SDN is considered the main avenue for the enterprise to achieve fully virtualized networking, and by extension the fully virtualized data center.
One of the primary benefits of all this virtualization is scale. Unfettered by the limitations of mere hardware, SDN-enabled environments will be allowed to grow and change according to the whims of users, ushering in an era of anytime/anywhere data connectivity.
If this is the case, however, why are so many questions arising about the scalability limitations of leading virtual networking platforms?
Forwarding table limitations
It turns out that while the separation of the control and forwarding planes can accomplish a great many things, even virtual networks are limited by the ability of forwarding tables to keep tabs on MAC addresses and other networking data needed to push packets to their ultimate destinations. The challenge, in fact, only increases as tables are bombarded with commands and requests from not only the physical layer infrastructure but the rapidly changing virtual ones as well. To date, a number of techniques have been developed to deal with this problem, things like Shortest Path Bridging and IP-style packet flooding, but the question remains whether any of today’s virtual networking platforms will hold up as enterprises start to push the scalability envelope.
Clearly, one of the first solutions to come to mind is an improvement in the flow table itself. This is the tack that Corsa Technology is taking with its new OpenFlow hardware data planes, the DP6420 and the DP6440, intended for use in both data center and carrier settings. The devices feature native OpenFlow 1.3 support and are capable of handling multiple flow tables and millions of flows, coupled with rapid flow table creation and the ability to configure tens of thousands of flow modifications per second. They also support a range of network port configurations, including 48x10GbE, 4x40GbE and 4x100GbE designs.
But what happens when tens of thousands of flow commands turns into tens of millions, as is highly possible for organizations aspiring to hyperscale architectures? How can you possibly accommodate (at reasonable cost, anyway) that many TCP connections and UDP flows? The simple answer is, you don’t, according to networking guru Tony Bourke. Instead, just use the destination-based forwarding approach currently deployed on most Layer 2 and Layer 3 switches. Through intelligent architecture, SDN devices would learn the proper configurations through automated queries and API programming. The rate of change in the forwarding table itself would be minimal. In fact, you might wind up with a smaller forwarding table than you have now because the controller will constantly excise dead connections rather than flood MAC addresses to each and every virtual switch.
Visibility on virtual networks
Scale-out virtual networks affect more than just the forwarding table, however. There is also the question of visibility. Tilera Corp. and Procera Networks have teamed up to address DPI in scale-out virtual networks with a new SoC solution that unites the TILEncore-Gx adapter with the Procera Network Application Visibility Library. The goal is to provide wire-speed application intelligence on L4 to L7 directly on the server to enable deep-dive threat monitoring, QoS management and other functions. The system also provides filtering of up to 225,000 unique URLs per second and Layer 7 traffic classification that can be used to forward specific flows to optimized hosts.
No matter how you scale the virtual network, two facts are incontrovertible. One is that even the most efficient resource utilization does not enable limitless scale within the software defined architecture. At some point, hardware has to come into play, although with proper design it can be kept to a minimum.
The second is that all network constructs must find a way to discover and map additional resources, even those that are outside the enterprise’s direct control. And as SDN becomes more ubiquitous, the need to automate those processes will grow.
By nature, virtual networks are designed for scalability, certainly much more so than physical ones. But that doesn’t mean you gain access to unlimited resources at the flip of a switch.
Photo courtesy of Shutterstock.
