《SD-WAN 培训材料.ppt》由会员分享,可在线阅读,更多相关《SD-WAN 培训材料.ppt(75页珍藏版)》请在taowenge.com淘文阁网|工程机械CAD图纸|机械工程制图|CAD装配图下载|SolidWorks_CaTia_CAD_UG_PROE_设计图分享下载上搜索。
1、主标题:字体:微软雅黑(加粗)字号:40-54 pt颜色:白色副标题:字体:微软雅黑(加粗)字号:24-36 pt颜色:标题绿中兴蓝R0-G142-B211标题绿R182-G229-B31中兴灰R87-G87-B87黄孝国SD-WAN 2中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.Allrightsreserved专业词汇 Underlay Network The physical tra
2、nsport network Overlay Network Virtual Network abstracted from the transport network(underlay network)Overlay networks are tunneled over Underlay networks Using an encapsulation protocol,e.g.,VxLAN,NVGRE,IPSec tunnel,etc.Overlay/Underlay terminology used in DC Networking Terminology usage more recen
3、t with WAN(SD-WAN)Title:Type:ArialSize:24ptColor:TheZTEblueSubtitle:Type:ArialSize:16-20ptColor:TheZTEgreenG143,B212R140,G198,B62R90,G203,B245为什么SD-WANSD-WAN 技术方案案例目录1Title:Type:ArialSize:24ptColor:TheZTEblueSubtitle:Type:ArialSize:16-20ptColor:TheZTEgreenG143,B212R140,G198,B62R90,G203,B245为什么SD-WAN
4、SD-WAN 技术方案案例目录1企企业网网络及及IT应用面用面临的的问题什么是什么是SD-WAN企企业部署部署SD-WAN的的驱动力力是是啥5中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.Allrightsreserved过去的血泪史BranchHQVSAT:时延600msBranchHQInternet专线专线:时延200msInternetIPSec VPN TunnelBranchHQ
5、专线专线:时延200ms运运营商网商网络Dedicated Circuit+GRE 封装模式模式1模式模式2模式模式3有问题有变化有需求案例6中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.Allrightsreserved企业IT成本支出情况有问题有变化有需求案例7中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:
6、36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.Allrightsreserved分支机构网络维护复杂有问题有变化有需求案例目前部分厂商已经提供了uCPE解决方案,在通用硬件上运行虚拟机或者容器,不同虚拟化单元上运行不同的网络服务,比如Firewall,UTM,NAT等构成Service Chain,极大的便利了服务的快速部署,提高了可维护性给租户提供更多的选择空间,租户希望在保证基本的网络连接的基础上能够有更多控制盒选择权。E2E的操作和监控ZTEAllrightsreserved8InternaluseonlySD
7、-WAN -广域网组网日益复杂p复杂并缺乏灵活性:网络配置和策略pMPLS成本高p网络性能不稳定p漫长的交付周期pWAN的优化成本高p广域网线路的可用性难题p安全Mobility,cloud 和IoT services 都要向分支机构开放,增加了安全隐患pDowntime:关键应用需要实时在线p敏捷性:传统WAN无法快速适应新需求有问题有变化有需求案例9中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporat
8、ion.AllrightsreservedInternet 线路状况日益变好,价格降低Source:William Norton(DrP);Stanford ping end-to-end reporting(PingER)有问题有变化有需求案例10中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.Allrightsreserved谁在驱动WAN改变?有问题有变化有需求案例ZTEAllright
9、sreserved11InternaluseonlySD-WAN的需求 -企业应用逐步上云有问题有变化有需求案例12中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.Allrightsreserved公司广域网例子 架构简单,网络清晰PrivateWANDataCenterRemoteandBranchOfficeRemoteandBranchOfficeRegionalHubandCampus
10、DisasterRecoverySiteITOpsApp.teams2014Internet过去,网络仅仅是网络,只关注连通过去,网络仅仅是网络,只关注连通有问题有变化有需求案例13中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.Allrightsreserved公司广域网例子架构复杂,网络复杂PrivateWANDataCenterRemoteandBranchOfficeRemoteand
11、BranchOfficeRegionalHubandCampusDisasterRecoverySite2016+MobilePublicInternetCarrierNeutralFacilitiesGlobalOpsIaaSSaaS现在,网络不久是连通,现在,网络不久是连通,更关注面向应用更关注面向应用有问题有变化有需求案例ZTEAllrightsreserved14Internaluseonly总结:什么因素决定着企业需要采用SD-WANGlobalData Technology research has identified some key determinants that ear
12、ly adopters of SD-WANs have used to justify or not justify the use of SD-WAN within their network:QuestionQuestionRemarkRemarkAre your IaaS/SaaS/PaaS solutions IaaS/SaaS/PaaS solutions performing according to spec?If so,then theres not necessarily a need to deploy new networking technology such as a
13、 software-defined WAN.If not,then a new solution might give better cloud app performance and flexibilitycloud app performance and flexibilityDo considerable changes in the network changes in the network need to be made on a continuous or ongoing basis?These changes may include technical changes as w
14、ell as commercial ones.This point also relates to the overall evolution of IT towards pay-as-you-go.If the pay-as-you-go model pay-as-you-go model is attractive in the organization,then SD-WAN solutions will help to achieve this compared to more static and traditional IP/MPLS VPNs.Do we have mission
15、-critical applications mission-critical applications that are bandwidth-hungry or particularly jittersensitive and which need to be secure and free of congestion or quality of service issues?Organizations that have adopted SD-WAN have reported an enhanced ability to segment off portions of the netwo
16、rk to address quality of service quality of service issues resulting from congestion on peaky traffic from apps using voice or video.Do we have a large number of remote sites with a large number of remote sites with multiple WAN linksmultiple WAN links,or are we planning to?For larger networks with
17、multiple sites and WAN links,For larger networks with multiple sites and WAN links,SD-WAN functional and economic advantages can be compelling.However,with a smaller number of sites or if a majority of sites are singly connected,the advantages are harder to identify.ZTEAllrightsreserved15Internaluse
18、onlySD-WAN与MPLS WAN的区别点AttributesAttributesSD-WANSD-WANLegacy WANLegacy WANProvisioningZero-touch provisioningManual provisioningOn-demand app supportTry before you buy&pay-as-you-go ITInflexible platform for trying out new configuration and services for a short periodConfiguration changesAutomated
19、featuresManual proceduresOrchestrationCentral orchestrationMany disparate parts to the network including hardware CPE,provider edge,core Support for Cloud application architectureCloud readyNot necessarily architected from the outset for cloud and virtualizationSecurity capabilitiesSecurity mechanis
20、ms can be deployedquicklyMPLS is perceived as highly secureScaling propertiesScale solution components horizontallyMore static traditional fixed components(for example non-hosted in the cloud)Change processesSecurity and Compliance changesMPLS is highly secure and compliant,however making policy cha
21、nges and expanding or shrinking requires more manual processesZTEAllrightsreserved16InternaluseonlySD-WAN与MPLS WAN的区别点AttributesAttributesSD-WANSD-WANLegacy WANLegacy WANAvailability and RedundancyAvailability and redundancy for cloud apps,including over public Internet and private cloudsMPLS has go
22、od characteristics for availability and redundancy(providing of course back-up circuits are present)for site,edge,and core transport,but may not meet demands for heavy cloud-based traffic routing and app control between clouds and over the InternetSecurity featuresSD-WAN solutions support securityse
23、gmentation in cloud and virtualized ITSecurity features are static,spin-up of virtual VNFs such as firewall possible but integration is requiredPath control and selectionFlexible path control/selection inherent in SD-WAN in most casesPath control and selection is possible but demands integration and
24、 overlays,and more manual processes that are more prone to problems arising from human errorWAN provider choiceWAN provider independentTied to specific WAN providersPolicy-based managementSimplified policy based operations for multiple functions like application performance,security,and connectivity
