtualization technology from VMware, Cisco Systems and other major vendors.
The Virtualized Services Platform (VSP) consists of three major elements (and you may want an acronym scorecard to keep track): Virtualized Services Directory (VSD), Virtualized Services Controller (VSC), and Virtual Routing and Switching (VRS).
- Client Windows Migration: Expert Tips for Application Readiness
- Thwart off Application-Based Security Exploits: Protect Against Zero-Day Attacks, Malware, Advanced Persistent Threats
- Best Practices for Security and Compliance with Amazon Web Services
- Why a New Business Model is Needed for SSL Certificates
- State of Cloud 2011: Time for Process Maturation
- SaaS 2011: Adoption Soars, Yet Deployment Concerns Linger
The Virtualized Services Directory is the policy engine for the overall platform. Network engineers use the VSD to create templates that define network functionality for a specific set of resources and users. When a new virtual machine or application is created, it gets assigned to a template that provisions its network resources.
The Virtualized Services Controller (VSC) communicates with the distributed Virtual Routing and Switching (VRS) software and programs the network via OpenFlow. The VRS is Nuage Networks' version of the Open vSwitch, an open source virtual switch that Nuage says will integrate with a variety of hypervisors, including KVM, Xen, Hyper-V and ESXi.
The VRS is the network agent that installs into the hypervisor for software networking. Like VMware's NSX and Juniper's Contrail, Nuage uses VXLAN to connect VRS agents over the data center LAN. Nuage's tunneling architecture contrasts with SDN approaches from Cisco, HP, IBM, NEC, Big Switch and others in which a controller directly programs physical switches.
Nuage has no requirement for IP Multicast in the data center core. Broadcast/Unknown Unicast /Multicast(BUM) traffic is managed via local spoofing and packet replication in VRS software, and thus does not need to use the physical network for replication (as does VMware vCloud 5.1 today).
The primary value of building an overlay network with tunneling and software BUM locally is that your existing data center network needs no change or upgrades. Nuage claims that all you need is three virtual machines for the VSD and VSC applications, plus a few more for VRS agents to start your pilot testing.
Like other Open vSwitch implementations (such as VMware NSX), the VRS delivers a range of network services in the hypervisor/operating systems. Layer-2 switching and packet filtering are straightforward because flow entries are easy to achieve. Nuage is promoting the concept of a distributed layer-3 routing capability based on forwarding layer-3 packets into tunnels: each VRS has a tunnel connection to other VRS agents in the network, so routing can be performed in the hypervisor.
The VSD policy engine is based on software from Alcatel-Lucent routers used in today's DSL and LTE networks. This means that Nuage builds on a proven software platform. It builds the VRS configuration from small elements of templates and policy. This modular approach to deriving the configuration of the VRS agents seems to me to be a powerful and flexible method for supporting mobile network requirements. Instead of moving "configuration" between the VRS agents, the VSD can receive an event trigger, modify the template, and recalculate the VRS configuration before VSC delivers the flow changes to the VRS.
[ Join us at Interop Las Vegas for access to 125+ IT sessions and 300+ exhibiting companies. Register today! ]
Nuage claims it can support multiple data centers via very close integration with the WAN. The VSD controller and VRS agent can form MPLS over GRE (MPLSoGRE) tunnels to PE routers. Because GRE forwarding is performed in hardware, the data from the overlay network passes directly to WAN. Compared to VMware NSX, where hardware VXLAN termination is a vital and unfulfilled requirement, this is significant advantage.
There are strong similarities in the overall strategy with Juniper's recent spin-in of the Contrail Networks. Where Contrail uses a proprietary network agent, Nuage is using Open vSwitch. Where Contrail uses a proprietary protocol from controller to switch, Nuage is using an enhanced version of OpenFlow. Both Contrail and Nuage build MPLS over GRE tunnels to the service provider edge to avoid the need for VXLAN termination.
Comparisons with VMware NSX are obvious, but Nuage seems especially relevant for large-scale networks. That's because the extension of overlay networking to the MPLS network provides an opportunity for greater control of and visibility into the WAN.
Nuage Networks has announced a lot of features and functions in its first release of VSD, many of which will be new to both technical and business professionals. Selling SDN to the enterprise is going to be hard, but Nuage has addressed a large segment of core SDN networking requirements. Now we need to hear about actual deployments to determine the quality of the product.
Disclaimer: Greg Ferro has written a white paper sponsored by Nuage Networks for the Packet Pushers Web site.