Cloud Native Data–Center Networking

Preface
Audience
How This Book Is Organized
Software Used in This Book
Conventions Used in This Book
Using Code Examples
O’Reilly Online Learning
How to Contact Us
Acknowledgments

1. The Motivations for a New Network Architecture
The Application-Network Shuffle
The Network Design from the Turn of the Century
The Charms of Bridging
Building Scalable Bridging Networks
The Trouble with the Access-Aggregation-Core Network Design
Unscalability
Complexity
Failure Domain
Unpredictability
Inflexibility
Lack of Agility
The Stories Not Told
Summary

2. Clos: Network Topology for a New World
Introducing the Clos Topology
A Deeper Dive into the Clos Topology
Use of Homogeneous Equipment
Routing as the Fundamental Interconnect Model
Oversubscription in a Clos Topology
Interconnect Link Speeds
Practical Constraints
Fine-Grained Failure Domain
Scaling the Clos Topology
Comparing the Two Three-Tier Models
Application Matchup
Data Center Build Out
Implications of the Clos Topology
Rethinking Failures and Troubleshooting
Cabling
Simplified Inventory Management
Network Automation
Some Best Practices for a Clos Network
Use of Multiple Links Between Switches
Use of Spines as Only a Connector
Use of Chassis as a Spine Switch
Host Attach Models
Summary
References

3. Network Disaggregation
What Is Network Disaggregation?
Why Is Network Disaggregation Important?
Controlling Costs
Avoiding Vendor Lock-In
Standardization of Features
What Made Network Disaggregation Possible Now?
Difference in Network Operations with Disaggregation
Purchase and Support
First Boot
Open Network Installer Environment
How Does ONIE Work?
The Players in Network Disaggregation: Hardware
Packet-Switching Silicon
ODMs
CPU Complex
The Standards Bodies
Common Myths About Network Disaggregation
Some Best Practices for Engaging with Network Disaggregation
Summary
References

4. Network Operating System Choices
Requirements of a Network Device
The Rise of Software-Defined Networking and OpenFlow
More Details About SDN and OpenFlow
The Trouble with OpenFlow
OVS
The Effect of SDN and OpenFlow on Network Disaggregation
NOS Design Models
Location of Switch Network State
Programming the Switching Silicon
API
The Reasons Behind the Different Answers
User Interface
Comparing the NOS Models with Cloud Native NOS Requirements
Illustrating the Models with an Example
What Else Is Left for a NOS to Do?
Summary
References

5. Routing Protocol Choices
Routing Overview
How Routing Table Lookups Work
How Routes Are Chosen
Types of Routing Table Entries
RIB and FIB
Routing Protocols Overview
Distance Vector Protocols Versus Link-State Protocols
Distance Vector Dissected
Link-State Dissected
Summarizing Distance Vector Versus Link-State Route Exchange
Comparing Distance Vector and Link-State Protocols
Scaling in Link-State and Distance Vector Protocols
Multipathing in Distance Vector and Link-State Protocols
No News Is Good News
Propagation Delay in Link-State and Distance Vector Protocols
Multiprotocol Support
Unnumbered Interfaces
Routing Configuration Complexity
Routing Protocols in Clos Networks
Link-State Versus Distance Vector When Links or Nodes Fail
Route Summarization in Clos Networks
Security and Safeguards
Bidirectional Forwarding Detection
Requirements of a Routing Protocol in the Data Center
Basic Requirements
Advanced Requirements
Rare or Futuristic Requirements
Choosing the Routing Protocol for Your Network
Summary
References

6. Network Virtualization
What Is Network Virtualization?
Uses of Network Virtualization in the Data Center
Forcing Traffic to Take a Certain Path
Applications That Require L2 Adjacency
Cloud
Separating Switch Management Network from Data Traffic
Network Virtualization Models
Service Abstraction: L2 or L3
Inline Versus Overlay Virtual Networks
Network Tunnels: The Fundamental Overlay Construct
Benefits of Network Tunnels
The Drawbacks of Network Tunnels
Network Virtualization Solutions for the Data Center
VLAN
VRF
VXLAN
Other Network Virtualization Solutions
Practical Limits on the Number of Virtual Networks
Size of Virtual Network ID in Packet Header
Hardware Limitations
Scalability of Control Plane and Software
Deployment Model
Control Protocols for Network Virtualization
Relationship of Virtual and Physical Control Plane
The Centralized Control Model
The Protocol-Based Control Model
Vendor Support for Network Virtualization
Merchant Silicon
Software
Standards
Illustrating VXLAN Bridging and Routing
VXLAN Bridging Example: H1 to H5
VXLAN and Routing: H1 to H6
Summarizing VXLAN Bridging and Routing
Summary

7. Container Networking
Introduction to Containers
Namespaces
Network Namespaces
Virtual Ethernet Interfaces
Container Networking: Diving In
Single-Host Container Networking
Multihost Container Networking
Comparing Different Container Network Solutions
Kubernetes Networking
Summary

8. Multicast Routing
Multicast Routing: Overview
The Uses of Multicast Routing
Problems to Solve in Multicast Routing
Building a Multicast Tree
Multicast Routing Protocol
PIM Sparse Mode
Rendezvous Point
Building a Multicast Distribution Tree
Multiple RPs and MSDP
PIM-SM in the Data Center
PIM-SM and Unnumbered
Summary

9. Life on the Edge of the Data Center
The Problems
Connectivity Models
Why Connect to the External World?
Bandwidth Requirements for External Connectivity
Connecting the Clos Topology to the External World
Routing at the Edge
Services
Hybrid Cloud Connectivity
Summary

