Click here to close now.

Welcome!

Cloud Expo Authors: Carmen Gonzalez, Elizabeth White, Lori MacVittie, Mike Kavis, Plutora Blog

Related Topics: SDN Journal

SDN Journal: Blog Feed Post

F5 Application Layer SDN: Now with Extreme Programmability

As you move up the network stack, you move from directing packets to managing flows

"If you look at the standard SDN model, [Layer 4-7 services] are applications that can basically run on the [SDN] controller platform. But that's not the only way to do them. We'll hear about different approaches. Network services for SDN are going to be a big story in 2013."

-- Brad Casemore, "Networking outlook: Controllers, Layer 4-7 will roil SDN 2013 market" [emphasis mine]

Since SDN became the darling du jour of the networking industry, there's been a lot of head nodding and ancillary mention of L4-7 services eventually becoming part of the overall fabric. What there hasn't been is a lot of discussion on the challenges inherent in bringing those services to bear in what has become the de facto standard model: a centralized controller responsible for directing the flow of packets throughout the network.

That's challenging, because as you move up the network stack there's a natural evolution that occurs. You move from directing packets to managing flows, and managing flows requires a completely different set of features. That's because the closer to layer 7 you get, the more stateful the network necessarily must become. It can no longer act on individual packets; it must aggregate those packets and it must do it often - far more often than is presupposed when working at layer 2 and 3 of the network stack.

John Giacomoni said it well when he explained in a recent post, "Beyond SDN Fabric: Complex problems require L7+ SDN technologies":

“To implement even basic load balancing with OpenFlow the majority of packets, and all ACKs in particular, need to be forwarded to the controller so session flow state can be accurately tracked.”

Consider that in a router, about 1 in every 1 million packets needs to be forwarded to the controller. In a switch, that ratio is on the order of 1 in every 1 billion. For TCP that ratio drops to a mere 1 out of every 10 packets. If you climb a bit higher in the network stack to layer 7, you might as well consider every packet a candidate to be forwarded on to the controller.

The SDN model upon which most solutions today are based work on the assumption that most packets don't need to be examined by the controller. Thus they are able to scale and maintain wire speed while adding agility and programmability to the lower layers of the network.

A different model is required for Application Layer SDN to ensure agility and performance can be maintained while gaining the benefits of application intelligence and programmability. The SDN Network Fabric (layer 2-3) operates on the premise of centralized control and execution. The SDN Application Services Fabric (layer 4-7) must operate on the premise of centralized control and decentralized execution in order to scale without sacrificing the many benefits of stateful network devices enjoyed by current models of network architecture such as security-related functions, fault tolerance and isolation, and performance enhancing services.

Extreme Programmability: Enter LineRate Systems

As SDN matures, its focus will continue to move up the network stack, toward the application layers. The programmable, scalable services at the application layer comprising the Application Services Fabric are necessary to fully realize the benefits of SDN and software-defined data centers, particularly in environments where network function virtualization (NFV) is adopted as a strategy to achieve maximum agility. Network function virtualization requires not only the improved performance of today’s modern x86 hardware platforms, but software capable of scaling on demand while maintaining optimal performance and offering a high-degree of programmability for superior software defined control over the network.

Programmability is required for reducing operational costs through automation and centralized control, but it is also needed to enable customers to develop innovative, application-specific services that work in concert with SDN architectures. Critical to the success of these architectures are security, acceleration, optimization, and routing services at the application layers that are able to meet modern expectations of flexibility, scale, and performance.

LineRate brings a programmable, scalable platform to the Application Layer SDN table. Its platform is not only capable of scaling on demand and meeting performance expectations on commoditized x86 hardware, but it is highly programmable. In fact it is designed specifically to be programmed to execute purpose-built business and operational logic at high speeds. It's a proxy-based architecture, similar to that of F5 BIG-IP, and offers what I can only describe as "extreme programmability" as its core capability. Rather than insert lightweight rules into the data plane as is the operating procedure for SDN L2-3 fabrics, LineRate SDN Services act as independently operating service nodes that maintain the scaling properties expected of SDN solutions and of modern high-availability architectures, i.e. unlike the centralized SDN controller architecture, a decentralized execution model is fault tolerant even when maintaining state, a requirement for the Application Services Fabric.

