3. Confidential
About the company
• Founded in 2010, Midokura is a global company with
offices in Tokyo, San Francisco and Barcelona
• Pioneer in network virtualization – provides software
for networking using overlay approach. Pedigree
derives Amazon, Cisco, VMware and Google
• Received $17M first round of funding in April 2013
from Innovation Network Corporation of Japan, NTT
and NEC
• Named by CRN as amongst the top 10 networking
stories of 2013 and also amongst 10 coolest startups
in the world
2
“800 pound virtualization gorillas like VMware and Microsoft that have virtual switch deployments and now
network virtualization solutions (NSX and HyperV Network Virtualization) will leverage existing relationships
to encourage this influence as well as gain access to the network teams. That said, key innovative startups in
the network virtualization space like Midokura will also have the potential to help organizations bridge the
gap between virtualization and network domains.” – ESG Research
“Network virtualization companies such as Midokura offer network virtualization approaches to compete with
visions such as Cisco ACI and VMware NSX, and so they will be watched by mid-tier vendors that feel they are
missing out on the next network disruption opportunity.” – 451 research, an analyst firm
• First in the industry to bring together network
virtualization and bare metal networking with the aim
of providing an open network – Cliff Grosner,
Infonetics Research
• Significant contributor to the OpenStack Networking
(Neutron)
• First SDN vendor to be certified for Red Hat
OpenStack environment
• Early member of the Open DayLight Project (ODP)
• Broad and deep technical partnerships with network
switch vendors, software companies and solution
providers
8. Confidential
7
Before Neutron: Nova Networking
Nova-Networking was the only networking option in OpenStack prior to
Quantum/Neutron
Still available today as an alternative to Neutron, but will likely be phased
out.
Options Available within nova-networking initially:
• Only Flat
• Flat DHCP
Limitations
• No flexibility with topologies (no 3-tier)
• Tenants can’t create/manage L3 Routers
• Scaling limitations (L2 domain)
• No 3rd party vendors supported
• Complex HA model
9. Confidential
8
Nova-network slightly evolves
Introduced VLAN DHCP mode
Improvements:
• L2 Isolation – each project gets a
VLAN assigned to it
Limitations
• Need to pre-configure VLANs on
physical network.
• Scaling Limitations - VLANs
• No L3
• No 3-tier topologies
• No 3rd party vendors
10. Confidential
Introducing Neutron
9
OpenStack Networking as a first
class Service
• Pluggable Architecture
• Standard API
• Many choices
Plugins Available
• MidoNet
• OVS Plugin
• Linux Bridges
• Flat DHCP
• VLAN DHCP
• ML2
• ML2
• NSX
• PlumGRID
• Nuage
• Contrail
• Ryu
• Supports Overlay Technology
• More Services (LBaaS, VPNaaS)
• Flexible network topologies
13. Confidential
12
OVS Agent - receives tunnel/flow setup info from OVS Plugin, and programs Open
vSwitch to setup tunnels and send traffic through the tunnel
DHCP Agent - Sets up dnsmasq in a namespace per network/subnet and enters
mac/ip into dhcp lease file
L3 Agent – OVS Plugin orchestrates to set up IPTables, Routing, NAT tables
OVS Open Source Plugin
14. Confidential
13
Neutron Network Node is a SPOF
Need to use corosync, etc for active/standby failover.
Challenging at Scale
Since there’s a single network node, this becomes a bottleneck fairly quickly.
Inefficient Networking
IPTables, L3 Agent, multiple hops for single flow are causing unnecessary traffic
and added latency on your physical network
Challenges with OVS Plugin
16. Confidential 15
MidoNet – All network services are distributed
Logical L2 Switching - L2 isolation and path optimization with distributed
virtual switching
Interconnect with VLAN enabled network via L2 Gateway
Logical L3 Routing – L3 isolation and routing between virtual networks
No need to exit the software container - no hardware required
Distributed Firewall – Provides ACLs, high performance kernel integrated
firewall via a flexible rule chain system
Logical Layer 4 Load Balancer – Provides application load balancing in
software form - no need for hardware based firewalls
VxLAN/GRE – Provides VxLAN and GRE tunneling
Provides L2 connectivity across L3 transport. This is useful when L2 fabric
doesn’t reach all the way from the racks hosting the VMs to the physical L2
segment of interest.
MidoNet/Neutron API– Alignment with OpenStack Neutron’s API for
integration into compatible cloud management software
v
Applications
MidoNet Network Virtualization Platform
Networking Hardware
OpenStack, Custom Platforms*
Firewall
Layer 4
Load Balancer
VxLAN/GRE
Hypervisor
Logical L2 Logical L3 NAT
MidoNe
t/
Neutron
API
NAT – Provides Dynamic NAT, Port masquerading
21. Confidential
20
Neutron Network Node is a SPOF
Need to use corosync, etc for active/standby failover.
Challenging at Scale
Since there’s a single network node, this becomes a bottleneck fairly quickly.
Inefficient Networking
IPTables, L3 Agent, multiple hops for single flow are causing unnecessary traffic
and added latency on your physical network
Challenges with OVS Plugin
30. Confidential
Perfect for Load Balancer as a Service
29
VM
VM
VMVM
VM
VM
VMVM
Users setup LB on
demand
Handle spiky traffic
with the LB and VMs
flexibly
31. Confidential
Requirements for LB as a Service (1)
30
VM
VM
VMVM
VM
VM
VMVM
LB has to be isolated
between users and
services!
Requirement 1:Multi tenancy
32. Confidential
Requirements for LB as as Service (2)
31
VM
VM
VMVM
VM
VM
VMVM
Handling larger traffic
larger than the original
estimation!
Requirement 2:High Scalability