The hottest spruce network released 2cloudnsp to s

Spruce network releases 2cloudnsp to solve large-scale deployment and high-performance forwarding

spruce network newly releases 2cloudnsp, a networkserviceplatform based on Sdn. It is used to solve the problems of large-scale deployment and high-performance forwarding of virtual networks in the data center, as well as complex problems such as network security services and network operation and maintenance in the cloud computing environment

sdn's six-year development is full of games and exploration. Since nickmckeown proposed SDN in 2009, the silence in the network field has been broken for many years. A large number of foreign SDN entrepreneurial teams such as nicira and bigswitch have promoted the three years of SDN's start-up; Since 2012, VMware has acquired nicira with us $1.2 billion and Cisco acquired insieme with us $1.0 billion, which has triggered a war between SDN giants. Game and layout have become the theme of these three years. The commercialization of SDN was launched in 2014. In China, manufacturers, operators, Internet and traditional enterprises are all watching or exploring around Sdn. The next three years will be the time for SDN to land and perform its value. The SDN based network service platform 2cloudnsp released by Picea network this time is a major action based on the accumulation of SDN technology in the past 10 years

about 2cloudnsp

2cloud is the product brand of picturesque. It is read as tocloud, which means yourwaytothecloud and helps enterprises enter the cloud. 2cloud NSP is an SDN solution built by Picea based on 2cloud cloud management platform. The full name of NSP is networkservicesplatform

2cloudnsp solve what problem

2cloud mainly solves the deployment scheme of data center independent of specific network equipment, solves the problems of large-scale deployment and high-performance forwarding of virtual network in data center, as well as complex problems such as network security services and network operation and maintenance in cloud computing environment. Provide high-performance and low-cost network services for cloud platforms with a final scale of more than 200 servers

the main functions of 2cloudnsp

2cloudnsp includes three functions: first, network virtualization, responsible for network deployment and management; The second is network function virtualization, which mainly provides layer network services; Then is network operation and maintenance, which provides network flow detection and analysis to ensure the rapid location and repair of network faults

let's look at the key technologies and functional advantages of the three functions:

1) NV network virtualization

for the construction of virtual network, 2cloudnsp should solve two major problems: from the inside to the outside of the network, solve the problem of network expansion, that is, large-scale network deployment; From the inside of the network, we can solve the problem of network virtualization granularity, that is, which granularity of the virtual network can be controlled

first, 2cloudnsp centrally controls the multi tenant logical network, uses mature network hardware to achieve scale expansion and load unloading, and solves the problems of software performance loss and network scale expansion

support large-scale logical networks with general and open network hardware without binding hardware network devices. 2cloudnsp builds large-scale l3fabric with general box spine switch, which can easily access 10K 10 Gigabit port physical devices and connect heterogeneous and cross regional computing, storage and security resources. The vxlanbridgengtor switch, which automatically records the relationship curve between the movement distance of the collet of the experimental machine (the relationship curve between the force and the stripping length), unloads the vswitch network load to realize the high-performance two-layer logic network

in the architecture of 2cloudnsp, the NMS network management system is sdncontroller, which does a lot of brain like control in the controller, just like an intelligent scheduling center. It can be deployed in a cluster mode. Through NMS, it can centrally control the multi tenant logical network, use mature network hardware to achieve scale expansion and load unloading, and solve the problems of software performance loss and network scale expansion

for users, it gives users a flexible and convenient group function, and can support the heterogeneity and large scale of business networks

without changing the physical network, deploy large-scale business network with one click through visual rapid construction function, and quickly modify the network interconnection between heterogeneous resources on demand

secondly, 2cloudnsp distributed logic switch and differential segment (microsegm is also the core content of technological progress), so that network control is more than mere details

2cloud distributed logic switches use openflow to fine-grained control traffic, eliminate broadcast replication and sudden unknown unicast problems caused by ARP protocol in the layer 2 network, and eliminate the unknown and unreliable control of results caused by DHCP protocol. The centralized sdnintelligence and fully distributed independentagent ensure the high performance and stability of the layer 2 network

the usual method of differential segment is to divide the security domain with card as granularity, and 2cloudnsp can divide the security domain with flow as granularity. The traditional two-layer broadcast domain can be further divided into different differential segments (security domain) through 2cloudnsp. By dividing different virtual cards and even different application traffic into specific security domains, the broadcast domain can be refined to network granularity, so as to achieve interoperability within the same security domain and complete isolation between different security domains. There is no need to make any configuration for online business. In fact, there is no big use for him. The network address change can easily realize zero trust protection

2) nfv network function virtualization

2cloudnsp provides network services that are characterized by distributed network services that eliminate traffic hotspots

2cloud distributed network service realizes the virtualization and distribution of network functions. With the distributed virtual gateway, the east-west traffic across the two layers does not need to converge to a bottleneck point, and the dynamic release of routing information between multiple networks is realized with the distributed virtual router. With the distributed virtual firewall, the traffic can be protected at the position closest to the source

in addition, with the fine-grained flow control capability of differential segments, network and security services such as load balancing, enterprise level virtual firewall, UTM and web application firewall can share the load according to business, completely eliminating traffic hotspots

2cloudnsp builds a servicechain transparent access within the same child to achieve undisturbed security protection

various service nodes can be dynamically combined into a three-tier or two-tier service chain, which can be quickly and conveniently deployed between any two differential segments, and can be inserted into the business network transparently to provide professional network and security protection capabilities. Transparent access enables easy integration of network services without changing the network configuration of existing services

3) no network operation and maintenance

2cloudnsp network operation and maintenance will help the operation and maintenance administrator find network anomalies and trends in real time based on the lossless deep flow detection technology

the deepflowinspection (DFI) independently developed by Picea network covers virtual and physical switching devices, runs at the kernel level of virtual switches, and counts public and private network traffic efficiently and losslessly. Draw the traffic topology according to the traffic data, and filter out specific traffic according to the traffic model and other conditions for in-depth analysis of tenant business

based on statistical data, use big data streaming computing technology to show the current state of user business in real time. Compared with other network probes, DFI makes statistics directly at the exit of the virtual server, and all internal traffic of users can also be included in the analysis and visual display, so as to obtain the characteristics of hot links and hot services. This traffic data can analyze security threat attacks through the security analysis engine of professional security manufacturers, so as to provide convenient operation and maintenance services for cloud platform managers and users

2cloudnsp realizes the large-scale and fine-grained construction of network virtualization, as well as distributed high-performance and interference free network services. It realizes the management of large-scale cloud resources through big data operation and maintenance, and provides high-performance, open, hardware unbound, and low-cost software defined network solutions for the deployment of large-scale cloud platforms