Chapter 7: Network EvolutionChapter 7 – Sections & Objectives

• 7.1 Internet of Things
  • Explain the value of the Internet of Things.
• 7.2 Cloud and Virtualization
  • Explain why cloud computing and virtualization are necessary for evolving networks.
• 7.3 Network Programming
  • Explain why network programmability is necessary for evolving networks.

7.1 Internet of Things

IoT Elements

• • Cisco estimates that 50 billion things will be connected to the Internet by 2020.
  • 99% of things are currently unconnected.
  • Dissimilar networks are converging to share the same infrastructure.

• • The challenge for IoT is to securely integrate millions of new things from multiple vendors into existing networks.
  • The Cisco IoT System provides an infrastructure designed to manage large scale systems of very different endpoints and platforms, and the huge amount of data that they create.

IoT Pillars

• Network Connectivity identifies devices that can be used to provide IoT connectivity to many diverse industries and applications.
• Fog Computing enables edge devices to run applications locally and make immediate decisions.
• Security offers scalable cybersecurity solutions, enabling an organization to quickly and effectively discover, contain, and remediate an attack to minimize damage.
• Data Analytics consists of distributed network infrastructure components and IoT-specific, application programming interfaces (APIs).
• Management and Automation products can be customized for specific industries to provide enhanced security and control and support.
• Application and Enablement provides the infrastructure for application hosting and application mobility between cloud and Fog computing.

7.2 Cloud and Virtualization

Cloud Computing

• • Cloud computing involves large numbers of computers connected through a network that can be physically located anywhere.
  • The three main cloud computing services are:
    • Software as a Service (SaaS): Applications delivered over the web to the end users.
    • Platform as a Service (PaaS): Tools and services used to deliver the applications.
    • Infrastructure as a Service (IaaS): Hardware and software to power servers, storage, networks and operating systems.
  • Cloud service providers now also offer Information Technology as a Service (ITaaS) which allows customers to extend the capability of IT without requiring investment in new infrastructure, training new personnel, or licensing new software.
  • The four primary cloud models are:
    • Public clouds made available to the general population and uses the Internet to provide services.
    • Private clouds are intended for a specific organization or entity, such as the government and is often managed by an outside organization with strict access security.
    • Hybrid clouds: A hybrid cloud is made up of two or more cloud models. Access to various services is based on user access rights.
    • Community clouds: A community cloud is created for exclusive use by a specific community, such as healthcare organizations, that have special authentication and confidentiality requirements.

Virtualization

• • Virtualization separates the OS from the hardware allowing multiple operating systems to exist on a single hardware platform.
  • The hypervisor adds an abstraction layer on top of the real physical hardware used to create virtual machines which have access to all the hardware of the physical machine such as CPUs, memory, disk controllers, and NICs.
  • Virtualization advantages include:
    • • Less equipment is required
      • Less energy is consumed
      • Less space is required
      • Easier prototyping

    

    • Faster server provisioning
    • Increased server uptime
    • Improved disaster recovery
    • Legacy support

• Virtualization separates the OS from the hardware allowing multiple operating systems to exist on a single hardware platform.
• The hypervisor adds an abstraction layer on top of the real physical hardware used to create virtual machines which have access to all the hardware of the physical machine such as CPUs, memory, disk controllers, and NICs.
• Virtualization advantages include:

Virtual Network Infrastructure

There are two approaches to installing a Hypervisor:

• Type 1 “Bare Metal” approach in which the hypervisor is installed directly on the hardware.
• Type 2 “Hosted” approach in which the hypervisor is installed on top of an existing operating system.
• Type 1 Hypervisors use a management console that can be used to automatically move, consolidate, and power on and off servers as required.

7.3 Network Programming

Software-Defined Networking

A network device contains the following planes:

• Control plane – Uses CPU process to calculate Layer 2 and Layer 3 route forwarding information.
• Data plane – Forwards traffic flows using a data plane processor, such as a digital signal processor (DSP), without the CPU getting involved.

SDN virtualizes the network, removing the control plane function from each device and performing it on a centralized controller.

The SDN framework uses northbound APIs to communicate with upstream applications and southbound APIs to define the behavior of downstream routers and switches.

Controllers

The SDN controller defines the data flows that occur in the SDN Data Plane.

Using the OpenFlow protocol, the controller populates a series of tables implemented in hardware or firmware

The following tables manage the flows of packets through the switch:

• Flow table – This table matches incoming packets to a particular flow and specifies the functions that are to be performed on the packets. There may be multiple flow tables that operate in a pipeline fashion.
• Group table – A flow table may direct a flow to a Group Table, which may trigger a variety of actions that affect one or more flows.
• Meter table – The table triggers a variety of performance-related actions on a flow.

Cisco developed the Application Centric Infrastructure (ACI) to automate the network, accelerate application deployments, and align IT infrastructures to better meet business requirements.

These are the three core components of the ACI architecture:

• Application Network Profile (ANP) – a collection of end-point groups (EPG), their connections, and the policies that define those connections.
• Application Policy Infrastructure Controller (APIC) – a centralized software controller that manages downstream switches.
• Cisco Nexus 9000 Series switches – provide an application-aware switching fabric and work with an APIC to manage the virtual and physical network infrastructure.

The Cisco APIC – Enterprise Module (APIC-EM) extends ACI aimed at enterprise and campus deployments.

There are three basic types of SDN:

• Device-based SDN – Devices are programmable by applications running on the device itself or on a server in the network. Cisco OnePK is an example of a device-based SDN.
• Controller-based SDN – Centralized controller that has knowledge of all devices in the network. The applications can interface with the controller responsible for managing devices and manipulating traffic flows throughout the network. The Cisco Open SDN Controller is a commercial distribution of OpenDaylight.
• Policy-based SDN – Includes an additional Policy layer that operates at a higher level of abstraction. No programming skills are required. Cisco APIC-EM is an example of this type of SDN.

Cisco APIC-EM provides the following features:

• Discovery – used to populate the controller’s device and host inventory database.
• Device Inventory – collects detailed information from devices within the network.
• Host Inventory – collects detailed information from hosts with the network.
• Topology – supports a graphical view of the network (topology view).
• Policy – ability to view and control policies across the entire network including QoS.
• Policy Analysis – ability to trace application specific paths between end devices to quickly identify ACLs in use and problem areas including:
  • ACL Analysis – examines ACLs on devices, searching for redundant, conflicting, or shadowed entries.
  • ACL Path Trace – examines specific ACLs on the path between two end nodes, displaying any potential issues.

7.4 Chapter Summary

Summary

• The six pillars of IoT are:
  • Network Connectivity
  • Fog Computing
  • Security
  • Data Analytics
  • Management and Automation
  • Application Enablement Platform
• Cloud computing services include:
  • Software as a Service (SaaS)
  • Platform as a Service (PaaS)
  • Infrastructure as a Service (IaaS)
  • IT as a Service (ITaaS)
• Cloud models include:
  • Public clouds
  • Private clouds
  • Hybrid clouds
  • Community clouds
• Type 1 hypervisors are installed directly on the hardware. Type 2 hypervisors are installed on top of any existing OS.
  SDN is a network architecture that has been developed to virtualize the network. The SDN controller defines the data flows that occur in the SDN data plane.
• The three types of SDN are:
  • Device-based SDN
  • Controller-based SDN
  • Policy-based SDN
• Policy-based SDN, such as Cisco’s APIC-EM, is the most robust, providing for a simple mechanism to control and manage policies across the entire network.
• One of the most important features of the APIC-EM controller is the ability to manage policies across the entire network.

Download Slide PowerPoint (pptx):