Exploring Networking In The Cloud
1
Networking in The Cloud 13
Networking in The Cloud
xxxxxxx
xxxxxxxxxxxxxx
CCA 625
xxxxxxxxxx
May 3, 2021
Introduction
With the flexibility and ease of use and the maintenance cost of cloud computing today, several businesses, enterprises, and even individuals today are shifting to cloud computing as their computing solutions. Cloud computing is a new technology that offers several computing resources off-premise, mainly via the internet. It provides three main models of services: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS), and one of the services that cloud computing offers as an IaaS is cloud networking. This paper will explore this Networking in the cloud: its infrastructure, applications, costs, benefits, and as well as the challenges and concerns in the domain of general cloud computing.
Networking in The Cloud
Cloud networking is an infrastructure as a service (IaaS), mainly by cloud computing vendors, to solve traditional Networking for businesses and companies. This kind of service is usually offered through hosting. A company can choose to do it for its private use - to make a private cloud platform or use a cloud platform vendor-ed by some other company for public use - this is known as using public cloud. The integration and use of both public and private clouds are known as hybrid clouds. Most large enterprises today implement the hybrid cloud system. The cloud network, at the core, is just the traditional Networking that has been and is still implemented by companies and individuals. That fundamental understanding of computer networks is essential in the knowledge establishment of networking in the cloud.
Cloud Networking Infrastructure
Networking is conventionally implied as to the connection between two or more computers/hosts for purposes of transmitting - thus sharing data and resources. Resources can include printers, copiers, and NAS (Network-attached Storage) devices. For the linking to occur, each host should have a network interface card (NIC), which is used to attach a communication medium. Under situations where multiple nodes are connected, a switch is typically used to connect these nodes. The switches act as media through which the electric signals are distributed to the other attached devices.
There are different networks based on the computers that constitute the network: Local Area Network (LAN), Wide Area Network, cloud-based network, and the internet. The LAN is mainly used on setups of computers in either a room or a building; the WAN is a scalable network type covering a larger geographic area and can be a network of several LANs. Data in the Wide Area Network is transmitted in packets, and routers are used at every entrance of every LAN to receive and transmit those packets. The internet is the global connection of several LANs and WANs, as well as individual computers. This connection is achieved by the help of an Internet Service Provider, which communicates with a regional network via an access point known as the point of presence (POP). The POP can be a communication facility used by the ISP to access the global network or any facility used to access the internet, such as a router, dial-up server, or an ATM switch. It makes the internet a decentralized type of network, whereby several actors use and control it in their capacities, hence cannot be controlled, single person.
The global extensivity of the internet makes it an essential way of accessing and using the cloud-based network since one of the many features and advantages of cloud computing is that it can be accessed by anyone remotely from any point globally. A cloud network is an enterprise network that can be accessed and implemented on the cloud. It enables the given enterprise to distribute its network for access globally. As said before, the cloud network infrastructure is usually offered by the cloud vendor; hence all that is to be done by the user is to connect its on-premises network to the cloud network.
Since most of the physical network components are handled by the vendor company, any Enterprise that uses the cloud manages these resources using software - from network operating systems to application packages. Cloud networks mainly use server versions of operating systems, which have been built with capabilities of managing networks and all cloud network-related services. Most of the server operating systems are built on the ×86 architecture, which initially was meant for personal computers. Over the recent past, however, this architecture has been modified to support multiprocessors, making the systems handle a broad array of networking tasks. The most common operating systems used for servers are Linux-based OS and Windows Server, built and maintained by Microsoft.
The everyday tasks that the server OS do in the cloud networking domain include:
· Network management - this comprises tools that manage network performance, managing network devices, and performing system backups and restorations
· Network services include tasks that manage network services, such as IP allocation and management, name service configuration, web services, and any other services that use the network.
· Network security ensures that all the traffic in the network is authenticated, and the data and resources being shared in the network can only be accessed by authenticated agents. Standard tools and practices in network security include setting up and configuring virtual firewalls, network monitoring systems for intrusion detection, and virus protection software
· Remote access and routing- these tasks include setting up tools for sharing network resources through virtual private networks. Server OS can also accomplish routing of network traffic from a network to another.
Objectives of Cloud Networking
Since the whole cloud computing architecture offers off-premise network solutions by being accessed over the internet, factors such as speed, latency, bandwidth control must be taken into careful consideration for timely updates of any change in data being processed in the cloud. A cloud networking system needs to facilitate reliable and efficient communications and offer the virtual Networking that has been discussed.