As networks continue to become commoditized, it is the application layer services in an SDN that will provide organizations with the competitive advantage they need. A programmable data path is required for organizations desiring to roll their own services and it must be scalable and fast; organizations are unwilling (and rightfully so) to sacrifice performance. LineRate Systems offers such a platform and its addition to the F5 portfolio expands F5's continued leadership in application layer networking in both traditional and Application Layer SDN architectures.

Read the original blog entry...

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@CloudExpo Stories
VictorOps is making on-call suck less with the only collaborative alert management platform on the market. With easy on-call scheduling management, a real-time incident timeline that gives you contextual relevance around your alerts and powerful reporting features that make post-mortems more effective, VictorOps helps your IT/DevOps team solve problems faster.
Skeuomorphism usually means retaining existing design cues in something new that doesn’t actually need them. However, the concept of skeuomorphism can be thought of as relating more broadly to applying existing patterns to new technologies that, in fact, cry out for new approaches. In his session at DevOps Summit, Gordon Haff, Senior Cloud Strategy Marketing and Evangelism Manager at Red Hat, will discuss why containers should be paired with new architectural practices such as microservices ra...
Roberto Medrano, Executive Vice President at SOA Software, had reached 30,000 page views on his home page - http://RobertoMedrano.SYS-CON.com/ - on the SYS-CON family of online magazines, which includes Cloud Computing Journal, Internet of Things Journal, Big Data Journal, and SOA World Magazine. He is a recognized executive in the information technology fields of SOA, internet security, governance, and compliance. He has extensive experience with both start-ups and large companies, having been ...
The industrial software market has treated data with the mentality of “collect everything now, worry about how to use it later.” We now find ourselves buried in data, with the pervasive connectivity of the (Industrial) Internet of Things only piling on more numbers. There’s too much data and not enough information. In his session at @ThingsExpo, Bob Gates, Global Marketing Director, GE’s Intelligent Platforms business, to discuss how realizing the power of IoT, software developers are now focu...
Operational Hadoop and the Lambda Architecture for Streaming Data Apache Hadoop is emerging as a distributed platform for handling large and fast incoming streams of data. Predictive maintenance, supply chain optimization, and Internet-of-Things analysis are examples where Hadoop provides the scalable storage, processing, and analytics platform to gain meaningful insights from granular data that is typically only valuable from a large-scale, aggregate view. One architecture useful for capturing...
SYS-CON Events announced today that Vitria Technology, Inc. will exhibit at SYS-CON’s @ThingsExpo, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Vitria will showcase the company’s new IoT Analytics Platform through live demonstrations at booth #330. Vitria’s IoT Analytics Platform, fully integrated and powered by an operational intelligence engine, enables customers to rapidly build and operationalize advanced analytics to deliver timely business outcomes ...
DevOps is about increasing efficiency, but nothing is more inefficient than building the same application twice. However, this is a routine occurrence with enterprise applications that need both a rich desktop web interface and strong mobile support. With recent technological advances from Isomorphic Software and others, it is now feasible to create a rich desktop and tuned mobile experience with a single codebase, without compromising performance or usability.
SYS-CON Events announced today Arista Networks will exhibit at SYS-CON's DevOps Summit 2015 New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. Arista Networks was founded to deliver software-driven cloud networking solutions for large data center and computing environments. Arista’s award-winning 10/40/100GbE switches redefine scalability, robustness, and price-performance, with over 3,000 customers and more than three million cloud networking ports depl...
The speed of software changes in growing and large scale rapid-paced DevOps environments presents a challenge for continuous testing. Many organizations struggle to get this right. Practices that work for small scale continuous testing may not be sufficient as the requirements grow. In his session at DevOps Summit, Marc Hornbeek, Sr. Solutions Architect of DevOps continuous test solutions at Spirent Communications, will explain the best practices of continuous testing at high scale, which is r...
SYS-CON Events announced today that Open Data Centers (ODC), a carrier-neutral colocation provider, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. Open Data Centers is a carrier-neutral data center operator in New Jersey and New York City offering alternative connectivity options for carriers, service providers and enterprise customers.
