This paper introduces the SDN-compatible UNIVERGE PF Series. It highlights the enhanced functions, adopted technologies and application advantages aimed at large-scale IT system platforms. The UNIVERGE PF Series features functional enhancements such as ample scalability and improved usability. In addition to OpenFlow technology, the UNIVERGE PF Series also supports overlay technology, integrated network operation and management functions. They have been adopted by the NEC Cloud IaaS. This paper describes the product’s functions, configurations and their linkage methods. It also introduces the distributed control and integrated operation employed for virtual networks.

1. Introduction

As virtualization technologies progress, IT system consolidations lead to operation efficiency improvement. In addition to that, widely available cloud-based services support system flexibility and scalability for changing business needs. Together with these trends, we see the rapidly rising need for a scalable IT system architecture and automated IT operation system for the virtualized IT system platforms. To satisfy these needs, network virtualization is now a key element of IT system platforms alongside virtualized computers and storage systems.

SDN (Software-Defined Networking) is expected to be a key technology to successfully realize IT system scalability and its automated operations with software control capabilities. It is also gaining attention as an architecture that boosts the flexibility of entire IT systems, as well having the capability to quickly accommodate changing business needs¹⁾.

NEC has invested to develop SDN from its earlier stage and has released the UNIVERGE PF Series world first SDN-compatible product line in 2011. Since then, development effort has been expanding taking advantage of the scalability and flexibility of SDN architecture. It also has coped several existing networking technologies in addition to OpenFlow²⁾ and has expanded operation and management capabilities for large scale and complex networks.

This paper will describe the new version of UNIVERGE PF Series which has been adopted by the NEC Cloud IaaS cloud-platform service. It also highlights the enhanced features aimed at large-scale virtual IT system platforms, and discusses the innovative supporting technologies and the advantages derived from their application.

2. Outline of the UNIVERGE PF Series

Virtualized IT platform systems used for cloud-based services would accommodate large-scale networks comprising over 1,000 switches. This poses an overwhelming challenge for traditional network technologies due to their scalability limitations and complicated switch equipment setups required when building and modifying system configurations.

The UNIVERGE PF Series newly incorporates a hierarchical architecture to solve these problems. It is designed to accept the overlay network technology in addition to OpenFlow in order to implement networks with high scalability and flexibility.

Fig. 1 shows a positioning and functions of each product in the UNIVERGE PF Series. The UNIVERGE PF6800 (hereinafter referred to as PF6800) on the middle of the figure is an OpenFlow-compatible controller. It controls the UNIVERGE PF Series switches (hereinafter the PFS). Meanwhile, the UNIVERGE PF6700 (hereinafter the PF6700) is used to set up and manage an overlay network that adopts VXLAN³⁾ technology. Overlay technology enables flexible configuration of virtual networks by connecting virtual switches of different servers via VXLAN tunnels, etc.

The UNIVERGE PF6800 Network Coordinator (UNC) performs multi-PF6800 domain integrated control or the PF6800 and PF6700 integrated control. The MasterScope Virtual DataCenter Automation is the system operation and management software working with MasterScope Network Automation. It sends network resource requests to the UNC according to requests made by users or applications of the IT system platform. The UNC provides network resources by controlling the PF6800 or PF6700. The network designs and settings have previously been performed manually, however, automation has been adopted in order to promptly apply the resource requests received from users to the network settings.

3. Controllers for Multi-Layer Platform

3.1 Distributed Control

OpenFlow takes a centralized approach to network control. A substantial increase in the number of switches in a large scale network could lead to issues such as inadequate controller performance and shortage of control network bandwidth, as shown in Fig. 2. The UNIVERGE PF Series solves these problems by taking a hierarchical approach. It allocates multiple sets of PF6800 to control the network per sectored domains. Then, the UNC manages the virtual networks in an integrated manner as shown in Fig. 3. Each set of UNC can manage the PF6800 sets of up to 40 clusters. This makes it possible to manage a large-scale network with over 1,000 switches to be controlled.

3.2 Integrated Management of Virtual Network

The UNIVERGE PF Series provides the VTN (Virtual Tenant Network)⁴⁾, which is a virtual network implemented with the SDN. Each VTN is separated logically and assign the IP address spaces on a per-VTN basis. Therefore, multiple VTNs can be created on a single physical network without any concern for overlapping IP addresses.

The user can create VTNs at the UNC, thereby making it possible to create VTNs that are mapped to multiple PF6800 controlled domains as shown in Fig. 4. Additionally, visualization of the physical network and VTN logical network topology has enabled intuitive understanding of the relationship of VTNs and undelaying physical networks. This enables efficient operation and management of a large-scale network. In this way, hierarchical architecture of network controllers will expand the scale of network to which integrated operation management can be applied. Therefore it contributes to the improved efficiency of large-scale IT system platform operation and management.

