Today’s Networks are no longer static; they continue to become more and more agile. These agile networks are the reason why network automation is essential to modern networking. Simultaneously, Visibility Automation is necessary to track changes within the network. A misconfigured aggregation layer will lead to incorrect results in the visibility and monitoring systems. As an example, in a modern vEPC-based mobile network, it is not unusual to see upwards of 4000 rules. Everybody understands the methods to apply these 4000 rules but maintaining them over time is not possible. Large numbers of filtering rules are the exact reason that visibility automation is needed.
We are not even talking about simple L4 rules, rather, we have complex tunnel configurations which are changed or altered regularly. The primary issue is that the engineers who are responsible for the user traffic and monitoring (the network overlay), often do not control the tunnel (the underlay network). In fact, it is very likely they don’t even know their network exists in an overlay. The visibility solution is logical, however, and therefore is part of the overlay from a management standpoint. Physically, the visibility solution is part of the underlay network because it is related to the Layer 1 and Layer infrastructure. This observation describes the conflict and the reason why automation is so crucial; automation interconnects these two management layers.
Network Automation is an enduring trend in our industry because networks are becoming larger and more complex. Until now, visibility solutions were not typically automated. Why? Because there hasn’t been any automated solution until now.
Cubro is formally announcing the concept of Visibility Automation! Cubro’s automation uses several network metadata sources, from in-band telemetry to DPI, that are correlated within the Cubro controller to generate a dynamic picture of the network and follow network changes automatically.
First, let us consider the network service model; today the Service Model approach replaces the Device Model. In the past, a network was configured device by device (device model) but today networks are configured by software tools to provide services (service model).
Typically, the user of these services is not aware of the underlying infrastructure (physical or virtual). Typically, these services are dynamic!
Today, there are hundreds or thousands of devices in use which means there are networks with multiple layered networks built on top of them (overlay networks models). The service model in network management leads to abstraction. There are multiple monitoring services with the same traffic and many different services in the same underlay network.
Challenges of Overlay Networks
Network overlays are a given in today’s datacenters and a necessity throughout service provider networks. A multitude of overlay protocols, such as VXLAN and GTP, are critical in powering the applications and services we use, the Cloud, the 4G networks of today, and the 5G networks of tomorrow. The number of overlay networks present has grown to truly staggering numbers with many datacenters host to hundreds or even thousands of overlays with multiple thousands of endpoints. This will only continue to grow at exponential rates in the future. Unfortunately, the proliferation of so many overlays has presented major challenges to Network Monitoring practices.
Most tools are not able to parse the additional headers overlay networks add nor is it possible to remove these headers while differentiating the encapsulated traffic of each overlay from that of another.
Solution from Cubro
Cubro’s Next Generation Packet Brokers have been designed, from the ground up, to bring visibility to these networks. The G5 Sessionmasters are equipped to filter into the upper layers of network traffic allowing it to be filtered based on criteria inside the encapsulation headers without removing said headers. This allows for the intelligent identification of overlay network traffic before preparing it for the monitoring system and brings comprehensive visibility to these challenging and complex environments.
The most effective solution from Cubro to monitor overlay network consists of three parts:
The Cubro Visibility Node device (CVN = Cubro Visibility Node “self organizing”)
This is much more than a Network Packet Broker because it interacts with the Cubro Visibility Controller and supports dynamic packet handling approaches for modern overlay networks. The Cubro Controller correlates metadata from the CVN and configures information from the network infrastructure.
The Cubro Controller
The Cubro Controller has two main functions.
The Cubro Controller builds a live-mapping table which allows us to automatically “follow” services and forward the selected service’s traffic to the relevant tools. We change the visibility paradigm from Layer X filtering to Network Service filtering!
The Cubro Vitrum Management software solution
The Cubro Vitrum is a centralized device management platform to visualize your entire network topology in just a few clicks. It can be deployed on virtual machines or even locally within the network, making it extremely easy to scale across your organization.
Learn more about network automation. Contact us at support@cubro.com.