Abstract: Huawei Cloud Stack L2BR/L3GW service uses hardware devices as gateways, gives full play to the advantages of hardware, and provides customers with high performance, low latency, flexible networking, flexible configuration, and stable and reliable service interworking between cloud and cloud.

This article is shared from huawei cloud community “[Huawei Cloud Stack] [Big rack Visit] Phase 5: High-performance Cloud gateway, get through the communication between the cloud and the internal and external business of the director of the two”, the author: Huawei cloud Stack network architect Yao Bo, Huawei cloud Stack network technology expert Zhu Na.

1. Business scenarios

The service deployment mode of the customer’s local DATA center (DC) uses different product modes, such as traditional physical servers, virtualization, and cloud services. These modes coexist for a considerable period of time due to the customer’s service running requirements. Because of the cloud computing can be deployed to provide efficient business ability, on-demand expansion ability and multi-sectoral ability of resource sharing, etc., and for customer business innovation and organization integration provides a strong technical foundation, so the cloud after more than ten years of development, the basic concept of technology on the customer recognition, and now the enterprise cloud scenarios, Cloud has become a trend in customer business, even KPI assessment.

The cloud is a gradual process for enterprise services. In this process, some services are deployed on the cloud, and some services are deployed on non-cloud physical machines. That is, the enterprise service network is a hybrid network covering both the cloud and the cloud. In this scenario, the cloud platform needs to provide a traditional physical underlay network and virtual overlay on the cloud to interwork with each other, such as L2/L3 interwork. Technically, it can provide L2BR/L3GW nes that the cloud platform can control.

Ii. Technical difficulties and key requirements

The existing solution is to deploy soft nes on X86 or ARM servers to get through L2/L3 traffic within and outside the cloud. This solution is widely used by other vendors and has the advantage of not relying on hardware, but it has problems of low performance and high cost that need to be optimized. Enterprise services vary. Different services have different requirements on the network connectivity provided by the cloud platform. Key services have more requirements on the L2BR/L3GW:

High bandwidth/low cost: for example, in a warehouse backup scenario, data on the cloud is backed up to the NBU Media Server on the cloud, and the backup egress bandwidth is up to 500Gbps. The L2BR/L3GW soft network element (SOFT NETWORK element) constructed by servers requires dozens of nes to form a high-bandwidth cluster. The cost is high and the cluster size has an upper limit. When the cluster reaches the bottleneck, it cannot be expanded to meet the demand for continuous service bandwidth growth. Moreover, as the cluster scale grows, complex management and maintenance problems are introduced.

Figure 1 Application scenario of data warehouse backup service

Low latency/high scalability: For example, the cloud platform provides distributed databases in the same city with high reliability. Database clusters are deployed across AZs, and real-time backup is performed within the cluster. The cluster provides services for cloud clients at the same time. In addition to providing low latency, it also provides the scheduling capability of L2BR/L3GW multiple clusters, as well as the traffic migration scheduling capability of the whole cluster failure. The L2BR/L3GW soft NETWORK element constructed by the server has long end-to-end links and large latency. The latency increases with the load increasing, which cannot meet the low and stable latency requirement.

Figure 2: Database scenario with high reliability and low latency

** Flexible physical networking: ** Interconnection between cloud overlayer and cloud overlayer must go through a gateway node. One side is connected to the overlay network on the cloud and the other side is connected to the underlay network of the data center. Due to different deployment environments of different data centers, gateway networking requirements are different, including stack networking, VRRP networking, double-slot networking and Active-active crossover networking. For an L2BR/L3GW soft NETWORK element built on a server, the network has additional restrictions. The VLAN must be extended to multiple TOR, which is unacceptable for customers with high requirements on physical network configuration.

Figure 3: Typical data center networking types

** Advantages of hardware equipment: * * for the financial industry customers and some of the enterprise, customers in the industry due to the importance of its business, and the use of habits and the reason such as the technology stack, prefer to use mature and stable hardware devices to shoulder the responsibilities of the cloud service, based on the customer already bought equipment assets, using hardware devices do L2BR/L3GW gateway, compared to the server, physical networking not only simpler, It also costs less.

3. Network interworking schemes for government and enterprises

Huawei Cloud Stack has been committed to providing enterprise customers with local optimal cloud infrastructure and cloud services. Based on customers’ demands for L2/L3 interworking between the upper and lower clouds, Huawei Cloud Stack provides L2BR/ L3GW cloud gateway service, which uses hardware switches as the gateway forwarding plane. It perfectly meets the requirements of high performance, low latency, low cost, flexible networking and elastic expansion, and is easy to maintain and stable to forward.

**L2BR is a dedicated Layer 2 connection channel with high speed, low latency, stability, and security. It meets the requirement that the service IP address remain unchanged during the migration of traditional services to the cloud. * * from a logical point of view, inside the cloud L2BR service subnet extends to the outside of the cloud, for those who can’t a full migration to the cloud, at the same time under the cloud cover cloud on the business is very important, this kind of business use of L2BR service, not only can keep subnet, can also keep the IP address, the cloud, and it interact with other client does not need to make any changes, There is no need to adjust the network or security configuration outside the cloud, making it easy to access the cloud.