Thanks to Docker, it becomes very easy to leverage containers to build, ship, and run any Linux application on any kind of infrastructure. Docker is particularly helpful for microservice architectures because their successful implementation relies on a fast, efficient deployment mechanism – which is precisely one of the features of Docker. Microservice architectures are therefore becoming more popular, and are increasingly seen as an interesting option even for smaller projects, instead of bein...
Security can create serious friction for DevOps processes. We've come up with an approach to alleviate the friction and provide security value to DevOps teams. In her session at DevOps Summit, Shannon Lietz, Senior Manager of DevSecOps at Intuit, will discuss how DevSecOps got started and how it has evolved. Shannon Lietz has over two decades of experience pursuing next generation security solutions. She is currently the DevSecOps Leader for Intuit where she is responsible for setting and driv...
The explosion of connected devices / sensors is creating an ever-expanding set of new and valuable data. In parallel the emerging capability of Big Data technologies to store, access, analyze, and react to this data is producing changes in business models under the umbrella of the Internet of Things (IoT). In particular within the Insurance industry, IoT appears positioned to enable deep changes by altering relationships between insurers, distributors, and the insured. In his session at @Things...
Even as cloud and managed services grow increasingly central to business strategy and performance, challenges remain. The biggest sticking point for companies seeking to capitalize on the cloud is data security. Keeping data safe is an issue in any computing environment, and it has been a focus since the earliest days of the cloud revolution. Understandably so: a lot can go wrong when you allow valuable information to live outside the firewall. Recent revelations about government snooping, along...
In his session at DevOps Summit, Tapabrata Pal, Director of Enterprise Architecture at Capital One, will tell a story about how Capital One has embraced Agile and DevOps Security practices across the Enterprise – driven by Enterprise Architecture; bringing in Development, Operations and Information Security organizations together. Capital Ones DevOpsSec practice is based upon three "pillars" – Shift-Left, Automate Everything, Dashboard Everything. Within about three years, from 100% waterfall, C...
PubNub on Monday has announced that it is partnering with IBM to bring its sophisticated real-time data streaming and messaging capabilities to Bluemix, IBM’s cloud development platform. “Today’s app and connected devices require an always-on connection, but building a secure, scalable solution from the ground up is time consuming, resource intensive, and error-prone,” said Todd Greene, CEO of PubNub. “PubNub enables web, mobile and IoT developers building apps on IBM Bluemix to quickly add sc...
Data-intensive companies that strive to gain insights from data using Big Data analytics tools can gain tremendous competitive advantage by deploying data-centric storage. Organizations generate large volumes of data, the vast majority of which is unstructured. As the volume and velocity of this unstructured data increases, the costs, risks and usability challenges associated with managing the unstructured data (regardless of file type, size or device) increases simultaneously, including end-to-...
The excitement around the possibilities enabled by Big Data is being tempered by the daunting task of feeding the analytics engines with high quality data on a continuous basis. As the once distinct fields of data integration and data management increasingly converge, cloud-based data solutions providers have emerged that can buffer your organization from the complexities of this continuous data cleansing and management so that you’re free to focus on the end goal: actionable insight.
Between the compelling mockups and specs produced by your analysts and designers, and the resulting application built by your developers, there is a gulf where projects fail, costs spiral out of control, and applications fall short of requirements. In his session at DevOps Summit, Charles Kendrick, CTO and Chief Architect at Isomorphic Software, will present a new approach where business and development users collaborate – each using tools appropriate to their goals and expertise – to build mo...
The Internet of Things (IoT) is causing data centers to become radically decentralized and atomized within a new paradigm known as “fog computing.” To support IoT applications, such as connected cars and smart grids, data centers' core functions will be decentralized out to the network's edges and endpoints (aka “fogs”). As this trend takes hold, Big Data analytics platforms will focus on high-volume log analysis (aka “logs”) and rely heavily on cognitive-computing algorithms (aka “cogs”) to mak...