25、Enterprise has to manage multiple devices and servicesManagement optionsSelf-managed or Provider managedProvider managedTitle:Type:ArialSize:24ptColor:TheZTEblueSubtitle:Type:ArialSize:16-20ptColor:TheZTEgreenG143,B212R140,G198,B62R90,G203,B245为什么SD-WANSD-WAN 技术方案案例目录1企企业网网络及及IT应用面用面临的的问题什么是什么是SD-WA
26、N企企业部署部署SD-WAN的的驱动力力是是啥18中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.AllrightsreservedSoftware-Defined WAN“By the end of 2019,30%of enterprises will use SD-WANproducts in all their branches,up from less than 1%today.”1
27、 Gartner,Jul 2015“Technology Overview for SD-WAN”“SD-WAN is a new and transformational way to architect,deploy and operate corporate WANs,as it provides a dramatically simplified way of deploying and managing remote branch office connectivity in a cost-effective manner.”1SimplicityReliabilityAgility
28、CostBusinessPerformanceIsnt SD-WAN really SDN?SDN is an architecture,whereas SD-WAN is a technology that can be purchased.SD-WAN is built on the foundational concepts of SDN.By year-end 2018,10%of enterprises will have replaced their WAN routing with SD-WAN-based path forwarding,up.19中兴蓝R0-G142-B211
29、中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.AllrightsreservedSDN&OpenFlowGlobal Network ViewProtocolsProtocolsControl via forwarding interfaceNetwork Operating SystemControl ProgramsData Path(Hardware)Data Path(Hardware)Control PathC
30、ontrol PathOpenFlowOpenFlowOpenFlow ControllerOpenFlow ControllerOpenFlow Protocol(SSL/TCP)20中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.AllrightsreservedSD WAN的定义SD-WAN,即软件定义广域网络,是将,即软件定义广域网络,是将SDN技术应用到广域网场景中所形成的一种服务,
31、这种服务用于技术应用到广域网场景中所形成的一种服务,这种服务用于连接广阔地理范围的企业网络、数据中心、互联网应用及云服务连接广阔地理范围的企业网络、数据中心、互联网应用及云服务SD-WAN改变了传统的基于改变了传统的基于IT方法的组网模式,采用了集中控制,解耦的服务方法的组网模式,采用了集中控制,解耦的服务/传输架构传输架构利用多条链路根据现网情况及配置策略自动选择路由,自动选择最佳路径,实现负载均衡,保证了网络质量21中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):
32、字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.AllrightsreservedSD-WAN的通用技术架构图22中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.AllrightsreservedSD-WAN的通用技术架构图(某IT公司)23中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号
33、:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.AllrightsreservedOverlay SD-WAN 例子124中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.AllrightsreservedOverlay SD-WAN 例子225中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87
34、-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.AllrightsreservedWANSD-WAN的演进26中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.AllrightsreservedWANSD-WAN的演进27中兴蓝R0-G142-B211中兴绿R140-
35、G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.AllrightsreservedWANSD-WAN的演进28中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.Allrightsreserved传统L2/L3 VPN Vs.SD-WANTr
36、aditional Traditional L2/L3 VPN ModelL2/L3 VPN ModelSD-WAN modelSD-WAN modelOverlay Driven(MPLS)Overlay Driven(VxLAN,GRE,IPSec,.)Services limited to network reachDecoupled Service/transport modelDistributed topology and controlServices availbale where IP transport is availableHigh performanceCentral
37、ized control with distributed topologyLimited ability to introduce new functions(Service chaining)Native capability for service chainingTraditional Routing protocols for traffic management and distributionprotocols designed for flow based traffic management allowing for multiple active links/underla
38、ys to transport serviceVertically integrated CPE model(but evolving)Deployable on X86/virtualization29中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.Allrightsreserved三种不同场景的SD-WAN部署案例SD-WAN接入基于接入基于Internet Edge解决方案解决方案30中
