vmworld 2013: multi-site deployments with network virtualization

Multi-site Deployments with Network Virtualization

Dimitri Desmidt, VMware

SEC5582

#SEC5582

2

Agenda

Why Enterprise has multiple sites?

Challenges with physical network when building multiple sites

How Network Virtualization can help?

How Network Virtualization works with multiple sites?

Demo

3

Agenda





Demo

4

Why Enterprise Has Multiple Sites?

Business Continuity

5


Performance

• Scale

• Speed

6


And also … just happens

• Acquisitions

• Specific Data Center per department

• Burst "to the Cloud"

Important Note:

However those applications hosted in different data centers need to access

common services (backup, centralized report/log servers, etc) hosted in one

data center.

7

Agenda





Demo

8

Challenges With Physical Network When Building Multiple Sites

We all live in 1 world

This brings challenges

to humans

• Timezone

• Language

• Culture

• etc

So do Apps!

Multi-DC brings challenges too

• To Network

• To Storage replication

DMZ

App

DB

Storage

DMZ

App

DB

Storage

WAN DC1 DC2

9

Agenda





Demo

10

DMZ

App

DB

Storage

WAN

DMZ

App

DB

Storage

How Network Virtualization Can Help?

What if…

"Virtual secured*

L2 wire"

between those 2

"Virtual Ports"

*: security rules +

traffic encrypted

between DC

(IPSEC)

"Virtual Port"

on those 2

subnets/VLAN

Important Note:

No requirement on

the physical fabric!

DC2 DC1

11

DMZ

App

DB

Storage

WAN


What if…

"Virtual Port"

on those 2

subnets/VLAN

"Virtual secured*

L3 wire"

between those 2

"Virtual Ports"

*: security rules +

traffic encrypted

between DC

(IPSEC)

Important Note:

No requirement on


DC2 DC1

DNS / DHCP

Mail syslog

12

WAN

DMZ

App

DB

Storage

How Network Virtualization Can Help?

What if… Important Note:

No requirement on


Cloud Provider Customer1

"Virtual Port"

on those 2

subnets/VLAN

"Virtual secured*

L2 wire"

between those 2

"Virtual Ports"

*: security rules +

traffic encrypted

between DC

(IPSEC)

13

So is stretching VLANs the same as Network Virtualization?

Obviously not (at least for VMware!)

Network Virtualization offers the ability to move all the network

services in an abstraction/software layer completely decoupled

from the physical infrastructure

• Network services are: L2, L3, NAT, FW, SLB, VPN, QoS

And as importantly

• Can be fully orchestrated/automated

• So it can be integrated in any Cloud Management Platform solution managing

the 3 elements of a Cloud: Compute/Storage/Network

14

Agenda





Demo

15

DC1 DC2

How Network Virtualization works with multi-sites

VLAN 101

VM VM

VM

VLAN 102

VLAN 103 VLAN 201

VM VM

VM

VLAN 202

VLAN 203

WAN

802.1Q 802.1Q

NSX

Controller

Cluster

NSX

Gateways

16

How Network Virtualization is different from "legacy" approach?

"legacy" approach

• Rely on vendor hardware / propriatory

solution

• Add new hardware/protocol

• Chocke points

• Manually driven/configured

• And more importantly, 1 hardware

solution replies to 1 need (such as L2

streching) but will need another

solution for another need (such as L3)

Network Virtualization

• Decoupled from physical

infrastructure

• Simplicity

• Scalability

• Automation

• Same solution covers all network

service needs

17

How Network Virtualization works with multi-sites (Active/Standby)

DC1 DC2

VLAN 100 VLAN 100

Active Standby Standby Standby

VRRP Group 1 VRRP Group 1

Interconnect

VM1-IP@ Internet

VM1-IP@ (NAT) Internet

VM3-IP@ Internet


NSX-GW2-IP@

NSX-GW1-IP@

encap[VM3-IP@ Internet]

