In my previous post, I talked about the significance of DNS in connection with the Software Defined Data Center (SDDC) and Software Defined Networking. Although the second generation DNS provisioning model I outlined should have seemed straight-forward enough, in real life it is anything but. In my view, the real-world complications of a seemingly trivial issue are largely related to how the network industry approaches IP addressing.
"I suppose it is tempting, if the only tool you have is a hammer, to treat everything as if it was a nail.”
—Abraham Maslow, The Psychology of Science
Until the late 90s, the networking industry largely depended on static IP address allocations. Around that time, the number of connected devices started growing rapidly, making it impossible for the network administrators to keep up much longer with the manual configuration of the equipment. To solve this problem, along came the Dynamic Host Configuration Protocol (DHCP) and the fireworks of dynamic IP assignment.
The trouble is, the networking community has not got anywhere since the late 90s. Granted, there have been new RFCs relating to DHCP along the way — DHCPv6 being the most notable example — but deep down the IP addressing paradigm has remained exactly the same. Either the addresses are static or they are issued dynamically by a DHCP server. In this regard, insofar the cloud has been no different.
When one takes a look at various cloud stacks, they mostly rely on DHCP as far as IP addressing is concerned. Admittedly, that works fine in public clouds where no one really cares what IP address is assigned to a given tenant. Ditto for private clouds, as all tenants are firmly sitting in the same enterprise network. But as soon as one gets around to multi-tenant Infrastructure-as-a-Service (IaaS) clouds, that's when DHCP goes sour.
Looking at an enterprise out there, the chances are it takes good use of a private network. Looking at two, the chances are their private networks overlap. And once you have an IaaS Cloud provider trying to service both simultaneously in a multi-tenant cloud environment, the DHCP service no longer works, unless you set up and manage a dedicated DHCP service for each enterprise end-user. Even if the IaaS Cloud provider didn't have more than a few dozen customers, DHCP would likely become a no-go. Just imagine the Operating Expense and you will know why.
Interestingly enough, VMware and Cisco both acknowledged the VLAN and IP Address Management challenges in data centers already in 2011. Their solution was Virtual eXtensible Local Networks, or VXLANs, extending the VLAN address space to gazillion available IDs.
Although I am confident that having network equipment that supports VXLAN Tunnel End Points (VTEP) allows the software defined data center to scale better, it actually does nothing to address the IP allocation issue. In fact, in isolation, it has the potential to make things worse, since in addition to allowing the managed address spaces to grow larger, it also allows the address spaces to span across a number of VLANs.
To address the root cause, the networking community has to take a hard look at the IP addressing methods used in connection with SDDC. While DHCP continues to be a good technology as far as IP allocation to physical devices is concerned, it is not well-suited for multi-tenant cloud environments. Rather, what is needed is an automated IP commissioning system that supports overlapping private networks with tagging for appropriate VLANs and/or VXLANs, with open APIs used to integrate the whole enchilada with cloud orchestration and DNS architectures.
To wrap up this SDDC trilogy, my next blog will discuss how IP commissioning should work in practice.
|Cybersquatting||Policy & Regulation|
|DNS Security||Registry Services|
|IP Addressing||White Space|
Minds + Machines
Neustar DNS Services
Neustar DDoS Protection