Ignite 2015 – Platform Vision & Strategy Network Overview

Speakers: Yousef Khaladi, Rajeev nagar, Bala Rajagopalan

I could not get into the full session on server virtualization strategy – meanwhile larger rooms were 20% occupied. I guess having the largest business in Microsoft doesn’t get you a decent room. There are lots of complaints about room organization here. We could also do with a few signs and some food.

Yousef Khaladi – Azure Networking

He’s going to talk about the backbone. Features:

  • Hyper-scale
  • Enterprise grade
  • Hybrid

There are 19 regions which are bigger than AWS and Google combined. There are 85 iXP points, 4400+ connections to 1695 networks. There are 1.4 million miles of fiber in Azure. The NA fiber can wrap around the world 4 times. Microsoft has 15 billion dollars in cloud investment. Note: in Ireland, the Azure connection comes in through Derry.

Azure has automated provisioning with integrated process with L3 at all layers. It has automated monitoring and remediation with low human involvement.

They have moved intelligence from locked in switch vendors to the SDN stack. They use software load balancers in the fabric.

Layered support:

  1. DDOS
  2. ACLs
  3. Viftual network isolation
  4. NSG
  5. VM firewall

Network security groups (NSGs):

  • Network ACLs that can be assigned to subnets or VMs
  • 5-tuple rules
  • Enables DMZ subnets
  • Updated independent of VMs

Build an n-tier application in a single virtual network and isolate the public front end using NSGs.

ExpressRoute:

  • Now supports Office 365 and Skype for Business
  • The Premium Add-on adds virtual network global connectivity, up to 10,000 routes (instead of 4000) and up to 100 connected virtual networks

Cloud Inspired Infrastructure

It takes time to deploy a service on your own infrastructure. The processes are there as a caution against breaking already complicated infrastructure. You can change this with SDN.

Today’s solution first: Lots of concepts and pretty pictures. Not much to report.

New Stuff

VXLAN is coming to Microsoft SDN. They are taking convergence a step further. RDMA storage NICs can be converged and also used for tenant traffic. There will be a software load balancer. There will be a control layer in WS2016 called a network controller. This is taken from Azure. There is a distributed load balancer and software load balancer in the fabric.

IPAM can handle multiple AD forests. IPAM adds DNS management across multiple forests.

Back to RDMA – if you’re using RDMA then you cannot converge it on WS2012 R2. That means you have to deploy extra NICs for VMs, In WS2016, you can enable RDMA on management OS vNICs. This means you can converge those NICs for VM and host traffic.

TrafficDirect moves interrupt handing from the parent partition to the virtual switch where it can be handled more efficiently. In a stress test, he doubles traffic into a VM via a stress test, over 3+ million packets per second.

Summary

The networking of Azure is coming to on-premises in WS2016 and the Azure Stack. This SDN frees you from the inflexibility of legacy systems. We get additional functionality that will increase security and HA, while reducing costs.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.