Windows Server 2016 Software-Defined Networking...

Digicomp Microsoft Evolution Day 2015 1

Windows Server 2016 Software-Defined Networking

Oliver Ryf

Partner:

2Digicomp Microsoft Evolution Day 2015

Agenda

Begrüssung

Vorstellung Referent

PowerShell Desired State Configuration

F&A

Weiterführende Kurse

3Digicomp Microsoft Evolution Day 2015

Vorstellung Referent

Seit 1991 IT-Trainer

1995 MCSE und MCT

Seit 2000 diverse Projekte im Bereich Windows/Office Migrationen, Active Directory, Infratruktur, Hyper-V und Azure Cloud

Seit 2006 Trainer bei Digicomp

Seit 2014 Principal Consultant und Cloud Archiect bei UP-Great AG Fehraltorf

Windows Server

System Center

Azure Pack

Tenant Deployment Multi-Tier LOB Application

Tenant Deployment Multi-Tier LOB Application

• Inbox feature for integrated management of IP addresses, domain names, and device identities

• Tightly integrates with Microsoft DNS and DHCP servers

• Provides custom IP address space display, reporting, and management

• Audits server configuration changes and tracks IP address use

• Migrates IP address data from spreadsheets or other tools

• Monitors and manages specific scenario-based DHCP and DNS services

Domaineurope.corp.woodbridge.com

IPAM Server (UK)

DHCP, DNS, DC, and NPS servers

IPAM Server (Bangalore)

DHCP, DNS, DC, and NPS servers

Domainfareast.corp.woodbridge.com

IPAM Server (Hyderabad)

DHCP, DNS, DC, and NPS servers

IPAM server (Redmond)

DHCP, DNS, DC, and NPS servers

WS

2016

IPA

M

Unified

IP

addres

s

Mgmt.

Delega

ted

Admin

Networ

k

service

s

Mgmt.

Scale,

robustn

ess &

automat

ion

Networ

k audit

&

visibilit

y

• Tracking activity of

IP address/user/mc

• IP utilization &

trend

• Audit config

• Disaster Recovery

• Multiple instance

deployment

• SQL Server

database

• Extensive PS

support

• Cross AD Support

• IP addressing management of

physical and virtual networks (SCVMM

integration)

• Integrated IP addressing, DNS and

DHCP management

• Granular RBAC to manage IP

address space, DHCP & DNS

• Delegated administration

within and across datacenters

• Automatic server discovery

• Single console DHCP and DNS

management across datacenters

• Management of granular DNS

properties

• Network functions that are being performed by hardware appliances are increasingly being virtualized as virtual appliances

• Virtual appliances are quickly emerging and creating a brand new market

• Dynamic and easy to change because they are a pre-built, customized virtual machine.

• It can be one or more virtual machines packaged, updated, and maintained as a unit.

• Microsoft included a standalone gateway as a virtual appliance starting with Windows Server 2012 R2

Firewall & Antivirus

DDoS & IPS/IDS

App/WAN Optimizers

S2S Gateway

L2/L3 Gateways

Routers & Switches

NAT & HTTP Proxy

Load Balancers

Microsoft provides key virtualized network functions with Windows Server

1

Deploy virtual appliances from vendors of your choice

2Deploy, configure & manage virtual appliances with the Network Controller

3

Hyper-V can host the top guest OS’s that you need

4

• Included within Windows Server

• It is a network layer, 5-tuple (protocol, source and destination port numbers, source and destination IP addresses), stateful, multitenant firewall

• Tenant administrators can install and configure firewall policies to help protect their virtual networks

• Managed via Network Controller and northbound APIs

• Highly scalable, manageable, and diagnosable software-based firewall

• Freedom to move tenant virtual machines to different compute hosts without breaking tenant firewall policies

