With more than 94% of organizations deploying at least some form of server virtualization, network managers face a host of new network challenges – one of which is the need for core network infrastructure services
Ultimately, networking teams will meet this challenge with dynamic core network services appliances (both physical and virtual) and hosted core network services, or some combination of the two.
Core network services and the virtualization challenge
Virtualization flattens the network architecture as data shifts onto layer 2 connections between virtual machines. This leads to very complex and dynamic virtual networks that still require all the same core network infrastructure services available to the physical network: DNS, DHCP and IPAM.
Yet it's nearly impossible for 30-year-old tools to keep track of IP address bindings and virtual MACs (to identify virtual machines) and to manage assignment and release of IP addresses in a virtual environment. Older tools and spreadsheets support a static environment in which the only dynamic aspect is DHCP. In that environment, once addresses were assigned, they typically remained the same and were bound to the same MAC address for a long time. With virtualization, addresses may be assigned for only a short period of time, and as virtual servers move around, the IP address and virtual MAC binding move with the virtual server.
Dynamic core network services: What's required
Virtualization requires new implementations of IPAM, DHCP and DNS:
- IPAM requires automatic tracking of physical and virtual addresses, including automatic assignment and release; no more spreadsheets.
- DHCP provides a physical host to its IP address, subnet and default gateway based on Media Access Control (MAC) address. In the virtual world, the MAC address of a virtual machine is created dynamically upon virtual machine startup. That means that the MAC address is not guaranteed to be unique between hosts, unlike physical MAC addresses, which are globally unique and bound to a single Ethernet adapter. DHCP must be automated and provide these same services dynamically for virtual machine MAC addresses.
- Where previously DNS was simply a mapping from names to addresses, with virtualization, it is effectively used as a service broker, dynamically mapping application services to their current location (physical and virtual). Essentially, DNS needs to become a services switchboard to support virtualization. This requires a fully dynamic DNS architecture.
Dynamic IPAM DNS and DHCP: Hosted or appliance?
Adapting core network infrastructure services to support virtualization requires implementation of either appliances or hosted services, along with corresponding retooling of process and procedure.
For smaller and domestic companies, in-house appliances offer robust and reliable DNS/DHCP services as well as management of the IP space. But for multinational corporations, combining the in-house appliance with externally hosted DNS service may be a better option. A hosted DNS service provides global load-balancing, redirection and other DNS capabilities independent of specific data center availability.
Dynamic core network service appliances are produced by companies such as Infoblox, Alcatel-Lucent (QIP), BlueCat Networks and Solarwinds; while IPAM, DNS and DHCP services can be hosted services offered by companies such as Neustar, Dynect and Nettica.
Companies investing in a core network services appliance must consider the following criteria:
- Lifecycle cost, including upfront investment.
- Training and implementation.
- Availability of a virtual appliance in addition to a physical appliance.
- A solution that scales to meet projected virtualization infrastructure growth.
- Support of IP address management workflow to meet corporate procedures.
- A GUI that makes it easy to see potential misconfigurations, bottlenecks, DNS attacks and nearly depleted address spaces.
In summary, a flexible, dynamic and automated computing infrastructure cannot thrive on top of a static, labor-intensive and inflexible core network infrastructure. To realize the potential of virtualization, businesses need to push for innovation in core network infrastructure services, namely IP Address Management, Domain Name Services and Dynamic Host Configuration.
About the author: About the author: Ted Ritter is a senior research analyst with Nemertes Research, where he conducts research, advises clients, and delivers strategic seminars. A Certified Information Systems Security Professional (CISSP), Mr. Ritter leads Nemertes' research on information stewardship, which includes compliance, as well as the management, access, storage and back up of data.
Mr. Ritter has designed, implemented and supported telecom and information security solutions for commercial, federal and international clients. He holds a master's degree in telecommunications management from The George Washington University and a bachelor's degree in neuroscience from Oberlin College.
This was first published in September 2010