As part of SDNCentral’s ongoing efforts to bring you more SDN/NFV use cases, we bring you a series of free webinars from NEC, featuring Ivan Pepelnjak of ipSpace. Be sure to check the webinar series landing page for newly released videos.
With increasing numbers of enterprises and service providers looking to deploy SDN, we’ve been inundated with requests from our readers for more use cases to help them understand and evaluate SDN. We heard you, and we are gearing up to send them your way.
The webinar series covers typical OpenFlow-based SDN use cases using NEC’s ProgrammableFlow, the first production-grade commercial implementation of OpenFlow controllers and data center switches, introduced in 2011. We kick off the series with a video presentation about how customers in the real world are using SDN to dynamically insert network services into the packet-forwarding path based on endpoints (users), applications, or both.
With just about every web service and infrastructure needing firewalls, load balancers, IPS, caching, and other deep packet inspection (DPI)-based network services, service insertion is a common data center practice. Administrators use service insertion to chain devices in DMZs and create service chains for service provider GiLANs and other mobile-supporting infrastructure. By deploying SDN-based service insertion, both enterprises and service providers can use resources more efficiently and become more agile and responsive to the business.
Without SDN, service insertion in a traditional network is either manual or achieved with VLANs or policy-based routing (PBR) — all of which have real limitations, particularly when it comes to scaling. VLAN chaining, one of the most traditional methods, has per-customer limits, is hard to implement for individual endpoints, and is near-impossible to implement and scale for individual applications, according to Pepelnjak.
In this webinar, you’ll learn how to implement traffic redirection using ProgrammableFlow to overcome traditional VLAN limitations. More than 100 customers are using ProgrammableFlow in production today, with large service providers leveraging its OpenFlow functionality to insert user-specific services including authentication, firewalling, and caching.
With SDN, service insertion can avoid running all traffic through every device, be selective in how it directs traffic, and perform header rewrites where necessary. Specific to an application or end use, SDN-enabled service insertion can reduce costs dramatically, in some cases by as much as 90 percent, when network services are applied only as needed rather than through broadly applied policy.
- Create a flow list to match the traffic
- Apply a flow filter to a VTN interface
- Use a flow filter to include “redirect” action
- Use a redirect action to perform MAC rewrite
The video looks at different types of SDN service insertion use cases in OpenFlow-based fabrics. The webinar covers ProgrammableFlow’s extended VLAN mode (ProgrammableFlow supports up to 10,000 virtual bridges) and its MAC mapping mode, where ProgrammableFlow assigns clients to virtual networks based on clients’ MAC address.
Throughout the presentation, Pepelnjak answered questions live from webinar participants, providing you with a deeper, more technical understanding of the strengths and limitations of SDN service insertion.
To learn more about how SDN service insertion overcomes traditional limitations, watch the video webinar at the NEC Channel on SDNCentral. Upcoming webinars in the series will cover other OpenFlow-based SDN use cases including network monitoring and OpenStack networking.