In addition, UNC employs an API (Application Programming Interface) compliant to OpenDaylight⁵⁾ software for VTNs. Since OpenDaylight is the open-source SDN controller, it provides a greater flexibility and choices for SDN applications or writing SDN applications.

4. Overlay Technology

4.1 Implementation of Overlay Networks

Overlay technology forms a virtual network by connecting virtual switches across different servers by means of VXLAN technology, etc. This enables flexible extension of virtual networks without modifying the physical networks between servers and without having the concern for the limits of physical networks. Therefore the efficient operation of large-scale IT system platforms can be implemented. For example, creating more than 4,096 virtual networks becomes possible, which exceeds the VLAN ID restriction that had been a problem on the commonly used Ethernet. Moreover, the virtual servers across different physical servers can be migrated inside the overlay network.

The latest PF6700 adopts an overlay technology that is composed of multiple components as shown in Fig. 5 and Table.

Table The roles of the PF6700 components.

4.2 Scalability with Large-scale System Compatibility

Previously, unknown destination data and broadcast/multicast data tended to be a burden on the entire network, where overlay technology was employed for a large-scale system. The UNIVERGE PF6700 Overlay Reflector (OVR) solves this problem and prevents performance degradation of a large-scale system. It avoids transferring such data to the entire network. Alternatively, it transfers them to the relevant servers or to the PF6700 Overlay Gateway (OVG).

The PF6700 Overlay Controller (OVC) controls and manages the entire PF6700 system. The OVC as well as the aforementioned OVR and OVG are all capable of flexible scale-out in order to cope with their use in large-scale data centers.

4.3 Examples of Applications

PF6700 is used for the NEC Cloud IaaS to realize a virtual network comprising of different technology networks. The NEC Cloud IaaS provides two kinds of services, the High Availability (HA) and the Standard (STD) services.

HA services use the PF6800 to realize virtual networks as VTNs. STD services use the PF6700 to realize virtual network and to extend the network with VXLAN overlay technology. When virtual networks span both HA and STD services, VXLAN conversion is performed using the OVG as shown in Fig. 9.

5. Large Capacity SDN switch

As described in section 3.1, the performance of the controller is one of the issues that face large-scale networks based on the OpenFlow technology. In order to deal with this, we have developed the UNIVERGE PF5459 (hereinafter the PF5459) 1.3TB/sec capacity switch (Photo) for reducing the load to the OpenFlow controller, in addition to the development of the aforementioned hierarchical controller. In this section, the load reduction technique used with this product (called the MAC Forwarding technique) will be described.

5.1 MAC Forwarding Technique

Our previous OpenFlow technology based switch uses a flow table (OpenFlow table) that adopts information by combining senders/destinations addresses, VLAN IDs, etc which are 12 tuple defined by Open Networking Foundation. The MAC Forwarding technique uses a multi-table packet forwarding resolution with OpenFlow specification compliance by adding the conventional MAC (Media Access Control) learning table to the OpenFlow table.

The MAC Forwarding technique utilizes two tables as shown in Fig. 10. The Dynamic Mac Flow table performs similar operations to the MAC learning table used in the conventional layer 2 switch (L2 switch). The Standard Flow table performs similar operations to the OpenFlow flow table used for our existing OpenFlow compatible switches.

With the MAC Forwarding technique, the destination MAC address of the ingress packet is first searched in the Dynamic Mac Flow table. If the destination MAC address has already been learned and registered, the packet is transferred in the same way as the L2 switch performs. If the destination MAC address has not been learned, the destination MAC address is searched in the Standard Flow table and is transferred.

As the MAC Forwarding technique is equipped with an address learning table of packet destinations, it eliminates OpenFlow address resolution inquiries that used to occur every time an unknown packet was received. This reduces the load to the controller significantly.

The MAC Forwarding technique also reduces the capacity of the Standard Flow table which faces difficulties in increasing the speed and/or capacity while increasing switch capacity. The Dynamic Mac Flow table resolves most of the packet destination and enables to accommodate a large volume of terminals as many as the conventional L2 switch does. This implies the possibility of developing a multi-port (48-port), 10-Gbps switch that is compatible with OpenFlow technology.

5.2 Integrated Management of VLAN Settings

By employing SDN technology, the PF5459 is designed to enable the centralized setup of VLANs equipped with multiple switches. The PF5459 serves to dramatically reduce the time and effort required for every network configuration change, while each switch conventionally required VLAN setup (4,095 VLANs in some cases) one by one.

6. Conclusion

The introduction of layered architecture and the provision of large-scale network compatibility for each layer have made it possible to implement networks that feature high scalability and flexibility required for a large scale multi-tenant data center. Such networks are also capable of automating large-scale system operations and improving management efficiency. In the future, we intend to further improve the functionality of these products through taking advantages, such as by enabling the integrated operation of multiple data centers in different locations.

Reference

Authors' Profiles