Alcatel-Lucent has launched Nuage Networks, an SDN company that will offer automated provisioning of virtual networks...
across data centers, as well as integration into a larger cloud orchestration framework.
Rather than building an SDN system centered on Alcatel-Lucent hardware, Nuage's vendor-neutral technology is using OpenFlow controllers to direct virtual switches and routers on software overlay networks with open application programming interfaces.
"Openness is a key pillar in the premise of software-defined networking," said Sunil Khandekar, CEO of the SDN company. "Nuage Networks' SDN solution virtualizes and automates any existing data center infrastructure … that includes working with the data center operators' existing network equipment of choice, as well as their desired servers, hypervisors and compute orchestration environment. Nuage Networks assumes no dependency on hardware, including Alcatel-Lucent hardware," he said.
Nuage's software-defined ecosystem includes an OpenFlow-based controller, extensions of the Open vSwitch for virtual routing and switching, and a platform that acts as a services directory and policy engine. With the combined technology, engineers can dynamically instantiate virtual network segments in response to the needs of applications and migrating virtual machines (VMs).
"Compute and storage are virtualized, but the network gets in the way. It's not dynamic; it's cumbersome … [so] a fundamentally new model is in order," Khandekar said.
With the SDN company's technology, engineers establish rules and policy for provisioning network infrastructure using the Virtual Services Directory platform. The policy engine relies on a combination of network analytics and programmed rules to grant role-based permissions based on any number of factors, such as hierarchy of need.
Based on these rules, the Virtualized Services Controller sends messages to the Virtual Routing & Switching platform to create network segments and direct flows appropriately. "Nuage detects the creation or deletion of [a VM]. Then it queries the SDN controller to see if there is a policy already established in the directory for that tenant. If the rules have been set, network connectivity is established right away," said Houman Modarres, senior director of product marketing at Nuage.
Does Nuage solve the problem of intercloud networking?
Enterprises and cloud providers have found plenty of innovation in networking within their own virtual stacks and clouds. But they're often unable to extend that networking, with all of its routing, switching and Quality of Service, or QoS, policy, across private and public cloud domains.
"The real problem for operators is to help the data centers become part of the WAN and carrier network, as opposed to being separate nodules attached [to] the WAN," said Michael Howard, principal analyst at Infonetics Research.
More on SDN and virtual networks
Big Switch network overlay: Why bother with OpenFlow switches?
SDN is about programmability, not network overlays, Arista says
Myth vs. reality: The truth about network overlays
VXLAN gateways aim to integrate virtual and physical networks
Nuage tackles that challenge by using IP networking to peer routers at the edge of any data center, which essentially extends network overlays -- or virtualized Layer 2 -- across data center domains through a virtual private network, or VPN. Network policies can be implemented across multiple tenants, but also across data centers and hybrid clouds, for example.
"Our VM controller is federated using IP protocols, and this is the reason why we are able to seamlessly peer any router at the edge of the data center and provide connectivity," Khandekar said. The idea is to "stretch the control plane" across multiple network domains so "automation is consistent across data centers," he said.
The SDN company's system can be integrated into any cloud orchestration system, including those from VMware, CloudStack and OpenStack. It can also work with any network overlay protocol, including VXLAN [Virtual Extensible LAN] and NVGRE [Network Virtualization using Generic Routing Encapsulation]. That means that networks can be provisioned and managed in the same context as compute and storage, allowing for an even grander federation of management, according to Howard.
In his vision of the ideal future network, there will be a controller that directs "a bunch of different types of controllers; for example, one for consumer broadband, one for global backhaul or mobile packet core," Howard said. The Nuage federated controller system is a first step toward that vision, he said. "The major goal is to have a global view of the multilayer and multivendor network, and to be able to provision services they run across different [segments] of the network with some kind of orchestration of controllers," he added.
Nuage also integrates Layer 4-7 services into this automated provisioning by working with an ecosystem of partners, including Palo Alto Networks and F5, to place virtual instances of application-aware firewalls and load balancers into the mix. Generally, when new applications are created, they need to be manually connected to a firewall and load-balancing capability, but in the SDN company's system, those functions would become part of the orchestration and automation, Modarres said.
Trials of the Nuage Networks Virtualized Services Platform begin in May with beta customers, including U.K. cloud service provider Exponential-e, French telecom service provider SFR, and the University of Pittsburgh Medical Center. Worldwide commercial availability is planned for mid-2013.