DCB Bandwidth management by traffic class

Not compatible with vSwitch

RDMA SMB Direct – fast storage and live

migrations

Not compatible with vSwitch or LBFO

VMQ VM traffic acceleration

RSS Native traffic acceleration

Operates in VM with SR-IOV VF

Software vRSS Spreads loads across VM CPUs

Address checksum offloads

LSO – Offloads large sends

RSC Coalescing in native stack

TCP Chimney Offload

SR-IOV For high performance networking in VMs

NVGRE task offload

• Teaming integrated into the Hyper-V switch

• Targeted at supporting SDN-switch capabilities:• Packet Direct

• Converged vNIC

• SDN-QoS

• Supported only when using SDN-Extension

• Limitations in this release:• Switch-independent only

• Dynamic and Hyper-V port mode load distributions only

• Managed by VMM or PowerShell, not NIC Teaming GUI

• Only teams identical ports (same manufacturer, same driver, same capabilities) (e.g., dual port NIC)

• Switch must be created in SET-mode. (SET can’t be added to existing switch.)

• New-VMSwitch -name SETswitch -NetAdapterName“NIC1",“NIC2“ -EnableEmbeddedTeaming $true

• DCB policies• Can be set on per-NIC basis

• Can be set on NICs bound to Hyper-V switch

• PowerShell to enable on SET NICs

Install-WindowsFeature Data-Center-BridgingNew-NetQosPolicy "SMB" –NetDirectPortMatchCondition 445 -PriorityValue8021Action 3New-NetQosPolicy "DEFAULT" -Default -PriorityValue8021Action 0Enable-NetQosFlowControl -priority 3Disable-NetQosFlowControl -priority 0,1,2,3,5,6,7Enable-NetAdapterQos -InterfaceAlias “NIC1“,”NIC2”New-NetQosTrafficClass "SMB" -priority 3 -bandwidth 40 -algorithm ETS

Management OS

DCB policies configured for Mgmt, Storage, Migration & Clustering traffic.

Utilizes SMB Multichannel & SMB Direct

NIC Team

Hyper-V vSwitch

VM(s) Management OS

Hyper-V vSwitch with SET

VM(s)

• Allows host vNICs to expose RDMA capabilities to kernel processes (e.g., SMB-Direct)

• With SET, allows multiple RDMA NICs to expose RDMA to multiple vNICs (SMB Multichannel over SMB-Direct)

• With SET, allows RDMA fail-over for SMB-Direct when two RDMA-capable vNICs are exposed

• Operates at full speed with same performance as native RDMA

Add-VMNetworkAdapter -SwitchName SETswitch -Name SMB_1Add-VMNetworkAdapter -SwitchName SETswitch -Name SMB_2Enable-NetAdapterRDMA "vEthernet (SMB_1)","vEthernet (SMB_2)"Get-NetAdapterRdma

• Today’s NDIS for Windows

• Is NDIS in its current form enough for 100G?

• What can we do better?

• Similar to DPDK Technology for Intel NICs

Internet

• Lightning fast lock-free IO model

• Coexists with traditional NDIS data path

• Gives apps direct access to CPU, memory, and NIC capabilities

• App now decides when it wants to send/receive using polling

• App owns buffer management

• App driven I/O for NFV

• Will work with most 10G NICs

Ho

st

PacketDirect Client

(vmSwitch, SLB)

CPU CPU

NetAdapter - PacketDirect Provider

Q1 Q2

CPU CPU

PD Buffers managed by PD

client

PacketDirect Platform

CPUs managed by PD client

Queues managed by PD client

Tenant Deployment Multi-Tier LOB Application

A centralized, programmable point of

automation to manage, configure, monitor,

and troubleshoot virtual and physical network

infrastructure in your datacenter

Can be deployed as single VM

(lab) or as a cluster of 3 physical

servers (no Hyper-V) or 3 VMs

on separate hosts.

• Highly available and scalable server role

• Southbound API

• Northbound API (Rest interface)

• Can manage:

IP subnetsVLANS,L2 and L3 switchesHost NICs

48Digicomp Microsoft Evolution Day 2015

F&A

49Digicomp Microsoft Evolution Day 2015

Weiterführende Kurse

Server Virtualization with Windows Server Hyper-V and System Center («L56»)

Firmenspezifische Workshops