Cloud Data Center Network Architectures and Technologies

Cover
Half Title
Series Page
Title Page
Copyright Page
Table of Contents
Summary
Acknowledgments
Authors
CHAPTER 1 Introduction to Cloud DCNs
1.1 CLOUD COMPUTING
1.2 VIRTUALIZATION TECHNOLOGIES INTRODUCED BY CLOUD COMPUTING
1.3 SDN FOR CLOUD COMPUTING
1.4 DCN PROSPECTS
CHAPTER 2 DCN Challenges
CHAPTER 3 Architecture and Technology Evolution of DCNs
3.1 DCN TECHNOLOGY OVERVIEW
3.1.1 Physical Architecture of DCNs
3.1.1.1 Traditional Three-Layer Network Architecture
3.1.1.2 Spine-Leaf Architecture
3.1.2 Technology Evolution of DCNs
3.1.2.1 xSTP Technologies
3.1.2.2 Virtual Chassis Technologies
3.1.2.3 L2MP Technologies
3.1.2.4 Multi-Chassis Link Aggregation Technologies
3.1.2.5 NVO3 Technologies
3.2 ARCHITECTURE AND SOLUTION EVOLUTION OF DCNs FOR FINANCIAL SERVICES COMPANIES
3.2.1 Architecture of Financial Services Companies’ Networks
3.2.2 Financial Service Development Requirements and DCN Evolution
3.2.3 Target Architecture and Design Principles of Financial Cloud DCs
3.3 ARCHITECTURE AND SOLUTION EVOLUTION OF DCNs FOR CARRIERS
3.3.1 Architecture of Carriers’ Networks
3.3.2 Carrier Service Development Requirements and DCN Evolution
3.3.3 Target Architecture and Design Principles of Carrier Cloud DCs
CHAPTER 4 Functional Components and Service Models of Cloud DCNs
4.1 SERVICE MODELS OF CLOUD DCNs
4.1.1 Typical OpenStack Service Model
4.1.2 FusionSphere Service Model
4.1.3 iMaster NCE-Fabric Service Model
4.2 INTERACTION BETWEEN COMPONENTS IN THE CLOUD DCN SOLUTION
4.2.1 Cloud DCN Solution Architecture
4.2.2 Interaction between Components during Service Provisioning
4.2.2.1 Service Provisioning Scenario
4.2.2.2 Network Service Provisioning
4.2.2.3 Compute Service Provisioning
4.3 INTERACTION TECHNOLOGIES BETWEEN CLOUD DCN COMPONENTS
4.3.1 OpenFlow
4.3.1.1 Introduction to OpenFlow
4.3.1.2 Components of an OpenFlow Switch
4.3.1.3 Working Modes of an OpenFlow Switch
4.3.1.4 OpenFlow Table
4.3.1.5 Information Exchange on an OpenFlow Channel
4.3.2 NETCONF
4.3.2.1 Introduction to NETCONF
4.3.2.2 NETCONF Network Architecture
4.3.2.3 NETCONF Framework
4.3.2.4 NETCONF Capabilities
4.3.2.5 NETCONF Configuration Datastore
4.3.2.6 XML Encoding
4.3.2.7 RPC Mode
4.3.3 OVSDB
4.3.4 YANG
4.3.4.1 Function Description
4.3.4.2 YANG Development
CHAPTER 5 Constructing a Physical Network (Underlay Network) on a DCN
5.1 PHYSICAL NETWORK AND NETWORK INFRASTRUCTURE
5.2 PHYSICAL NETWORK DESIGN ON A DCN
5.2.1 Routing Protocol Selection
5.2.2 Server Access Mode Selection
5.2.3 Design and Principles of Border and Service Leaf Nodes
5.2.4 Egress Network Design
CHAPTER 6 Constructing a Logical Network (Overlay Network) in a DC
6.1 OVERLAY NETWORK
6.2 VXLAN BASICS AND CONCEPTS
6.3 VXLAN OVERLAY NETWORK
6.3.1 VXLAN Overlay Network Types
6.3.2 Comparison of VXLAN Overlay Network Types
6.4 VXLAN CONTROL PLANE
6.5 VXLAN DATA PLANE
6.6 MAPPING BETWEEN SERVICE MODELS AND NETWORKS
CHAPTER 7 Constructing a Multi-DC Network
7.1 MULTI-DC SERVICE REQUIREMENTS AND SCENARIOS
7.1.1 Multi-DC Service Scenarios
7.1.2 Multi-DC SDN Network Requirements
7.1.3 Architecture and Classification of the Multi-DC Solution
7.2 MULTI-SITE SOLUTION DESIGN
7.2.1 Application Scenario of the Multi-Site Solution
7.2.1.1 Deployment of a Large VPC
7.2.1.2 VPC Communication
7.2.2 Multi-Site Solution Design
7.2.2.1 Service Deployment Process in the Multi-Site Scenario
7.2.2.2 VMM Interconnection Design
7.2.2.3 Deployment Solution Design
7.2.2.4 Forwarding Plane Solution Design
7.2.2.5 External Network Multi-Active Model
7.2.3 Recommended Deployment Solutions
7.2.3.1 VPC Service Model by Security Level
7.2.3.2 Multi-Tenant VPC Model Analysis
7.3 MULTI-POD SOLUTION DESIGN