10. Network Automation
What Is Network Automation?
Who Needs Network Automation?
Does Network Automation Mean Learning Programming?
Why Is Network Automation Difficult?
The Trouble with IP Addresses and Interfaces
Scale
Network Protocol Configuration Complexity
Lack of Programmatic Access
Traditional Network OS Limitations
What Can Network Developers Do to Help Network Automation?
Tools for Network Automation
Automation Best Practices
Ansible: An Overview
Inventory
Playbooks
Ad Hoc Commands
Structuring Playbooks
A Typical Automation Journey
Glorified File Copy
Automate the Configuration That Was Not Device Specific
Template the Routing and Interface Configuration
More Templating and Roles
Some Observations from Fellow Journeymen
Validating the Configuration
Single Source of Truth
Commit/Rollback in the Age of Automation
Vagrant and Network Testing
Automating Verification
Summary
References

11. Network Observability
What Is Observability?
The Current State of Network Observability
The Disenchantments of SNMP
Box-by-Box Approach to Network Observability
Why Is Observability Difficult with Networking?
Observability in Data Center Networks: Special Characteristics
Decomposing Observability
The Mechanics of Telemetry
What Do We Gather?
How Do We Gather?
When Do We Gather?
Storing the Data
The Uses for Multiple Data Sources
Of Alerts and Dashboards
Summary
References

12. Rethinking Network Design
Standard, Simple Building Blocks
Network Disaggregation
Failure: Missing the Forest for the Trees
L2 Failure Model Versus L3 Failure Model
Simple Versus Complex Failures
Handling Upgrades
The Pursuit of Less
How the Right Architecture Helps
Feature Set Essentialism
Constraints on the Cloud Native Network Design Principles
Summary

13. Deploying OSPF
Why OSPF?
The Problems to Be Addressed
Determining Link-State Flooding Domains
Numbered Versus Unnumbered OSPF
Support for IPv6
Support for VRFs
Requirements for Running OSPF on Servers
OSPF Route Types
The Messiness of Stubbiness
OSPF Timers
Dissecting an OSPF Configuration
Configuration for Leaf-Spine in a Two-Tier Clos Topology: IPv4
Configuration for Leaf-Spine in a Two-Tier Clos Topology: IPv6
Configuration with Three-Tier Clos Running OSPF
Configuration with Servers Running OSPF: IPv4
Summarizing Routes in OSPF
OSPF and Upgrades
Best Practices
Summary

14. BGP in the Data Center
Basic BGP Concepts
BGP Protocol Overview
BGP Peering
BGP State Machine
Autonomous System Number
BGP Capabilities
BGP Attributes, Communities, Extended Communities
BGP Best-Path Computation
Support for Multiple Protocols
BGP Messages
Adapting BGP to the Data Center
eBGP Versus iBGP
eBGP: Flying Solo
Private ASNs
BGP’s ASN Numbering Scheme
Multipath Selection
Fixing BGP’s Convergence Time
Summary

15. Deploying BGP
Core BGP Configuration Concepts
Traditional Configuration for a Two-Tier Clos Topology: IPv4
Peer Group
Routing Policy
Route Maps: Implementation of Routing Policy
Providing Sane Defaults for the Data Center
BGP Unnumbered: Eliminating Pesky Interface IP Addresses
A remote-as by Any Name
How Unnumbered Interfaces Work with BGP
Final Observations on BGP Configuration in FRR
Unnumbered BGP Support in Routing Stacks
Summary
Configuring IPv6
BGP and VRFs
Peering with BGP Speakers on the Host
BGP Dynamic Neighbors
BGP and Upgrades
AS_PATH Prepend
GRACEFUL_SHUTDOWN Community
Max-MED
Best Practices
Summary

16. EVPN in the Data Center
Why Is EVPN Popular?
The Problems a Network Virtualization Control Plane Must Address
Where Does a VTEP Reside?
One Protocol to Rule Them All, Or…?
iBGP Characteristics
Separate Underlay and Overlay Protocols
eBGP Only
BGP Constructs to Support Virtual Network Routes
Route Distinguisher
Route Target
FRR’s use of RD and RT
EVPN Route Types
Communicating Choice of BUM Handling
EVPN and Bridging
EVPN Bridging with Ingress Replication
EVPN Bridging with Routed Multicast Underlay
Handling MAC Moves
Support for Dual-Attached Hosts
Host-Switch Interconnect Model
VXLAN Model for Dual-Attached Hosts
Switch Peering Options
Handling Link Failures
Avoiding Duplicate Multidestination Frames
ARP/ND Suppression
EVPN and Routing
Centralized Versus Distributed Routing
Symmetric Versus Asymmetric Routing
Route Advertisements
The Use of VRFs
Deploying EVPN in Large Networks
Summary

17. Deploying Network Virtualization
The Configuration Scenarios
Device-Local Configuration
Single eBGP Session
OSPF Underlay, iBGP Overlay
allowas-in Versus Separate ASN
PIM/MSDP Configuration
EVPN on the Host
Best Practices
Summary

18. Validating Network Configuration
Validating the Network State
System Validation
Cabling Validation
Using Ansible to Validate Cabling
Interface Configuration Validation
Automating Interface Configuration Validation
Routing Configuration Validation
Validating an OSPF Configuration
Validating a BGP Configuration
Stripping the Private ASNs
Validating Network Virtualization
Application’s Network Validation
Data-Plane Validation
Summary

19. Coda
Glossary

Index