My initial thoughts on SDN

Hi All

As you all know I have been a Cisco UCS Specialist for the past 3 years, but I have recently also been made the Subject Matter Expert (SME) for Software Defined Networking (SDN) Now don’t worry I am still SME for Cisco UCS, so I’ll carry on blogging about that, but as this site says “Cisco UCS And Complimentary Technologies” I thought I would dump down my initial thoughts on SDN.

Just to Clarify in the 24 years I have been in IT I have been a Server Specialist, a Storage Specialist, a Virtualization Specialist and a Network Specialist, so have pretty much covered all of the bases within the Datacenter. All this experience gave me a great background for Cisco UCS and equally now for working on what SDN and Network Virtualization can bring to the Enterprise Datacenter.

Unlike Cisco UCS, SDN is a topic I am certainly no expert in (yet) but I have a huge passion for it, and find it really interesting. As such at present this is just my take on it, and how it may benefit the majority of my Customer base (The Enterprise Datacenter)

SDN, What you need to know about it (At the moment)

OK So I’m sure you have all heard of Software Defined Networking (SDN) by now, and if you haven’t you need to be aware of it, We all at least should have an opinion on it.

I have been following the evolution of SDN for about 18months now, and I’ve always felt it will have a major impact on how we design, build and manage networks, but I (like most) thought that the realities of SDN were probably still a good 5 years away, recent events and acquisitions have dramatically altered my view,  and SDN (or variations of it) are already changing our industry.

In short if you believe the hype “The Iron Age” may soon be over

What I hope to do with this “Primer” is cut through the ever growing hype and misinformation around SDN and answer the simple questions that few seem to be asking or answering, mainly what will SDN Actually do for the Enterprise Datacenter?.

So What is SDN?

Simply put SDN is the separation of the Data Plane (packet forwarding) and the Control Plane (Inteligence) of the Network with dynamic programmability provided by a central controller. Basically an intelligent dynamically programmable Network.

What Problems is SDN Trying to solve

Moving packets from one point to another quickly and efficiently does not need addressing; The Networks as we know them today do this really well.

Moving them intelliently and adapting to dynamic changes in the Network on the other hand, can be a complexity nightmare or at least a big challenge, i.e. splitting flows by sending voice or trading events down the lowest latentcy path and data down another path, or secure tenant seperation in a dynamic multi-tenant environment, these are just some of the current challenges SDN could help with.

But the current main pain points around networking, is the flexibility, agility and management of the Network. In essence the Network is now perceived as “In the Way” as it has not evolved to provide the dynamic requirements of today’s virtualized workloads.

VLANs, VRFs, NAT, ACLs, QoS at present are quite manual tasks, which need to be configured across multiple devices usually by CLI.

So at present if a user wants an Application / server stood up;  Through Virtualization we can do this within minutes, however the Connectivity, QoS, Security, Loadbalacing etc.. that the workload needs then becomes the bottleneck, as these are presently quite complex manual tasks which can take weeks to implement and sometimes requiring several specialists to implement. And if that workload wants or needs to move to another location or Datacenter, Oh Man that’s another big headache.

Sure we can use expensive proprietary solutions to address some of these issues, but if we could do this simply,  cheaply, dynamically and safely using a software overlay, well now that’s the promise of SDN and Network Virtualisation.

I certainly get what SDN brings to the party in areas I don’t really get too involved in i.e. the Service Provider and Hyper Scale Datacenter arenas, many of these companies are already using SDN or a derivative of it, and several created their own versions or helped define the current SDN standards, when they found that they had outgrown the capabilities of many current technologies,  but there are compelling use cases for my particular sweet spot, The Enterprise Datacenter.

Particularly around Datacenter Interconnection (DCI) and Enterprise Network Virtualization. Now Network Virtualization by strict definition is not SDN as there is no central controller involved, but it is where the revolution of our industry will start.

Having been heavily involved in all aspects of the Datacenter, I can certainly see the end to end picture and why Network Virtualization has so much potential.

VMware as I’m sure you all know, developed ESX which has revolutionized how quickly Servers can be provisioned, deployed and dynamically moved within the environment.

During this time the Network has remained almost static with regards to its ability to adapt to this huge change and flexibility in the compute layer.

Just like with ESX where vCPUs, vDISK, vRAM and vNICS can be combined to present a logical X86 Environment for a Virtual Machine to consume. Within NSX a Virtual Network can be defined, this Virtual Network can contain, VLANs, vSwiches, vRouters, vLoadBalancers etc…

NSX is a new product announced by VMware due for launch later this year, which combines the best elements from Nicira (acquisition last year) and VMware. The main components of each which form the core of NSX are:

Nicira: Distributed Controller Cluster (Layer 2 – 4 Programmable vSwitch)

VMware: VMware vCloud Networking and Security (VCNS) Portfolio (vLoadBalances, vFirewalls VPN, VXLAN etc..)

