Guest post from Ben van Kerkwyk, Architect, Data Center & Core Advanced Technology Group
The trend towards virtualization is driving a significant shift in how the industry and customers approach networking in the Data Center. One only has to look at the last 12-18 months of headlines and press articles from the enterprise sector to see that the data center has a renewed focus in the eyes of the vendors and has become a key battleground for industry and customer mindshare in IT, and in particular networking. The bevy of new products, architectures, technologies and even standards are defining 'data center networking' a distinct and unique branch of networking, where previously it was all but indistinguishable from campus/LAN networking products and tech.
This activity has essentially been driven by a shift in technology in the server realm. The popularity of blade systems and advent of multi-core CPU's has enabled the widespread adoption of virtualization technologies. Server virtualization has in turn enabled CIO's to embrace new efficiency and cost models in the data center (aiding another trend, that of rapidly increasing utility costs) and more importantly, to embrace new computing use models such as cloud computing and next gen 3-tier application architectures that can scale and shift computing resources dynamically based on business needs.
The flexibility and scale available through hypervisor technologies is highly dependent on one of the fundamental tenants of virtualization: the fact that you can’t use vMotion to move VMs outside of the L2 network that contains them. So if we want to get the most from our virtualized environments and architect larger, more flexible 'application pods' in the data center, it stands to reason that we need to provide a larger and more flexible L2 networking domain for each data-center pod.
The technologies used to create L2 domains and control traffic at L2 are well established and have been around for many years. Spanning tree and it's subsequent enhancements and extensions have met the majority of our networking needs, but have significant drawbacks when applied to the modern virtualized data center. Loop avoidance that blocks ports, crude VLAN based load balancing, relatively high convergence times, and limited scale do not work well when applied to dense blade computing systems that use expensive 10GbE ports, and next-gen convergence technologies such as FCoE.
HP Networking is actively addressing these issues. From a standards perspective we are taking very active roles in both the IEEE and the IETF efforts to standardize new L2 STP replacement technologies, respectively 802.1aq SPB (Shortest Path Bridging) and TRILL (TRansparent Interconnection of Lots of Links) . HP jas a long history of standards leadership and is dedicated to driving standards and interoperability, however if you've participated or watched standards groups in the past you will know that the cogs of multi-vendor industry agreement and defined interoperability turn quite slowly and carefully (and for good reason). Both the above-mentioned standards are still some time from official ratification and implementation into data center networking products, and despite 'pre-standard' offerings in the market are both very subject to change. If you look at the history of standards such as PoE or WiFi it's easy to understand the danger of touted 'pre-standard' implementations promising interoperability; in both these (and other) cases some pre-standard product introduced left customers stranded with vendor-lock when the protocols shifted during later debate.
So where does that leave customers that need this functionality today? HP, through its recent acquisition of 3Com, is dramatically simplifying both the architecture and management of networking systems, and providing customers the ability to support very large L2 domains (without STP) through IRF (Intelligent Resilient Framework). IRF is an integral part of the A-family product series and whilst it isn’t an open protocol itself, IRF provides external interoperability with other systems through standardized interfaces.
IRF allows the creation of large network fabrics that consist of multiple switches at a single layer (access, distribution or core) that operate and appear logically as a single switch. By virtualizing all L2 and L3 network functions and extending the control plane across the 10GbE network fabric, IRF distributes device management such that you only need a single configuration file and one software image. Devices inserted into an IRF domain automatically update their configuration file and software, preventing you from modifying one device in the domain in isolation from the others. Connecting to the fabric through any console port will link you to a single, redundant domain controller.
IRF dramatically simplifies network architectures by virtualizing and distributing L2 and L3 functions, such as routing, gateway, link aggregation, or QoS and security functions.
A full mesh L2 (or L3) server-edge switches connecting to dual, redundant distribution or core switches usually means lots of protocols and complexity in order to try and load balance across all the 1 or 10GbE links, prevent any single point of failure from causing an outage, and to provide a fast convergence time should failure occur. QoS and security policies need to be managed across many devices, and at higher layers can mean a complex, dynamic routing environment with many interfaces and IP addresses to manage.
If you now apply IRF domains to the devices in the access layer and again to the upstream core and/or distribution layer, this complex environment simplifies to look logically as two switches; the access connecting to the core. This means no requirement for STP or VRRP, both server uplinks and switch uplinks can simply use normal LACP link aggregation for physically meshed distributed trunking, all links are active and load balanced, IP addresses and interface complexity is virtually eliminated and the environment provides a guaranteed sub 50ms recovery time with no single point of failure.
By extending a control plane across Ethernet fabrics, IRF provides a logical 'single switch' of up to 1024 10GbE ports. Upstream, this capability can be used to logically group two separate data centers with core switches up to 70kms distant via modern 10GbE optics, allowing long range vMotion and DRS capabilities.
HP Networking is committed to driving industry standards and innovating to help lower operational cost, risk, and complexity in modern data centers. As switch fabrics get faster and port densities increase, so will IRF domain sizes, giving customers that need a dynamic, virtualization compatible environment today that scales for cloud services a viable and competitive option with HP Networking A-family products.