Enterprise and cloud providers are virtualizing their networks by building overlay networks with virtual switches, software-defined networking (SDN) controllers, and new tunneling protocols. Overlay networks show tremendous promise to boost operational agility and make networks more adaptive to virtual server infrastructure. There are, however, several misconceptions about this technology that deserve clarification.
Just as virtualization changed compute and storage, it's now changing networking. "That's what overlays are all about -- supporting this move," said Brad Casemore, research director for datacenter networks at IDC. "If you virtualize your infrastructure, the hardware resources can be dynamic and policy-driven to support your application requirements. In the big picture, it's all about making infrastructure more pliant and responsive to application needs."
Myth: The overlay movement is all about tunneling protocols.
Reality: Rather than getting bogged down by the narrow details of overlay networks, such as tunneling protocols (NVGRE, VXLAN, and STT), network architects should instead focus on all that the technology allows them to do.
"The overlay movement has nothing to do with details -- it has everything to do with architecture," said Martin Casado, chief architect for networking at VMware. "In my opinion, protocols are details and relatively unimportant. Any good virtual networking solution should support as many endcaps -- what you throw on a packet -- as possible. There's nothing architecturally significant about the different protocols, so we don't have any religion about which one is better."
Myth: Overlay networks make network virtualization more complex.
Reality: Rather than making networking more complex, an overlay network puts applications in charge of the infrastructure.
"With overlay networks you're managing from the application down rather than from the network up. And this is really the focus: ensuring the application gets the services and support from the network to be able to deliver services quickly and efficiently and, over time, more cost effectively from an operational standpoint," Casemore said.
Myth: Tunneling and encapsulation hurt network performance.
Reality: Running tunneling protocols that enable overlay networks won't necessarily slow down the physical network, according to Casado.
"When it comes to performance, you can do tunneling and encapsulation at wire speeds today -- from software at the edge of the network. For example, we deploy in software in the hypervisor and can do tunneling without sacrificing performance," Casado said. "If you have virtual network abstractions, you expose the same operational interfaces that physical networks have, except they're much more complete."
Myth: Troubleshooting an overlay network is too difficult.
Reality: With virtual network abstractions, you expose the same operational interfaces that physical networks have, except they're much more complete.
"Today, lots of things are mixed up in the physical network. You've got tags and traffic counters, and things can get reset as they move around. In the virtual world you point all of your existing management tools to the virtual network and all of the counters and interfaces are exposed, so you can debug at the virtual level as well as at the physical level. I'd argue that this is much simpler than trying to tease it out by only looking at the physical level," said Casado.
Overlay networks do add a second layer of management and require you to troubleshoot both the physical and virtual networks. But Casado pointed out that this extra layer vastly simplifies the overall job of troubleshooting infrastructure. "When you add this new layer, you end up with two simple layers instead of one very complex layer. It actually simplifies the network management piece," he said.
Myth: Overlay networks will commoditize hardware.
Reality: While overlay networks create virtual network abstractions and simplify network management, they don't commoditize network hardware.
"When using overlays, it's actually a combination of traditional-style networking and software-defined networking [SDN]," said Casado. "Traditional-style networking is used to create the physical network. SDN then creates the virtual networking abstraction."
"It's more of an operational benefit than a Capex benefit, because you still need networking hardware," Casemore explained. "Regardless of where the overlay comes from, you'll still need capable, robust hardware underlying it. What changes, of course, is the way you manage it and drive automation through your network in support of the applications."
An overlay network changes how an IT organization extracts value from a network from a management and orchestration standpoint. "And these technologies can be tied in at the higher layers with cloud management systems such as OpenStack, CloudStack and so forth," Casemore said.
Myth: Overlay networks are only useful to cloud providers.
Reality: Cloud providers were the first companies to use overlay networks to create network abstractions. "Now we're seeing financial services companies deploy the technology because they have significant data centers," said Casemore.
Overlay network technology was initially data center centric, but it can be used elsewhere, such as on the WAN. "Google uses this technology over its WAN for virtualization," he noted.
The industry is also talking about how it can be used in the campus. And there are other areas it'll find use. "Like all new technologies, it starts with an early adopter niche. In this case, it was data centers," Casemore said. "Then we'll see it move into specific vertical markets in the enterprise and various other applications. Big data is another area where vendors see really good potential for the technology as well -- but it's still very early days."
This was first published in March 2013