While NSX is a VMware product it is Vendor, Hardware and Hypervisor independent!

As mentioned NSX is a software OVERLAY which relies on having a “Dumb” low latency IP network beneath it, with all the intelligence defined in software.

I for one did not study my butt off to be an “UNDERLAY Fitter” so am obviously interested in how this progresses to ensure I am always where the Fun is!

This is not “pie in the sky” in my view VMware with NSX has the serious potential to revolutionize the Network in the same way it has the Server Industry with ESX.

Anyway managed to dump down my thoughts, at present which may well change once I get more knowledgeable on the subject and offerings.

If you have a view or disagree with mine, please leave a comment.




About ucsguru

Principal Consultant and Data Center Subject Matter Expert. I do not work or speak for Cisco or any other vendor.
This entry was posted in SDN and tagged , , , , , , , , . Bookmark the permalink.

5 Responses to My initial thoughts on SDN

  1. Pingback: vNews April 2013 – Bumper issue! | Stu McHugh's Virtualisation Blog

  2. Saravanan says:

    So you think a dumb IP network would be sufficient. So who owns and troubleshoots that dumb networks? Dumb network engineers ?

    • ucsguru says:

      Hi Saravanan

      Great comment!

      Speaking as one of those “Dumb Network Engineers” Myself, I think you have a very valid point, and it highlights the potential conflict there will likely be between Traditional Networkers and the “New wave” of Hypervisor Admins, armed with feature rich Network Virtualisation based technologies.
      You may even see this now in companies without strict change control, e.g. Hypervisor Admins, creating VXLANs between disjointed L2 networks, perhaps without even the knowledge of the network team.

      We need to encourage these types of debates and ensure everyone is on the same page, and has a clear vision as to the evolution of the technologies in general and their own networks in particular.

      I remember 4 years ago when Cisco UCS was first announced there was (and still is in some isolated cases) the thought that creating a single system that unified Compute, Storage, Virtualisation and Networking would be a real headache to introduce into a historically siloed industry. The reality of course was this greatly simplified matters, but did require a change with regards to how departments communicated and co-operated with each other. Once this new level of inter-silo communication was established and procedures/workflows updated accordingly, then this was where the real benefits were realised for all.

      I see no difference with the traditional networking elements which have served us so well for the past 25 years or so, and the “inevitable” evolution into scalable, agile Network Virtualisation solutions or Software Defined Networks. Things will change; administrative domains will evolve, as will roles and responsibilities.

      My Role of Cisco UCS and SDN Subject Matter Expert did not even exist 4 years ago, so my thinking goes: The “thing” I will be doing in 4 years time likely does not exist yet! A concept that really excites me.

      I hope that SDN and Networking Virtualisation vendors who do not have a traditional networking pedigree (like VMware) do not alienate the traditional Networkers (like me and you) either in their marketing, training or implementation. It will be a far better place if they invite us on the journey with them.

      While it will not happen overnight, I do see the time when it will be the norm in Enterprise Networks to have a low latency IP underlay and a feature rich programmable overlay. The “dumbness” of course being relative to where the intelligence and services of the network reside. This will likely differ depending on how far Network Virtualisation or SDN technologies are adopted and implemented in a particular environment.

      One thing’s for sure, change meetings are going to get a whole lot more colourful 🙂

      Thanks again for the comment and encouraging the debate!


  3. Dhruva Kolli says:

    Hello Colin..

    I have an issue. One of my team members changed the Native Authentication in the Admin tab to a LDAP group that has been created. The LDAP integration was not successful to date and unfortunately he has changed the Native Authentication Setting to the LDAP realm. This is not allowing us to login to the UCS manager. I can login connecting via the console cable though. Any idea or suggestions on how to get back the Native Authentication to the local realm connecting via the console?

    Dhruva S Kolli

    • ucsguru says:

      Hi Dhruva

      Don’t be too hard on them, have done that myself 🙂

      easilly rectified

      CCUCSDEMO-A# scope security
      CCUCSDEMO-A /security # sh default-auth

      Default authentication:
      Admin Realm Admin Authentication server group
      —————————- ———————————

      CCUCSDEMO-A /security #
      CCUCSDEMO-A /security # scope default-auth
      CCUCSDEMO-A /security/default-auth # set realm local

      CCUCSDEMO-A /security # sh default-auth

      Default authentication:
      Admin Realm Admin Authentication server group
      —————————- ———————————
      CCUCSDEMO-A /security #


Leave a Reply to ucsguru Cancel reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.