Virtualization Technology News and Information
VMblog's Expert Interviews: Midokura CEO Discusses Network Virtualization Technology, Trends and Futures


I've been getting a lot of questions about network virtualization and SDN lately, so to get some clarification and find out more about these technologies, I reached out to one of the experts on the subject: Dan Mihai Dumitriu, CEO and co-founder of Midokura.


VMblog:  I want to jump right in with a common question that I'm being asked.  How is Network virtualization different from SDN? 

Dan Mihai Dumitriu:  Software-defined networking (SDN) is way to manage networks that separates the control plane from the forwarding plane. Network virtualization (NV) is complementary to SDN, but deals with creating a logical software-based views of the hardware and software networking resources like switches and routers.

MidoNet is an example of a network virtualization overlay where there's a system of logical switches and edge routers. MidoNet interacts with the physical layers to forward packets, and provides the intelligent abstraction to make it easier to deploy and manage network services and resources. As a result, NV can align the network for better utilization and support of virtualized environments.

NV can be used to create virtual networks within a virtualized infrastructure. This enables NV to support the complex requirements in multi-tenancy environments. Further, NV can deliver a virtual network within a virtual environment that is truly separate from other network resources. In these instances, NV can separate traffic into a zone or container to ensure traffic does not mix with other resources or the transfer of other data.

Like any new technology, NV is now gaining traction with early adopters and moving towards mainstream. It will continue to follow along the adoption curve of OpenStack and container orchestration.

VMblog:  How has network virtualization changed since its debut a few short years ago?

Dumitriu:  Network virtualization is not a new thing, but what is different today are the applications and the need for an application-centric approach. Instead of focusing on ports and protocols, make sure you can understand and map the security policies to the business application they support. Network admins generally are not aware of the business application workloads their networks are sustaining, but this is definitely an area of note. Overall, it's important to maintain an awareness of your applications and the connectivity they need to remain support. Containerization provides a vehicle to describe the infrastructure needs of the application and network virtualization can play a big part through integrating with container orchestration.

VMblog:  What technology developments have made it so hot?

Dumitriu:  Traditionally, decision warehouse and analytics software were proprietary and expensive to license. Only large enterprises could afford the upfront capital expense in software and hardware and therefore generally data related to revenue generation were analyzed.

However, with the proliferation of open source big data analytics tools like Elasticsearch, Logstash, Kibana (Elk stack), even text-based per host level event logs can be analyzed in real-time.

That is what is happening to network virtualization today. For instance, MidoNet uses Elasticsearch, Logstash  to analyze the current and past flows traversing the virtual network, giving the network admin a stronger set of tooling for troubleshooting their virtual networks.

VMblog:  Explain the relationship between cloud and network virtualization.

Dumitriu:  Cloud resources make it easier for developers to have access to infrastructure. The cloud has increased the amount of experimentation done in parallel (rather than sequentially as in the past), which means higher application deployment frequency as well as shorter lead time. Such improvements directly address the typical bottlenecks experienced in traditional network provisioning and network change requests. Previously, if the launch of an app has a lead time of six weeks but it takes six weeks to make network changes, then the network would totally be in the way of meeting the bottom line - the revenue generation that is contingent upon a timely application delivery.

Frankly, the biggest headache and overall TCO in networking is operations. SDN provides cost savings initially, and has shown its value in providing long term relief from the major headaches in network operators. While initial acquisitions costs are important, more and more organizations are evaluating projects based on long term, TCO.  In a world where value needs to be proven first for every environment, such evaluation can be challenging to vendors unaccustomed to this mode of selling.

VMblog:  What sort of adoption trends have you been seeing among enterprises, service providers and others?

Dumitriu:  To accelerate application delivery, what used to be delivered as monolithic applications are now are divided into microservices - each with its own tech stack and delivery schedules. Microservices are driving containerization, not the other way around. Web services are already adopting containers and I expect the future to hold broad enterprise adoption of containers by their  in-house application developers.

VMblog:  How are open source technologies playing a role?

Dumitriu:  Today, open source is leading the infrastructure space. Here's a diagram that shows how:

Like the OpenStack project, which is composed of open source KVM, Libvirt, RabbitMQ and mySQL, MidoNet is build on foundational open source technology, including: Zookeeper, Cassandra, ElasticSearch and Logstash. The pace of innovation for distributed systems built on open source foundations is becoming more rapid. Products built on open source are able to reach product maturity faster than their proprietary equivalents. This is because using open source the architecture lends itself to more frequent updates, and because offers the flexibility to swap out a component to achieve better performance.

VMblog:  What's next in network virtualization?

Dumitriu:  Traditionally, application deployments included observation points for network security. This introduced network bottlenecks, and the virtualization of workloads using VLANs came at the cost of scalability limitations, vendor lock-in and overall lack of agility.

In conventional networking, network administrators use network taps, which are external monitoring devices that mirror the traffic passing between two network nodes. Placing a TAP (test access point) at a specific point in the network in order to monitor data requires heavy planning, and moving the TAPs and adding more TAPs is yet another administrative burden.

In the OpenStack environment, technologies like Open vSwitch and MidoNet provide software-based or virtual TAPs (instead of using hardware devices) so that tenants can monitor ports on virtual machines and/or containers in Neutron-provisioned networks.

Specifically in Midokura Enterprise MidoNet (MEM) 5.0, using MEM Insights, users can mirror any device including ports, bridges and routers and output onto a deep-packet inspection firewall or intrusion detection system (IDS). They can proactively monitor virtual networks and detect anomalies before any harm can be done for security and compliance use cases.

VMblog:  And what's next for Midokura?

Dumitriu:  Awareness of MidoNet has expanded to more than 122 countries across the globe. Our initial use cases provided an SDN plug-in for OpenStack networking. As Docker gains broad enterprise adoption, operations team are looking to OpenStack to consolidate infrastructure (compute, networking and storage) management. Project Kuryr was born to address the use case for bridging container networking with OpenStack networking, seamlessly mapping Docker APIs with Neutron APIs as containers are instantiated.


Once again, a special thank you to Dan Mihai Dumitriu, CEO and co-founder of Midokura, for taking time out to speak with VMblog and answer a few questions about the company and the network virtualization market.

Published Wednesday, February 24, 2016 6:45 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<February 2016>