Microsoft is making strides in equipping its flagship Windows server product with features that support the ever-changing networking requirements of enterprise data centers. A key technology in the mix is software-defined networking (SDN).
We’ll take a look at the features in Windows Server 2016 that enable SDN to support enterprise needs, helping provide flexible, cost-effective, and efficient networking. Server 2016 can and will take your networking game to the next level.
Before we start, some background
Software-defined networking in concept is a close cousin to virtualization! It allows the network as seen by the application or user to be isolated (or abstracted) from the underlying physical network. SDN inserts a ‘control layer’ between the ‘application layer’ and the actual network ‘infrastructure layer’ — the switches, routers, and the connections between them.
The key element that makes software-defined networking work is the control layer, which is commonly called the SDN network controller. It manages how packets flow across the underlying network of switches and routers, typically using a protocol such as the Open Networking Foundation’s OpenFlow.
Of course, in real-world enterprises, we’re going to need robust, scalable networking to handle things like traffic peaks, multi-locations, and hybrid cloud environments. For this reason, you need the SDN network controller to be distributed and able to support multiple network domains, with all that’s required for those domains to interact.
SDN Components in Windows Server 2016
The cornerstone of a Microsoft SDN network is Windows Server 2016 Data center edition. This is the server version that will actually host your SDN Network Controller(s) and handle activities such as load balancing and inter-domain gateways. For regular workloads that are users of the SDN, only the Standard edition of Server 2016 is required.
The key features of Server 2016 that enable SDN are:
- Network Controller,
- Software Load Balancing (SLB),
- RAS Gateway,
- Hyper-V Network Virtualization,
- Data center Firewall, and
Server 2016’s network controller is the nerve center of a Microsoft SDN network. It runs in a Hyper-V virtual machine and is the central control point to manage, configure and monitor your data center SDN network. As we mentioned before, the network controller must be able to operate in a robust, distributed manner in order to support the scalability demands of the enterprise. When you have a multi-domain SDN network, the network controllers in each domain talk to each other to take care of inter-domain authentication.
Server 2016 provides an API that allows you to use management apps, such as System Center Virtual Machine Manager, to communicate with the network controller. You can also communicate with the Controller using the command line interface (CLI) and PowerShell scripts. Server 2016 also provides an API through which the Network Controller interacts with the physical network.
Software Load Balancing (SLB)
For high traffic and/or high availability applications, you need the ability to direct traffic to multiple instances of the same application or database resource. Whether these resources are in the same or different network domains, you need to distribute the workload evenly among the various resources. Server 2016’s Software Load Balancing (SLB) feature allows you to do that.
Of course, the resources will themselves be running in virtual machines, so SLB must work with Hyper-V’s virtual switch mechanism to ensure that data packets are moved seamlessly between virtual machines.
When your SDN network has multiple domains, they’ll each be connected via a RAS (Remote Access Service) Gateway. Using this feature of Server 2016, the SDN network controllers are able to route traffic to the required data center resources, regardless of where the resource is located — whether in the same location, in another building across the country, or in a virtual data center in the cloud!
In an SDN environment, the gateways communicate with each other — site-to-site, over the physical network — using the Border Gateway Protocol (BGP). The RAS Gateways can also support connectivity to non-SDN environments and external networks through its Forwarding and GRE Tunnel gateway operations.
Hyper-V Network Virtualization
Prior to Microsoft’s support of SDN environments, Hyper-V Network Virtualization (HNV) was designed to provide a virtual network — also called a VM Network — through which virtual machines could communicate with each other. The concept, if not the implementation, has a lot of similarities to software-defined networking. Now with Server 2016, Microsoft has moved to ensure compatibility and interoperability with SDN through a number of HNV enhancements:
- Microsoft Software Load Balancer: We’ve already mentioned this one. With Server 2016, HNV’s virtual switch mechanism is now fully integrated with the Microsoft Software Load Balancer.
- Programmable Hyper-V switch: Network Controllers can now push virtual machine policies through the SDN network via a new Hyper-V programmable switch. This technology is also used with Microsoft’s Azure cloud, ensuring that your SDN network can readily span both cloud and physical data centers.
In addition to the HNV enhancements, Server 2016 has also advanced on “network function virtualization” — implementing previous hardware-centric functions as software appliances. Windows Server 2016 provides the following functions as Hyper-V virtual appliances:
- Software Load Balancing (SLB) for SDN,
- RAS Gateway,
- Routing control plane with BGP (HNV routing control), and our next topic
- Distributed multi-tenant firewall.
Data Center Firewall
Running as a virtual appliance at each instance of the Network Controller, the Data Center Firewall allows the security policies of the various resources and networks with the SDN to be managed at an individual level. The firewall gives providers a single scalable, manageable firewall solution they can deploy for use by all their customers. It also allows them to move virtual machines between compute hosts, without fear of disrupting the application’s firewall policies.
Finally, our trusty friend PowerShell has not been left behind in the world of SDN. You can deploy your SDN infrastructure using PowerShell scripts — initializing your network controller VMs with the New-NetworkControllerServer cmdlet — to enable the SDN Software Load Balancer. You can also use PowerShell scripts to do many other things, including deploying user workloads in order to test and validate your SDN setup, or enabling Site-to-Site Gateways, etc.
The promise of SDN — similar to that of server virtualization — is that enterprises have much greater flexibility in setting up, changing, managing, and securing their networks in the data center or the cloud, without having to worry (too much) about what the physical network looks like and which products it uses! Microsoft has a neat table describing their view of what Microsoft SDN can provide for your business.
There’s no question that software-defined networking, in general, is on the rise! Whether it’s from Cisco, or VMware, or Microsoft, SDN technologies are the glue that ties together data centers in both the real world and the cloud! If you’re a networking or DevOps professional, then SDN is something you need in your skill set.
If you’re on a Microsoft certification track, you should check out Keith Barker’s CBT Nuggets video training course: Networking with Windows Server 2016 (Exam 70-741), which is currently in development. This course will prepare you for the networking certification exam to become an MCSA: Windows Server 2016 Microsoft Certified Solutions Associate.
If you’re not yet ready for a formal course, but would like to beef up your SDN knowledge, take a look at Introduction to SDN (Software-Defined Networking). This short video is not (gasps of disbelief) by one of our CBT Nuggets experts. But it’s by someone who should know — David Mahler is a Network Automation and DevOps Technical Leader at IBM Blue Box! This video will give you an easy-to-understand description of how software-defined networks operate.
If you’re a Cisco-head, then check out our own Anthony Sequeira’s CBT Nugget SDN Fundamentals for a light-hearted, yet informative under-the-hood view. It’s a slice of his Cisco Cloud Fundamentals course that leads to Cisco CCNA Cloud certification.
Best of luck with your immersion in SDN! Remember to check back frequently with CBT Nuggets for courses to help you get up-to-speed quickly on new Windows Server 2016 and SDN capabilities.
Not a CBT Nuggets subscriber? Start your free week now.
CBT Nuggets has everything you need to learn new IT skills and advance your career — unlimited video training and practice exams, virtual labs, validated learning with in-video quizzes, Accountability Coaching, and access to our exclusive community of professionals.
Learn more about the CBT Nuggets Learning Experience.