Reliable Communications
Cloud networking systems should support the delivery of data and information to the intended recipients at the intended time and in the correct way. Reliable communications measures ensure a range of the various protocols to be used in communication, hence simplify synchronization between the sender and the receiver, detect any error in the channel, and prevents congestion or a buffer overflow in the communication channel.
Several standardization agencies, such as the Institute of Electrical and Electronics Engineers (IEEE), are developing and improving methods and systems that will enhance the reliability of communication and the present and future networking infrastructures. The IEEE, for instance, has come up with five protocol proposals, and the first one is a reliable link protocol, that is Fiber over Ethernet (FCoE (ANSI/INCITS 2009)), which is used to improve connections between a typical Ethernet system and a distributed storage area network. The second enhancement, EEE 802.1Qbb (IEEE_a 2011), is set up to prevent the loss of frames that may come from buffer overflow on the receiver's end. Upon detecting a potential occurrence of buffer overflow, this protocol works by a receiver, sending a pause control message to the sender. Upon receiving, the sender stops transmitting any new frames via the channel used for the transfer until the receiver can receive the frames again.
A third proposal, IEEE 802.1Qau (IEEE_b 2010), works just as the second in avoiding packet loss, but this model further works to avoid losses during the transfer of packets. To achieve this, switches that signal congestion to end stations are enabled. When enabled, they can control transmission rate, hence limiting frame loss.
The fourth proposal was set up as an amendment to the third proposal, which defines the ways of improving the quality of the transmission channel to support the allocation of bandwidth even in a high traffic scenario. the last proposal works to decrease congestion in IPv6 networks, by allowing data sources alert the network of any congestion that was experienced when previous packets were being transmitted.
Efficient Communications
Facilitating efficient communications is another goal that cloud networking should achieve to ensure proper communication between the sender and the receiving clients. Efficient communication seeks to balance the load among alternative paths, facilitate high data rates, provide large frame sizes, and implement multiple channels that work parallel over a given single physical channel. A common standard used for this task is the IEEE 802.1aq standard (IEEE_d 2012) - which has the Shortest Path Bridging (SPB) technology that simplifies the creation and configuration of networks while allowing frame forwarding along multiple and equal paths. The SPB provides a more significant layer of 2 topologies, which supports a large number of up to 16 million virtual LANs, as opposed to the preceding standard that could only support up to 4096 VLANs.
The SPB also supports faster converging times and improves the efficiency of mesh topologies by increasing bandwidth and redundancies. It allows traffics to be balanced within a mesh topology over all the possible path combinations.
Virtual Networking
Virtual Networking is one of the most critical features of the cloud. It sets up and manages a virtual environment in the cloud upon which virtual tools can be set up. Virtualization enables the use of virtual machines; virtual devices such as virtual switches are managed in virtual environments. The virtual switches connect a collection of virtual machines in cloud networking. The virtual machines are connected to virtual routers, just the way physical computers are connected to routers in a LAN, which are used for packet forwarding. Common hypervisors used today include Kernel-based Virtual Machine (KVM) that run on Linux operating systems, and VMware, which is proprietary software that can be purchased by businesses to create virtual machines.
Cloud vendors, at their core, are just physical hosts that have hypervisors, which allow them to run multiple virtual machines over the same hardware. Virtualization, as previously stated, is vital as it offers a solid interconnection and coordination between the host system and the network tools and elements. The hypervisor is also liked to a virtual switch, which switches a Layer 2 traffic in virtual machines that run in the same physical machine. This switching can direct and check broadcast and VLAN traffic.
It is important to note that reconfiguration of the VLAN, especially when a VM is moved to another physical layer, can be complex since these VLANs have to be configured by different and unique switches. These switches might be from different, incompatible vendors, resulting in a considerable latency in the network. A solution to this can be to use a Software-Defined Networking (SDN) to detach the control functions from the switch and to put them in an access control server. Another solution is to include a spontaneous Address Resolution Protocol (ARP) from the migrated virtual machine to update the switch tables or manage a placeholder MAC address for that particular VM.
Unlike the decentralized internet, cloud networking is centralized, meaning the network visibility and access can be centrally controlled. The network administrator can access tenants, configure a multi-tenant application, and allow the tenants to access an instance of the application.
Benefits of Using Cloud Networking
Reliability - cloud vendors have employed several systems, such as server load balancing, to ensure their systems are online and available all through the year. Advanced technologies are also being deployed and updated every time to ensure the systems are free from security threats. It has made cloud networking reliable and available.
Cost - since the physical hardware components required for Networking are covered by the cloud vendor; cloud networking has proven cheaper to set up and run since all the tenant needs to configure the infrastructure they subscribe to. Moreover, cloud networking solutions are highly scalable and customizable, with customers having several options of adding or removing components and services based on their demand and need. Most vendors also offer such IaaS on a pay-per-use basis, in that a tenant only pays for what they use and is free to cancel a given service anytime they no longer use them.
Since there is no dedicated staff for business to maintain network resources, a business can concentrate on other tasks while leaving the network operations to the network vendor. this increases staff productivity, at the same time lowering administration costs - costs that the businesses would have otherwise used to maintain the network resources.
High speed - cloud servers have been extensively optimized for speed since there are thousands of servers distributed worldwide. It results in transfers of data over less physical distance, enabling users to access the data fast. Moreover, since all the setup is web-based, deploying network assets to the cloud is also fast, taking just a few days or even minutes to set up and run a cloud networking system.
Versatility - the modular nature of cloud networking solutions makes it possible to integrate more than one networking system, such as in the hybrid system, commonly used by companies today.
Security - as much as it may be the most significant worry among cloud subscribers, cloud security is a great advantage of using cloud networking solutions. Cloud vendors have heavily invested in the security of their data centers, from the physical security of the data center premises to encryption of data in the physical machines. They have several redundant systems put in place to ensure data is free from any form of unauthorized access ad sabotage.
Challenges of and Concerns In Cloud Networking
Since there are diverse requirements for the cloud among all the cloud tenants, the present cloud networking architecture uses a rule where they use optimal conditions in which network and clod operations are made, also known as the 'one size fits all. This method is not so optimal, hence bringing out some challenges in the cloud network.
Application performance - cloud users should specify the bandwidth that their hosted applications will need while ensuring that the allocated bandwidth will offer similar performance as with an on-site deployment of the same application. Suppose these servers do not have sufficient bandwidth. In that case, there will be large latencies between the request and response transactions, leading to the Service Level Agreement (SLA) violations for the hosted applications.
Enterprises use a wide range of security tools, such as intrusion detection systems (IDS) and firewalls, to safeguard the network traffic. In most cases, these tools are installed alongside the applications that perform load balancing, application acceleration, and caching; these two different applications should run well. Any deployed application that runs in the cloud should be able to use these two diverse categories optimally. It is usually a challenge, thereby making it hard to deploy all these applications well flexibly.
The main goal of DevOps is to ensure that the applications deployed are running as intended and out of the box. It is, however, hard to achieve when deploying applications since network limitations such as lack of a broadcast domain in the cloud network and different assigned IP addresses for virtual machines may hinder their functionality. It may compel application developers to rewrite hence reconfigure their applications before deploying to be compatible with the cloud environment.
Since the virtual machines in which the network tools such as hypervisors lie are on physical hardware and location, a constraint comes about when there is a need to migrate the given machines. Migrating these machines will require migrating their respective VLANs based on the physical switch port configuration. The operation makes it difficult to move both the VLANs and the VMs, which reduces flexibility and use of the given cloud resources.
One of the main issues businesses are concerned about is the privacy of their data in the cloud. The vending companies need to constantly assure their customers that their data is not monitored by the vending companies or by any outside party or hackers. The vendors need to be transparent about using technologies such as encryption to protect their customers' data.
Security is perhaps the one main challenge and issue in the cloud computing world. Many fear that their sensitive data may fall into the wrong hands, for any reason, should they deploy their data to the cloud. As a result, they are comfortable with having their data within their local deployments. to gain people's trust, companies must adhere to all security measures of safeguarding their data centers and obtaining all the required certifications. These certifications can help win the public's trust.
Conclusion
Cloud computing has grown to be one of the most popular technologies in the current decade, with big players heavily investing in it. As a core component of the technology, cloud networking also is rising in popularity, with many businesses and enterprises around the world migrating to its use over traditional on-premise networking systems. With the growth of the internet and big data, cloud networking will see more popularity. With ever-increasing versatility, several websites, applications, and software hosted on the cloud are bound to rise. Therefore, cloud vendors must invest more in research to deliver well-curated services and provide security systems that the public can trust.
References Azodolmolky, S., Wieder, P., & Yahyapour, R. (2013). Cloud computing networking: Challenges and opportunities for innovations. IEEE Communications Magazine, 51(7), 54-62. Moura, J., & Hutchison, D. (2016). Review and analysis of networking challenges in cloud computing. Journal of Network and Computer Applications, 60, 113-129. Schoo, P., Fusenig, V., Souza, V., Melo, M., Murray, P., Debar, H., ... & Zeghlache, D. (2010, September). Challenges for cloud networking security. In International Conference on Mobile Networks and Management (pp. 298-313). Springer, Berlin, Heidelberg. Vogel, A., Griebler, D., Schepke, C., & Fernandes, L. G. (2017, March). An intra-cloud networking performance evaluation on cloudstack environment. In 2017 25th Euromicro International Conference on Parallel, Distributed and Network-based Processing (PDP) (pp. 468-472). IEEE.
Lap Report
Cloud is taking the world by storm and new innovative solutions spanning IaaS, PaaS and SaaS are being released by the day. Cloud provides an easy to use, on demand,pay as you go method of consuming it resources.
The focus of this lab is on networking in the cloud using amazon AWS. However, in order to do networking in the cloud, we must have active hosts. For simplicity, we’ll use a single EC2 instance and in it set up mininet for further cloud network simulation.
Task 1: creation of Amazon account
Log in to aws.amazon.com and create an account. The amazon account will allow to access cloud services on aws.
Task 2: Setting up an EC2 instance
To set up a virtual machine, go to EC2 and select the type of machine to create, operating system and security groups accordingly and then select launch. After a few minutes, the machine is ready for use. The machine set up does not have a graphical user interface and we will set up one as shown next.
Task 3: setting up VNC
First log in to the EC2 instance using ssh or the aws console.
In order to use the gui we need to install Ubuntu desktop and tightvnc on the EC2 instance. Using the terminal, run the following commands:
Sudo apt update
Sudo apt install Ubuntu-desktop
Sudo apt install tightvncserver
Sudo apt install gnome-panel gnome-settings-daemon metacity nautilus gnome-terminal
To launch the vnc server and create the initial configuration, type vncserver :1 into the terminal.
Open the vnc server configuration in vim using the command:
Vim ~/.vnc/xstartup
Edit the final file to look like this one:
Restart the vnc server by using the commands:
Vncserver –kill :1
Vncserver :1
To connect to the EC2 instance via VNC download a VNC client and use the public dns name followed by :1 to connect for example:
ec2-3-136-84-86.us-east-2.compute.amazonaws.com:1
Task 4: setting up and exploring mininet
Mininet is a network virtualization tool that is suitable for simulating traditional computer networks and SDN networks. This makes is an excellent testbed for simulating cloud networks. Mininet has a command line interface as well as a graphical user interface.
To install mininet on a linux host, run the command: sudo apt-get istall mininet as shown below:
Once fully installed, mininet can be invoked by running the command: sudo mn as shown below:
Running the sudo mn command starts a minimal network topology consisting of a two hosts connected via a switch. To verify this, run the command nodes as shown below:
The net commands further exposes the network topology by detailing where each interface is connected to as shown below:
It can be seen that:
host h1’s interface h1-eth0 is connected to the s1’s eth1 interface
host h2’s interface h2-eth0 is connected to s1’s eth2 interface
s1 has a loopback interface l0 and two other physical interfaces eth1 and eth2
Digging deeper into the IP configuration of the network, use the ifconfig command for the respective node that we want to investigate. For example, we can use h1 ifconfig to view the configuration details of h1 as shown below.
To test connectivity between the hosts, use the ping command as shown below:
Task 5: capturing and analysing mininet communications.
Wireshark is a popular network sniffer and protocol analyser that can be used even in cloud networks. If not installed yet, wireshark can be installed by running the command: sudo apt install wireshark as shown below:
Once installed, wireshark can be run by selecting it on the start menu or running the command sudo wireshark. The wireshark interface is as shown below:
To begin capturing the packets, a capture interface must be selected after which the start capture button. By using the filter section, we can be able to choose the protocols whose packets we want to scrutinize.