Home / Blogs

Maslow's Hammer Meets the Software Defined Data Center

Juha Holkkola

In my previous post, I talked about the significance of DNS in connection with the Software Defined Data Center (SDDC) and Software Defined Networking. Although the second generation DNS provisioning model I outlined should have seemed straight-forward enough, in real life it is anything but. In my view, the real-world complications of a seemingly trivial issue are largely related to how the network industry approaches IP addressing.

"I suppose it is tempting, if the only tool you have is a hammer, to treat everything as if it was a nail.
—Abraham Maslow, The Psychology of Science

Until the late 90s, the networking industry largely depended on static IP address allocations. Around that time, the number of connected devices started growing rapidly, making it impossible for the network administrators to keep up much longer with the manual configuration of the equipment. To solve this problem, along came the Dynamic Host Configuration Protocol (DHCP) and the fireworks of dynamic IP assignment.

The trouble is, the networking community has not got anywhere since the late 90s. Granted, there have been new RFCs relating to DHCP along the way — DHCPv6 being the most notable example — but deep down the IP addressing paradigm has remained exactly the same. Either the addresses are static or they are issued dynamically by a DHCP server. In this regard, insofar the cloud has been no different.

When one takes a look at various cloud stacks, they mostly rely on DHCP as far as IP addressing is concerned. Admittedly, that works fine in public clouds where no one really cares what IP address is assigned to a given tenant. Ditto for private clouds, as all tenants are firmly sitting in the same enterprise network. But as soon as one gets around to multi-tenant Infrastructure-as-a-Service (IaaS) clouds, that's when DHCP goes sour.

Looking at an enterprise out there, the chances are it takes good use of a private network. Looking at two, the chances are their private networks overlap. And once you have an IaaS Cloud provider trying to service both simultaneously in a multi-tenant cloud environment, the DHCP service no longer works, unless you set up and manage a dedicated DHCP service for each enterprise end-user. Even if the IaaS Cloud provider didn't have more than a few dozen customers, DHCP would likely become a no-go. Just imagine the Operating Expense and you will know why.

Interestingly enough, VMware and Cisco both acknowledged the VLAN and IP Address Management challenges in data centers already in 2011. Their solution was Virtual eXtensible Local Networks, or VXLANs, extending the VLAN address space to gazillion available IDs.

Although I am confident that having network equipment that supports VXLAN Tunnel End Points (VTEP) allows the software defined data center to scale better, it actually does nothing to address the IP allocation issue. In fact, in isolation, it has the potential to make things worse, since in addition to allowing the managed address spaces to grow larger, it also allows the address spaces to span across a number of VLANs.

To address the root cause, the networking community has to take a hard look at the IP addressing methods used in connection with SDDC. While DHCP continues to be a good technology as far as IP allocation to physical devices is concerned, it is not well-suited for multi-tenant cloud environments. Rather, what is needed is an automated IP commissioning system that supports overlapping private networks with tagging for appropriate VLANs and/or VXLANs, with open APIs used to integrate the whole enchilada with cloud orchestration and DNS architectures.

To wrap up this SDDC trilogy, my next blog will discuss how IP commissioning should work in practice.

By Juha Holkkola, Managing Director of Nixu Software. More blog posts from Juha Holkkola can also be read here.

Related topics: Cloud Computing, DNS, IP Addressing

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:


To post comments, please login or create an account.

Related Blogs

Related News


Industry Updates – Sponsored Posts

Help Ensure the Availability and Security of Your Enterprise DNS with Verisign Recursive DNS

Join Paul Vixie & Robert Edmonds at the Upcoming Distinguished Speaker Series

LogicBoxes Announces Automation Solutions for ccTLD

3 Questions to Ask Your DNS Host About DDoS

Introducing Our Special Edition Managed DNS Service for Top-Level Domain Operators

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

The Latest Internet Plague: Random Subdomain Attacks

Digging Deep Into DNS Data Discloses Damaging Domains

Nominum Announces Future Ready DNS

Video Interviews from ICANN 50 in London

Dyn Acquires Internet Intelligence Company, Renesys

Introducing getdns: a Modern, Extensible, Open Source API for the DNS

Why We Decided to Stop Offering Free Accounts

Tony Kirsch Announced As Head of Global Consulting of ARI Registry Services

24 Million Home Routers Expose ISPs to Massive DNS-Based DDoS Attacks

Dyn Acquires Managed DNS Provider Nettica

Why Managed DNS Means Secure DNS

SPECIAL: Video Interviews from NamesCon 2014 in Las Vegas

Rodney Joffe on Why DNS Has Become a Favorite Attack Vector

Motivated to Solve Problems at Verisign

Sponsored Topics



Sponsored by

DNS Security

Sponsored by


Sponsored by
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines