Published by Cisco Press (April 2, 2014) © 2014
Russ White | Denise DonohueProduct Information
The Art of Network Architecture
Business-Driven Design
The business-centered, business-driven guide to architecting and evolving networks
The Art of Network Architecture is the first book that places business needs and capabilities at the center of the process of architecting and evolving networks. Two leading enterprise network architects help you craft solutions that are fully aligned with business strategy, smoothly accommodate change, and maximize future flexibility.
Russ White and Denise Donohue guide network designers in asking and answering the crucial questions that lead to elegant, high-value solutions. Carefully blending business and technical concerns, they show how to optimize all network interactions involving flow, time, and people.
The authors review important links between business requirements and network design, helping you capture the information you need to design effectively. They introduce today’s most useful models and frameworks, fully addressing modularity, resilience, security, and management. Next, they drill down into network structure and topology, covering virtualization, overlays, modern routing choices, and highly complex network environments.
In the final section, the authors integrate all these ideas to consider four realistic design challenges: user mobility, cloud services, Software Defined Networking (SDN), and today’s radically new data center environments.
• Understand how your choices of technologies and design paradigms will impact your business
• Customize designs to improve workflows, support BYOD, and ensure business continuity
• Use modularity, simplicity, and network management to prepare for rapid change
• Build resilience by addressing human factors and redundancy
• Design for security, hardening networks without making them brittle
• Minimize network management pain, and maximize gain
• Compare topologies and their tradeoffs
• Consider the implications of network virtualization, and walk through an MPLS-based L3VPN example
• Choose routing protocols in the context of business and IT requirements
• Maximize mobility via ILNP, LISP, Mobile IP, host routing, MANET, and/or DDNS
• Learn about the challenges of removing and changing services hosted in cloud environments
• Understand the opportunities and risks presented by SDNs
• Effectively design data center control planes and topologies
Introduction xx
Part I Framing the Problem
Chapter 1 Business and Technology 1
Business Drives Technology 2
The Business Environment 2
The Big Picture 3
The Competition 4
The Business Side of the Network 5
Technologies and Applications 5
Network Evaluation 6
The Network’s Customers 6
Internal Users 7
External Users 8
Guest Users 9
Technology Drives Business 9
Part II Business-Driven Design
Chapter 2 Designing for Change 11
Organic Growth and Decline 12
Mergers, Acquisitions, and Divestments 14
Centralizing Versus Decentralizing 15
Chapter 3 Improving Business Operations 19
Workflow 19
Matching Data Flow and Network Design 20
Person-to-Person Communication 21
Person-to-Machine Communication 21
Machine-to-Machine Communication 22
Bringing It All Together 23
BYOD 24
BYOD Options 24
BYOD Design Considerations 27
BYOD Policy 28
Business Continuity 29
Business Continuity Versus Disaster Recovery 29
Business Continuity Planning 30
Business Continuity Design Considerations 31
Summary 33
Part III Tools of the Trade
Chapter 4 Models 35
The Seven-Layer Model 36
Problems with the Seven-Layer Model 38
The Four-Layer Model 38
Iterative Layering Model 39
Connection-Oriented and Connectionless 41
A Hybrid Model 42
The Control Plane 43
What Am I Trying to Reach? 43
Where Is It? 44
How Do I Get There? 45
Other Network Metadata 46
Control Plane Relationships 46
Routing 46
Quality of Service 48
Network Measurement and Management 49
Interaction Between Control Planes 49
Reactive and Proactive 51
The Waterfall Model 53
Places in the Network 54
Summary 56
Chapter 5 Underlying Support 57
Questions You Should Ask 57
What Happens When the Link Fails? 57
What Types of Virtualization Can Be Run Over This Link? 58
How Does the Link Support Quality of Service? 59
Marking Packets 59
Queues and Rate Limiters 59
Speeds and Feeds Versus Quality of Service 60
Spanning Tree 61
TRILL 62
TRILL Operation 62
TRILL in the Design Landscape 64
TRILL and the Fabrics 65
Final Thoughts on the Physical Layer 65
Chapter 6 Principles of Modularity 67
Why Modularize? 68
Machine Level Information Overload 68
Machine Level Information Overload Defined 69
Reducing Machine Information Level Overload 71
Separating Complexity from Complexity 72
Human Level Information Overload 73
Clearly Assigned Functionality 74
Repeatable Configurations 75
Mean Time to Repair and Modularization 75
How Do You Modularize? 77
Topology and Reachability 77
Aggregating Topology Information at Router B 78
Aggregating Reachability Information at Router B 78
Filtering Routing Information at Router B 79
Splitting Failure Domains Horizontally and Vertically 79
Modularization and Optimization 81
Summary 82
Chapter 7 Applying Modularity 83
What Is Hierarchical Design? 83
A Hub-and-Spoke Design Pattern 84
An Architectural Methodology 85
Assign Each Module One Function 85
All Modules at a Given Level Should Share Common Functionality 86
Build Solid Redundancy at the Intermodule Level 87
Hide Information at Module Edges 88
Typical Hierarchical Design Patterns 89
Virtualization 90
What Is Virtualization? 90
Virtualization as Vertical Hierarchy 93
Why We Virtualize 93
Communities of Interest 94
Network Desegmentation 94
Separation of Failure Domains 94
Consequences of Network Virtualization 95
Final Thoughts on Applying Modularity 96
Chapter 8 Weathering Storms 97
Redundancy as Resilience 98
Network Availability Basics 98
Adding Redundancy 99
MTTR, Resilience, and Redundancy 100
Limits on Control Plane Convergence 100
Feedback Loops 102
The Interaction Between MTTR and Redundancy 103
Fast Convergence Techniques 104
Detecting the Topology Change 104
Propagating Information About the Change 105
Calculating the New Best Path 106
Switching to the New Best Path 107
The Impact of Fast Convergence 107
Fast Reroute 108
P/Q Space 109
Loop-Free Alternates 110
Remote Loop-Free Alternates 110
Not-Via Fast Reroute 111
Maximally Redundant Trees 113
Final Thoughts on Fast Reroute 115
The Human Side of Resilience 115
Chapter 9 Securing the Premises 117
The OODA Loop 118
Observe 119
Orient 122
Decide 124
Act 125
Brittleness 125
Building Defense In 126
Modularization 128
Modularity, Failure Domains, and Security 128
Modularity, Complexity, and Security 128
Modularity, Functionality, and Security 129
Resilience 129
Some Practical Considerations 129
Close a Door, Open a Door 129
Beware of Virtualization 131
Social Engineering 131
Summary 132
Chapter 10 Measure Twice 133
Why Manage? 133
Justifying the Cost of the Network 134
Planning 135
Decreasing the Mean Time to Repair 136
Increasing the Mean Time Between Mistakes 136
Management Models 137
Fault, Configuration, Accounting, Performance, and Security 137
Observe, Orient, Decide, and Act (OODA) 138
Deploying Management 140
Loosen the Connection Between Collection and Management 140
Sampling Considerations 141
Where and What 142
End-to-End/Network 142
Interface/Transport 143
Failure Domain/Control Plane 143
Bare Necessities 144
Summary 145
Part IV Choosing Materials
Chapter 11 The Floor Plan 147
Rings 147
Scaling Characteristics 147
Resilience Characteristics 149
Convergence Characteristics 151
Generalizing Ring Convergence 154
Final Thoughts on Ring Topologies 155
Full Mesh 155
Clos Networks 157
Clos and the Control Plane 159
Clos and Capacity Planning 160
Partial Mesh 161
Disjoint Parallel Planes 162
Advantages of Disjoint Topologies 163
Added Complexity 164
The Bottom Line 164
Divergent Data Planes 165
Cubes 166
Toroid Topologies 167
Summary 169
Chapter 12 Building the Second Floor 171
What Is a Tunnel? 171
Is MPLS Tunneling? 173
Fundamental Virtualization Questions 175
Data Plane Interaction 176
Control Plane Considerations 177
Control Plane Interaction 177
Scaling 178
Multicast 179
Security in a Virtual Topology 180
MPLS-Based L3VPNs 182
Operational Overview 182
Fundamental Questions 185
The Maximum Transmission Unit 185
Quality of Service 186
Control Plane Interaction 186
Scaling 187
Multicast 188
Security in MPLS-Based L3VPNs 188
MPLS-Based L3VPN Summary 188
VXLAN 189
Operational Overview 189
Fundamental Questions 190
Control Plane Interaction 190
Scaling 190
VXLAN Summary 191
Summary 191
Chapter 13 Routing Choices 193
Which Routing Protocol? 194
How Fast Does the Routing Protocol Converge? 194
Is the Routing Protocol Proprietary? 196
How Easy Is the Routing Protocol to Configure and Troubleshoot? 197
Which Protocol Degrades in a Way That Works with the Business? 198
Which Protocol Works Best on the Topology the Business Usually Builds? 199
Which Protocol is Right? 200
IPv6 Considerations 202
What Is the Shape of the Deployment? 202
How Does Your Deployment Grow? 202
Topological Deployment 203
Virtual Topology Deployment 203
Where Are the Policy Edges? 203
Routing Protocol Interaction with IPv6 204
IS-IS Interaction with IPv6 204
OSPF Interaction with IPv6 205
EIGRP Interaction with IPv6 206
Deploying BGP 206
Why Deploy BGP? 207
Complexity of Purpose 207
Complexity of Place 208
Complexity of Policy 208
BGP Deployment Models 209
iBGP Edge-to-Edge (Overlay Model) 209
iBGP Core 210
eBGP Edge-to-Edge (Core and Aggregation Model) 211
Summary 212
Chapter 14 Considering Complexity 213
Control Plane State 213
Concepts of Control Plane State 214
Network Stretch 215
Configuration State 217
Control Plane Policy Dispersion 218
Data Plane State 220
Reaction Time 223
Managing Complexity Trade-offs 225
Part V Current and Future Trends
Chapter 15 Network in Motion 227
The Business Case for Mobility 228
A Campus Bus Service 228
A Mobile Retail Analysis Team 229
Shifting Load 230
Pinning the Hard Problems into Place 230
Mobility Requires State 231
Mobility Requires Speed 231
State Must Be Topologically Located 232
State and the Network Layers 233
IP-Centric Mobility Solutions 234
Identifier-Locator Network Protocol (ILNP) 235
Locator Identifier Separation Protocol (LISP) 237
Mobile IP 238
Host Routing 239
Mobile Ad-Hoc Networks (MANET) 240
Dynamic DNS 242
Final Thoughts on Mobility Solutions 243
Remote Access Solutions 244
Separate Network Access from Application Access 244
Consider Cloud-Based Solutions 245
Keep Flexibility as a Goal 246
Consider Total Cost 248
Consider Making Remote Access the Norm 248
What Solution Should You Deliver? 249
Chapter 16 On Psychologists, Unicorns, and Clouds 251
A Cloudy History 252
This Time It’s Different 254
What Does It Cost? 255
What Are the Risks? 256
What Problems Can Cloud Solve Well? 257
What Services Is Cloud Good at Providing? 258
Storage 258
Content Distribution 259
Database Services 260
Application Services 260
Network Services 260
Deploying Cloud 261
How Hard Is Undoing the Deployment? 261
How Will the Service Connect to My Network? 261
How Does Security Work? 262
Systemic Interactions 262
Flying Through the Cloud 262
Components 263
Looking Back Over the Clouds 264
Chapter 17 Software-Defined Networks 265
Understanding SDNs 265
A Proposed Definition 265
A Proposed Framework 266
The Distributed Model 267
The Augmented Model 268
The Hybrid Model 269
The Replace Model 271
Offline Routing/Online Reaction 272
OpenFlow 274
Objections and Considerations 276
Conclusion 281
Software-Defined Network Use Cases 281
SDNs in a Data Center 281
What OpenFlow Brings to the Table 281
Challenges to the OpenFlow Solution 283
SDNs in a Wide-Area Core 283
Final Thoughts on SDNs 285
Chapter 18 Data Center Design 287
Data Center Spine and Leaf Fabrics 287
Understanding Spine and Leaf 288
The Border Leaf 291
Sizing a Spine and Leaf Fabric 291
Speed of the Fabric 291
Number of Edge Ports 292
Total Fabric Bandwidth 293
Why No Oversubscription? 294
The Control Plane Conundrum 295
Why Not Layer 2 Alone? 295
Where Should Layer 3 Go? 296
Software-Defined Networks as a Potential Solution 298
Network Virtualization in the Data Center 299
Thoughts on Storage 299
Modularity and the Data Center 300
Summary 301
9781587143755 TOC 3/12/2014