imelamory - Fotolia


How network overlays could benefit provider backbones

ISPs are weighing potential benefits of network overlays in the backbone, including increased agility, faster service provisioning and lower Opex.

Editor's note: In part two of our three-part series on deploying network overlays beyond the data center, networking...

expert Jeff Loughridge explores specific ways that overlays could improve Internet service providers' backbone networks, as well as the role of fabric underlays in the backbone networks. Part one examined the history of network overlays in the backbone, and part three looks at how ISPs might implement them without ripping and replacing existing infrastructure using MPLS fabric.

Beyond the data center, Internet service providers (ISPs) are considering how network overlays might also provide new functionality in the backbone network. The closely related concepts of service chaining and network functions virtualization (NFV) can drastically reduce delays in service provisioning, speed the introduction of new services, and spark innovation by service providers.

When providers refer to service chaining, they envision a scenario where services are easily inserted in the packet forwarding path. An environment where services like deep packet inspection, load balancing and network address translation are created using physical appliances is hardly a flexible configuration for inserting and removing services on the fly.

By tunneling customer traffic on PEs, ISPs can relocate services from core network hardware to commodity x86 hardware in the POP.

But imagine an environment based on software, decoupled from the physical infrastructure. The data path is manipulated in a way that packets traverse a chained series of services powered by commodity compute resources. Slow manual processes are replaced by automation. The feature/functionality set exists in software and can be modified on the provider's timeline rather than on that of network hardware vendors. This new flexibility also allows providers to differentiate themselves from competitors, something much harder to achieve when you and all your competitors use the same equipment and network software.

Building network overlays on fabrics

In any network overlay, the underlying fabric must perform a simple forwarding service to provide the uniformity and determinism needed for the automated creation of virtual overlay networks. Using tunneling protocols like VXLAN, STT and Cisco's proprietary OTV, data center architects are opting to use IP fabric. Alternatively, service providers -- many with existing multiprotocol label switching networks -- may elect to use MPLS as the convergence layer that forwards data packets underneath the network overlay.

Rather than an IP-switched service, the routers would provide a simple label-switched service. While imperfect, this IP or MPLS fabric taxonomy is useful in examining the approaches ISPs are taking to construct virtual networks on top of the fabric. In discussing design choices behind the use of simple IP core, the architects building IP fabrics frequently make arguments founded on RFC 1958, "Architectural Principles of the Internet":

"An end-to-end protocol design should not rely on the maintenance of state (i.e., information about the state of the end-to-end communication) inside the network. … The network's job is to transmit datagrams as efficiently and flexibly as possible. Everything else should be done at the fringes."

This should not be interpreted as such that the network should contain no state; routing state is one large example of state that must be maintained in the network. Rather, the belief is that services should be offered closer to the edge where possible. In the MPLS/VPN model, the service is delivered using the provider edge routers. What if this VPN service and other services could be removed from the routers almost completely?

Let's consider how the network overlay could be built on an IP fabric. A lightweight tunneling method must remain on the virtual or physical PE routers to carry traffic to locations in which the services are instantiated. One such tunneling mechanism -- defined in Keyed IP Tunnel-- is an IPv6-enabled modification of L2TPv3. VXLAN, GRE or any other IP-based tunneling mechanism could be used as well.

By tunneling customer traffic on PEs, ISPs can relocate services from core network hardware to commodity x86 hardware in the POP or more centralized data centers if the services can tolerate the additional latency. The shift from offering services on traditional hardware routers to software on x86 servers happens while the core retains the foundational protocols of large-scale ISPs: an interior gateway protocol (ISIS or OSPF) and BGP. All protocols used in the core -- with the exception of the tunneling protocol -- have 20 years of proven record in scaling provider networks.

Next: In part three, we more closely examine the potential of MPLS fabric for ISPs looking to implement network overlays in the backbone.

Next Steps

What is the role of NFV in improving service chaining?

Overlay networks may provide the answer to networking's big questions

How network overlay technologies could change networking jobs

This was last published in April 2015

Dig Deeper on Software-defined networking