L3GW is an exclusive three-layer connection channel with high speed, low latency, stability and security. Layer-3 networking provides smaller broadcast domains and higher flexibility than Layer-2 networking. Therefore, layer-3 communication between the cloud and the cloud is a common requirement for services on the cloud.

Figure 4: L2BR/L3GW usage scenario

L2BR/L3GW Cloud service architecture Overview

The L2BR/L3GW service has an independent Console for users to use by themselves. The choreography layer invokes the API provided by the management layer to deliver configurations. The control layer has an independent Device Manager to manage and control the L2BR/L3GW switch. The Scheduler module in device Manager is used for scheduling on different gateway nodes, which can meet the high reliability in fault scenarios. The Manager module is used to interact with the switch. The data layer connects to the in-cloud and out-cloud networks through L2BR/L3GW switches.

Figure 5: L2BR/L3GW overall architecture

L2BR/L3GW Cloud service design key points

1. Flexible physical networking and rich routing protocols

In addition to allocating physical network resources, network administrators can also customize L3GW networks to meet personalized requirements. The L3GW and PE can communicate with each other. You can configure static routes or use BGP to learn and advertise routes dynamically.

2. High bandwidth and low latency

In addition to the high bandwidth and low latency provided by hardware devices, the L2BR/L3GW resources outside the cloud are directly connected to the servers in the cloud without passing through any other centralized gateway in the cloud, ensuring optimal bandwidth and latency. In addition, processor performance is critical. Using huawei’s own equipment as the L2BR/L3GW gateway improves the cost performance by 60 times compared with the bandwidth and the gateway implemented by the same number of servers.

3. Expand the capacity flexibly

As cloud computing becomes more and more popular, the L2BR/L3GW has higher requirements on cloud services. Therefore, the L2BR/L3GW is designed with flexible capacity expansion in mind. In a large-scale scenario, multiple L2BR/L3GW gateways can be added as required. Different L2BR/L3GW gateways provide services for different VPCS. With the elastic expansion ability, can also support data center has multiple network partition of corporate customers, access to different requirements of the network partition physical device isolation and exclusive bandwidth, under this scenario can use different L2BR/L3GW equipment gateway to connect different network partition, a single cloud VPC and access to the network partition. L2BR/L3GW gateway multi-cluster provides up to 72 TB bandwidth capability and can be continuously improved.

L2BR/L3GW Cloud service southward open ecological design considerations

Avoiding vendor lock-in has always been an important issue for enterprise IT to solve. When choosing cloud vendors, enterprise customers hope to flexibly choose devices from different vendors to reduce risks.

We pay attention to open ecological construction, and ecological partners work together to better serve customers. Huawei Cloud Stack will introduce the south-to-south ecosystem framework of cloud network and integrate third-party devices. L2BR/L3GW services no longer rely on Huawei CloudEngine switches, but can use third-party switches to provide customers with the same functions and experience.

The cloud Network Southbound ecosystem framework provides the ability to quickly connect devices from different third-party vendors with standardized interfaces:

  • The framework defines the standard protocols and apis for southbound integration of third-party devices. Hardware device controllers from different vendors connect to the framework in the same way.

  • The framework provides the southbound SDK. Manufacturers develop hardware device controllers based on the southbound SDK, which facilitates vendors’ independent verification and testing and reduces the difficulty of interconnection.

  • The framework provides a common northbound standard API that can be flexibly extended to provide more services based on hardware devices.

L2BR/L3GW Cloud service ease-of-use

The L2BR/L3GW cloud service is used to connect to the traditional physical network. The physical network cannot be managed without the planning and management of network administrators. Therefore, the L2BR/L3GW cloud service is designed with the role division and responsibility division of network administrators and service personnel in mind, and adopts role-based decentralized control. Network administrators plan and allocate IP and VLAN resources for the devices connected at the upper and lower cloud boundaries and authorize service personnel to use them. In this way, network administrators can implement unified network planning to prevent network conflicts, manage the egress traffic of the cloud platform, and plan network bandwidths reasonably. Service personnel can use L2BR/L3GW services with basic network knowledge without having to learn complex network knowledge.

Figure 6: The administrator configures and allocates L2BR network resources on the O&M Console

Figure 7: The administrator configures and allocates L3GW network resources on the O&M Console

Figure 8: Business people using the L2BR service on the operations Console

Figure 9: Business people using the L3GW service on the operations Console

Write at the end

Huawei Stack L2BR/L3GW cloud Stack L2BR/L3GW uses hardware devices as gateways, giving full play to the advantages of hardware devices, and providing customers with high performance, low latency, flexible networking, flexible configuration, and stable and reliable services. L2BR/L3GW has been widely used in many industries such as government affairs, finance and medical insurance due to its powerful function and ease of use. In the future, Huawei Cloud Stack integrates devices from third-party vendors to build an open ecosystem through the southwestward ecosystem framework to meet customers’ personalized requirements, strengthen the L2BR/L3GW, and ensure smooth service access to the cloud.

Click to follow, the first time to learn about Huawei cloud fresh technology ~