39、兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.Allrightsreserved三种不同场景的SD-WAN部署案例SD-WAN骨干网骨干网-基于基于SRTE流量调度的流量调度的Core解决方案解决方案31中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字
40、号:20-28 pt颜色:黑色ZTECorporation.Allrightsreserved三种不同场景的SD-WAN部署案例基于多厂商基于多厂商WAN的的SD-WAN协同控制器或业务协同编排器协同控制器或业务协同编排器Title:Type:ArialSize:24ptColor:TheZTEblueSubtitle:Type:ArialSize:16-20ptColor:TheZTEgreenG143,B212R140,G198,B62R90,G203,B245为什么SD-WANSD-WAN 技术方案案例目录1企企业网网络及及IT应用面用面临的的问题什么是什么是SD-WAN企企业部署部署S
41、D-WAN的的驱动力力是是啥ZTEAllrightsreserved33Internaluseonly企业部署SD-WAN的因素Bandwidth Optimization36%Consistent application Security31%Integration with existing WANs28%improved automation and self-provisioning28%Other factors:Rapid Deployment Efficient Operation Reduce IT Complexity Source:IDC 统计34中兴蓝R0-G142-B2
42、11中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.AllrightsreservedThree Key Value Props driving SD-WAN35中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.Allrig
43、htsreserved4个最具代表性的SD-WAN功能1.1.Application-Aware-Routing Application-Aware-Routing 基于应用的路由选择基于应用的路由选择基于应用的路由选择基于应用的路由选择中心化中心化中心化中心化PolicyPolicy的制定和下发的制定和下发的制定和下发的制定和下发实时链路状态检测实时链路状态检测实时链路状态检测实时链路状态检测应用类型识别应用类型识别应用类型识别应用类型识别多路径选择多路径选择多路径选择多路径选择2.Security2.Security,MonitoringMonitoring,and Analytics a
44、nd Analytics 安全监控和数据分析安全监控和数据分析安全监控和数据分析安全监控和数据分析3.Zero-Touch Provisioning 3.Zero-Touch Provisioning 全自动服务开通全自动服务开通全自动服务开通全自动服务开通4.All-in-One uCPE Package4.All-in-One uCPE Package通用白盒通用白盒通用白盒通用白盒CPECPE,VNFVNF百宝箱百宝箱百宝箱百宝箱 网络智能化数据分级应用承受度Title:Type:ArialSize:24ptColor:TheZTEblueSubtitle:Type:ArialSize:
45、16-20ptColor:TheZTEgreenG143,B212R140,G198,B62R90,G203,B245为什么SD-WANSD-WAN 技术方案案例目录2Title:Type:ArialSize:24ptColor:TheZTEblueSubtitle:Type:ArialSize:16-20ptColor:TheZTEgreenG143,B212R140,G198,B62R90,G203,B245为什么SD-WANSD-WAN 技术方案案例目录2企企业应用用场景景企企业应用价用价值相关的相关的应用用38中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-
46、G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.AllrightsreservedSD-WAN 如何工作1.WAN Transport Virtualization2.Centralized Management3.App-centric&Policy-based OrchestrationManagement PortalSingle-pane of glass for configuration network management:cloud-hosted an
47、d on-premisesZero-touch provisioningPortal where user defines global policiesAggregated visibility on application performanceSD-WAN ControllerEstablishes and manages Secure Virtual Overlay to sites.Interprets the Global Policy according to the knowledge collected from the networkDefines service chai
48、ns to enable policy goalsManages distribution of interpreted Policy to individual elementsVirtual WAN FabricSecure Overlay FabricTransport IndependenceNetwork SegmentationSD-WAN GatewayLocal Policy EnforcementWAN Path Selection,Network QoS,Firewall,Service ChainingTelemetry feedback loop to/from SD-
49、WAN ControllerRemote&Branch OfficesCampus SitesData CentersSaaSRegional HubsIaaSManagementPortalMPLSInternet4G/LTESatelliteVirtual WAN FabricSD-WANGatewaysSD-WANController问题:问题:SD-WAN Gateway这个网元的作用是啥?这个网元的作用是啥?需要部署在何地?需要部署在何地?39中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 p
50、t颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.AllrightsreservedF7 SD-WAN解决方案架构图ZTEhuaweiNokiaCisco40中兴蓝R0-G142-B211中兴绿R140-G198-B62中兴灰R87-G87-B87正文标题:字体:微软雅黑(加粗)字号:36-44 pt颜色:中兴蓝正文(1-5 级):字体:微软雅黑字号:20-28 pt颜色:黑色ZTECorporation.AllrightsreservedSD-WAN解决方案架构图上层应用层提供Open API机制,可以与运营商OSS/BSS、第三方