VM3-IP@ Internet

WAN

Internet

VM VM VM VM

18

How Network Virtualization works with multi-sites (Active/Standby)

DC1 DC2

VLAN 100 VLAN 100

Active Standby Standby Standby


Interconnect

VM1-IP@ VM3-IP@

NSX-GW2-IP@

NSX-GW1-IP@

encap[VM1-IP@ VM3-IP@]

WAN

Internet

VM1-IP@ VM3-IP@

VM VM VM VM

19

VLAN 100 VLAN 100

Active Standby Active Standby


Interconnect

VRRP

Filtering

VRRP

Filtering

VM1-IP@ Internet


VM3-IP@ Internet


How Network Virtualization works with multi-sites (Active/Active)

DC1 DC2

WAN

Internet

VM VM VM VM

20

How Network Virtualization works with multi-sites (Active/Active)

DC1 DC2

Active Standby Standby


Interconnect

VM1-IP@ VM3-IP@

NSX-GW2-IP@

NSX-GW1-IP@

encap[VM1-IP@ VM3-IP@]

WAN

Internet

VM1-IP@ VM3-IP@

VRRP

Filtering

VRRP

Filtering

VLAN 100 VLAN 100

Active

VM VM VM VM

21

Agenda





Demo

22

Lab

DC1 DC2

VLAN 101 / 10.1.1.0/24 VLAN 201 / 10.1.1.0/24

Active Standby

VLAN 301 / 10.3.1.0/24 VLAN 301 / 10.3.1.0/24

Active Standby

WAN router WAN router

WAN

Internet

Web Server:

40.1.1.100

.1 .1

.11 .12

.11 .12

23

Lab – Virtual L2 between 2 remote VLAN

DC1 DC2

VLAN 101 / 10.1.1.0/24 VLAN 201 / 10.1.1.0/24

VLAN 301 / 10.3.1.0/24 VLAN 301 / 10.3.1.0/24


WAN

Internet

Web Server:

40.1.1.100

VRRP

Filtering

NSX

Controllers

Cluster .1 .1

.11 .12

.11 .12

NSX GW-DC2 NSX GW-DC1 Active Standby Standby Active

24

Lab – Local North/South traffic

DC1 DC2

VLAN 101 / 10.1.1.0/24 VLAN 201 / 10.1.1.0/24

VLAN 301 / 10.3.1.0/24 VLAN 301 / 10.3.1.0/24


WAN

Internet

Web Server:

40.1.1.100

VRRP

Filtering

NSX

Controllers

Cluster .1 .1

.11 .12

.11 .12

NSX GW-DC1 Active Standby

NSX GW-DC2 Active Standby

25

Lab – vMotion support

DC1 DC2

VLAN 101 / 10.1.1.0/24 VLAN 201 / 10.1.1.0/24

VLAN 301 / 10.3.1.0/24 VLAN 301 / 10.3.1.0/24


WAN

Internet

Web Server:

40.1.1.100

VRRP

Filtering

NSX

Controllers

Cluster .1 .1

.11 .12

.11 .12

Active Standby NSX GW-DC1 NSX GW-DC2

Active Standby

26

“Fast is the new better,

Fast is the new cheaper,

Faster is the new faster!”

Chris Launey

27

Thanks

Dimitri Desmidt - Sr. Systems Engineering ([email protected])

mailto:[email protected]

28

Other VMware Activities Related to This Session

HOL:

HOL-SDC-1302

vSphere Distributed Switch from A to Z

SEC5582

THANK YOU

Multi-site Deployments with Network Virtualization

Dimitri Desmidt, VMware

SEC5582

#SEC5582

vmworld 2013: multi-site deployments with network virtualization

Technology

physical network

multiple sites

vm vm vm vlan

l3 network virtualization

sites vlan

active vm vm vm vm

wan internet vm1ip

nat internet vm3ip