Module 8

Implementing Software Defined

Networking
Module Overview

Overview of Software Defined Networking

Implementing network virtualization
• Implementing Network Controller
Lesson 1: Overview of Software Defined Networking

What is Software Defined Networking?

Benefits of SDN
Planning for Software Defined Networking
• Deploying Software Defined Networking by using
scripts
What is Software Defined Networking?

• Software Defined Networking enables you to:

• Virtualize the network layer in a datacenter
• Define polices for the physical and virtual networks
• Manage the virtualized network infrastructure

• The Microsoft Software Defined Networking solution

includes:
• Network Controller
• Hyper-V Network Virtualization
• Hyper-V Virtual Switch
• RRAS Multitenant Gateway
• NIC Teaming
• System Center Operations Manager
• System Center Virtual Machine Manager
• Windows Server Gateway
Benefits of SDN

• Challenges faced by many IT departments today

include:
• Resources are finite
• Resources are inflexible
• Mistakes are expensive
• Networks are not always secure

• SDN overcomes these challenges and enables

you to be:
• Flexible
• Efficient
• Scalable
Planning for Software Defined Networking

You must plan the following aspects of your

Software Defined Networking configuration:
• Management and HNV Provider logical networks
• Logical networks for gateways and the software load
balancer
• Logical networks required for RDMA-based storage
• Routing infrastructure
• Default gateways
• Network hardware
Planning for Software Defined Networking
Deploying Software Defined Networking by
using scripts

Use the following high-level procedure to deploy

Software Defined Networking:
1. Install host networking and validate the
configuration
2. Run SDN Express scripts and validate setup
3. Deploy a sample tenant workload and validate
deployment
Lesson 2: Implementing network virtualization

What is network virtualization?

Benefits of network virtualization
What is Generic Route Encapsulation?
• What are network virtualization policies?
 What is network virtualization?

Test virtual Production

machine virtual machine Test network Production network

Physical Physical
server network

Server virtualization: Network virtualization:

• Multiple virtual machines on • Multiple virtual networks on
the same physical server the same physical network
• Each virtual machine is • Each virtual network is
isolated from others isolated from others
Benefits of network virtualization

• Flexible virtual machine placement

• Multitenant network isolation without VLANs
• IP address reuse
• Live migration across subnets
• Compatibility with existing network infrastructure
• Transparent moving of virtual machines to a
shared IaaS cloud
• Support for resource metering
• Configuration by using Windows PowerShell or
by using System Center Virtual Machine Manager
 What is network virtualization generic routing
encapsulation?
192.168.2.22 GRE 10.1.1.11
MAC
192.168.5.55 Key=5001 10.1.1.12
192.168.2.22 GRE 10.1.1.11
MAC
192.168.5.55 Key=6001 10.1.1.12
192.168.2.22 (PA) 192.168.5.55 (PA)
192.168.5.55

10.1.1.11 (CA) 10.1.1.11 (CA) 10.1.1.12 (CA) 10.1.1.12 (CA)

10.1.1.11 10.1.1.11 10.1.1.12 10.1.1.12

10.1.1.11 10.1.1.11 10.1.1.11 10.1.1.11
10.1.1.12 10.1.1.12 10.1.1.12 10.1.1.12

• Customer address space based on virtual machine configuration

• Provider address space based on physical network and is n ot
visible to the virtual machines
What are network virtualization policies?

Define CA-PA mappings:

• Specify the Hyper-V server on which the virtual machines are running
• Hyper-V implements policies by translating incoming and outgoing
packets
• If a virtual machine is moved, policies are modified, but the virtual
machine configuration stays the same

Policy settings PA space

Blue Yonder Airlines

SQL 10.1.1.1
CA PA VSID Datacenter
WEB 10.1.1.2 network
10.1.1.1 192.168.1.10 5001
10.1.1.2 198.168.1.12 192.168.1.10 192.168.1.12
Hyper-V Host 1 Hyper-V Host 2

Woodgrove Bank
SQL 10.1.1.1 SQL SQL WEB WEB
CA PA VSID
WEB 10.1.1.2
10.1.1.1 192.168.1.10 6001
10.1.1.1 10.1.1.1 10.1.1.2 10.1.1.2
10.1.1.2 192.168.1.12
CA spaces
Lesson 3: Implementing Network Controller

What is Network Controller?

Requirements for deploying Network Controller
Demonstration: Preparing to deploy Network
Controller
The procedure for deploying Network Controller
Datacenter Firewall
Software Load Balancing
RAS Gateway
• Demonstration: Deploying Network Controller
What is Network Controller?
Requirements for deploying Network Controller

• You can deploy Network Controller only to the

Windows Server 2016 Datacenter edition
• The management client must be running Windows
10, Windows 8.1, or Windows 8
• You must configure dynamic DNS registration for
Network Controller
• If virtual machines running Network Controller are
joined to a domain, you must create appropriate AD
DS security groups
• If virtual machines running Network Controller are
not joined to a domain, you must configure
certificate-based authentication
Demonstration: Preparing to deploy Network
Controller

In this demonstration, you will see how to:

• Create AD DS security groups
• Request a certificate
The procedure for deploying Network Controller

1. Install the Network Controller server role

2. Configure the Network Controller cluster

3. Configure the Network Controller application

4. Validate the Network Controller deployment

Datacenter Firewall
Software Load Balancing

Windows Server SLB provides the following

features:
• Layer 4 load balancing for both “North-South” and
“East-West” TCP/UDP traffic
• Public and internal network traffic load balancing
• Support for dynamic IP addresses on VLANs and on
Hyper-V virtual networks
• Support for health probe
Software Load Balancing
Software Load Balancing

Network Controller performs the following

functions in SLB:
• Processes SLB commands that arrive via the
Northbound API from a network management
application
• Calculates policy for distribution to Hyper-V hosts and
SLB MUXs
• Provides the health status of the SLB infrastructure
• Provides each MUX with each VIP
• Configures and controls the behavior of the VIP to
dynamic IP mapping in the MUX
RAS Gateway

RAS Gateway provides the following features:

• Site-to-site VPN
• Point-to-site VPN
• GRE tunneling
• Dynamic routing with BGP

Use RAS Gateway in the following scenarios:

• Multitenant-aware VPN gateway
• Multitenant-aware NAT gateway
• Forwarding gateway for internal physical network
access
RAS Gateway

Network Controller enables you to automatically

deploy virtual machines running RAS Gateway to
support the following features:
• Addition and removal of gateway VMs
• Site-to-site VPN gateway connectivity by using IPsec
• Site-to-site VPN gateway connectivity by using GRE
• Point-to-site VPN gateway connectivity
• Layer 3 forwarding capability
• BGP routing
Demonstration: Deploying Network Controller

In this demonstration, you will see how to:

• Add the Network Controller role
• Configure the Network Controller cluster
• Configure the Network Controller application
• Validate the deployment
Lab: Deploying Network Controller

Exercise 1: Preparing to deploy Network Controller

• Exercise 2: Deploying Network Controller

Logon Information
Virtual machines: 20743A-LON-DC1
20743A-LON-SVR2
User name: Adatum\Administrator
Password: Pa$$w0rd

Estimated Time: 30 minutes

Lab Scenario

A Datum Corporation intends to deploy and use

Network Controller to manage network services
and devices. You should set up a trial of the
technology in a test lab.
Lab Review

In the lab, you used Windows PowerShell to

manage Network Controller. What other tools
could you use?
• In the lab, you deployed Network Controller in a
domain environment. In a non-domain
environment, what steps must you take to provide
for authentication?
Module Review and Takeaways

• Review Questions