Gandi Meets Private Cloud Networking Challenge, Plans Open-Source Release

Add Your Comments

Web hosting provider Gandi announced this week that it has released a new feature of its cloud VPS hosting services, providing customers the ability to create private VLANs based on technology developed by the company – technology Gandi says solves one of the major barriers service providers face in scaling out cloud, and which Gandi intends to release as an open-source project in the coming months.

As cloud environments scale out, says Thomas Stocking, chief operating officer for Gandi US, in an interview with the WHIR, they encounter a networking crunch that makes it difficult to offer private addressing at scale. The VLAN protocol, the technology typically used to enable private networking in most networks, caps a network’s available VLANs at 4,096 (and that’s only on the most robust networking hardware. Practically speaking, it’s probably in the hundreds), a hard cap that makes it difficult to deploy private networking in a virtualized service provider cloud environment, which can easily VLAN exhaustion at scale.

Making matters worse (or, at least, making the issue more pressing) for cloud service providers is the fact that Amazon made private networking available to customers of EC2 earlier this year. Amazon uses distributed firewalls to do so, says Stocking, a solution that isn’t necessarily viable for the average cloud hosting provider because it requires a complex back-end management system that is itself a major development project (of the sort Amazon has the resources to complete, and the average cloud hosting provider does not).

For service providers, the options were limited. VMware-based cloud providers have the option of using the VXLAN tool, which works specifically on VMware systems. Otherwise, they could use a software-defined networking option, says Stocking, which can be very expensive.

Stocking says the solution Gandi is implementing is an example of “Transparent Interconnection with Lots of Links,” or TRILL, a technology at the RFC stage within the Internet Engineering Task Force – frequently discussed by not yet implemented by anybody. It goes beyond the Spanning Tree approach to routing network traffic to enable more redundant traffic paths. He says Gandi’s technology addresses the VLAN exhaustion problem, enabling the company to provide private network addressing to customers of its cloud VPS hosting services.

“We do this by tagging,” he says, “so we have a virtual network identifier that tags on to the VLAN, and it effectively squares the number of VLANs that you can put on any flat switched network [meaning more than 16 million]. The really cool thing about this – on top of the fact that it addresses VLAN exhaustion – is that you don’t have to replace your existing infrastructure to do it. You really just need to add in a bit of software – essentially software routers – and you don’t have to worry about VLAN exhaustion.”

The open-sourcing of the technology, while still down the road a little bit, is a natural part of the whole development process, says Stocking. The technology was developed in Paris (where Gandi is based), in part using a grant from the University of Paris. Development began because Gandi ran into the network bottlenecks in running a production cloud environment.

“We’ve been looking at this problem quite extensively, and using our experiences at Gandi, operating a cloud for several years now, and figuring out what the problems are, and where the bottlenecks really are,” he says. “We were able to take that experience and leverage it in the research, so it’s not purely an academic exercise. It’s not just theoretical code. It’s actual working code that is robust and has the benefit of being proven in a pretty tough real-world environment.”

Stocking has a background in open-source technology, and Gandi itself is a strong proponent. Stocking spoke to the WHIR last year at length for a feature about the influence of open-source projects on the hosting space.

Gandi has released a technical paper on its implementation of TRILL, and is inviting users to beta test the private VLAN function. Links to both are included in a blog post by Stocking on the Gandi website: “Is 16 Million VLANs enough for you?

The open-source prospects of the technology are interesting, as the people working on the big open-source cloud platforms are encountering some of the same network bottlenecks today. The potential for whatever code Gandi releases being incorporated into OpenStack or CloudStack is there.

“People who work on CloudStack are up against this now,” says Stocking. “And they’re working with people who are implementing private cloud and want to do this. This would alleviate the problem whether you’re using cheap hardware or expensive hardware. So, if your infrastructure only supports 256 vLANs and you want more, this is a good solution for you.”

Talk back: Are you offering a cloud hosting platform? Have you encountered these kinds of network bottlenecks, or barriers to offering private networking features? Have you heard a demand for private addressing from your cloud customers? Are you interested in the technology Gandi is implementing, as a result? Let us know in the comments.

Add Your Comments

  • (will not be published)