Tuesday, February 16, 2016

Data Center Network Types

Data Center Network Types
DC Network Types Architectural

Extending on the idea presented by Greg (whom I'm a huge fan of), http://etherealmind.com/the-data-centre-network-of-networks/

The networks in a Data Center can become quite complex.  Quite a bit of this is due to security and zone considerations.

Take, for instance, the difference between a DMZ host and a true Bastion host.  One is protected (hopefully) by at minimum a firewall with some level of application awareness.  Bastion host, probably not.

This differentiation in the Data Center network has lead to regions of Data Center networking, segregating the network by macrosocopic concepts of security and utility.

Then add the concept of logic segregation on the physical infrastructure and the network gets really interesting.

These walls need to come down in favor of more microscopic, or application aligned, security capabilities.

In most cases, there is no reason that a management network and a monitoring network couldn't occupy the same logical space.  Multi-tenancy restrictions possibly being one of the restricted use cases.

There's a similar argument for production and test platform environments.  It does require that the use of these environments be prescriptive, but they are largely doing the same thing and with the possibility of placing them in a different logical plane (a VxLAN arrangement, for example) the need to purchase and build parallel hardware infrastructures may not be needed.

If that doesn't suit, just look at the way AWS is assembled.  Is there a production or test environment?

In the long run, look at the evolution of horizontal design.  Discreet building blocks are much easier to upgrade than vertical integrations.

Design it so nobody has to eat the entire apple in a single bite.