7.3.1 Application Scenario of the Multi-PoD solution
7.3.1.1 Cross-DC Cluster Deployment
7.3.1.2 Cross-DC VM Migration
7.3.1.3 Network-Level Active/Standby DR
7.3.2 Multi-PoD Solution Des ign
7.3.2.1 Architecture of the Multi-PoD Solution
7.3.2.2 Network-Level DR
7.3.2.3 Security Policy Synchronization Design
7.3.2.4 Forwarding Plane
7.3.3 Recommended Deployment Solutions
CHAPTER 8 Building E2E Security for Cloud DCNs
8.1 CLOUD DCN SECURITY CHALLENGES
8.2 CLOUD DCN SECURITY ARCHITECTURE
8.2.1 Overall Security Architecture
8.2.2 Architecture of Security Components
8.3 BENEFITS OF THE CLOUD DCN SECURITY SOLUTION
8.4 CLOUD DCN SECURITY SOLUTION
8.4.1 Virtualization Security
8.4.2 Network Security
8.4.2.1 Network Security Overview
8.4.2.2 Microsegmentation
8.4.2.3 SFC
8.4.2.4 Security Services
8.4.3 Advanced Threat Detection and Defense
8.4.4 Border Security
8.4.5 Security Management
CHAPTER 9 Best Practices of Cloud DCN Deployment
9.1 DEPLOYMENT PLAN
9.1.1 Overall Plan
9.1.1.1 Common User Requirements
9.1.1.2 Network Zone Design
9.1.1.3 Physical Architecture Design
9.1.1.4 SDN Design
9.1.2 Recommended Service Network Plan
9.1.2.1 Basic Principles for Designing a Physical Network
9.1.2.2 Recommended Service Network Architecture
9.1.2.3 Routing Plan
9.1.2.4 Egress Network Plan
9.1.2.5 Firewall Deployment Plan
9.1.2.6 LB Deployment Plan
9.1.2.7 Server Access Deployment Plan
9.1.3 Management Network Plan (Recommended)
9.1.3.1 Management Network Deployment Plan
9.1.3.2 SDN Controller Deployment Plan (Recommended)
9.2 Deployment Process
9.2.1 Overview
9.2.2 Basic Network Pre-Configurations
9.2.2.1 Networking
9.2.2.2 Deployment Parameter Plan
9.2.2.3 Key Configuration Steps
9.2.3 Installing the Controller
9.2.4 Commissioning Interconnections
9.2.5 Provisioning Services
9.2.5.1 Service Provisioning Process
9.2.5.2 Service Provisioning Example
CHAPTER 10 Openness of DCN
10.1 DCN ECOSYSTEM
10.2 OPENNESS OF THE CONTROLLER
10.2.1 Northbound Openness of the Controller
10.2.2 Southbound Openness of the Controller
10.3 OPENNESS OF THE FORWARDER
10.3.1 Northbound Openness of the Forwarder
10.3.2 Openness of Forwarder Interconnection
CHAPTER 11 Cutting-Edge Technologies
11.1 CONTAINER
11.1.1 Overview
11.1.2 Industry’s Mainstream Container Network solutions
11.1.3 Huawei SDN Container Network Solutions
11.2 HYBRID CLOUD
11.2.1 Overview
11.2.2 Industry’s Mainstream Hybrid Cloud Network Solutions
11.2.3 Huawei Hybrid Cloud SDN Solution
11.3 AI FABRIC
11.3.1 Current State of AI DCNs
11.3.2 New DCN Requirements Brought by AI Technology
11.3.3 AI Fabric Technical Directions
CHAPTER 12 Components of the Cloud DCN Solution
12.1 PHYSICAL CLOUDENGINE SWITCHES
12.1.1 Overview
12.1.2 Technical Highlights
12.1.2.1 Evolution from 25GE, 100GE, to 400GE
12.1.2.2 Telemetry Technology
12.1.2.3 IPv6 VXLAN
12.2 CLOUDENGINE VIRTUAL SWITCHES
12.2.1 Overview
12.2.2 Architecture
12.2.3 Functions
12.3 HISECENGINE SERIES FIREWALLS
12.3.1 Overview
12.3.2 Application Scenarios
12.3.2.1 DC Border Protection
12.3.2.2 Broadcasting and Television Network and Tier-2 Carrier Network
12.3.2.3 Border Protection for Medium and Large Enterprises
12.3.2.4 VPN Branch Access and Mobile Office
12.3.2.5 Cloud Computing Gateway
12.3.3 Advanced Content Security Defense
12.3.3.1 Accurate Access Control
12.3.3.2 Powerful Intrusion Prevention
12.3.3.3 Refined Traffic Management
12.3.3.4 Perfect Load Balancing
12.4 IMASTER NCE-FABRIC
12.4.1 Overview
12.4.2 Architecture
12.4.3 Functions
12.5 SECOMANAGER
12.5.1 Overview
12.5.2 Architecture
12.5.2.1 Logical Layers
12.5.2.2 Peripheral Systems
12.5.2.3 System Architecture
12.5.3 Functions
12.5.3.1 High Security
12.5.3.2 Device Discovery
12.5.3.3 Policy Management
12.5.3.4 Open Interfaces
ACRONYMS AND ABBREVIATIONS