Five Ways Cloud Computing is Changing the Network

Cloud computing and networking are inextricably linked. Without high speed wide-area networks, public cloud computing would not be possible. The folks at Sun Microsystems were never more right than today: the network really is the computer when it comes to cloud computing. But while cloud computing is enabled by high-speed networks, cloud computing will also begin to force changes on the network as they evolve together. Here are five ways that cloud computing will change the network in the coming years:

1. Cloud computing will put pressure on network bandwidth, particularly in far-away geographies that have traditionally not had the best connectivity. Simply, more resources located in remote locations means more bandwidth required to deliver the bits. Running a workload in the cloud is only useful if you can transport the require data set to the computation and the result back to the user. That simply translates into more raw bandwidth required. Interestingly, this bandwidth may be asymmetric in the opposite sense of traditional web browsing. The web was characterized by small requests and large downloads. The cloud will be characterized by large datasets being uploaded, with smaller result sets being downloaded.
2. Cloud computing accelerates the movement toward IPv6. It’s estimated that the Internet will run out of free IPv4 addresses sometime in the fall of 2011. Technologies such as CIDR and NAT have been able to prolong the inevitable, giving us a reprieve of more than a decade from address exhaustion, but the time is rapidly approaching where you won’t be able to get an IPv4 address — they will all have been allocated previously to somebody else. The move to cloud is a big accelerator toward that, however. Previously, you only allocated an average of 1 IP address to each physical machine. With virtualization and cloud, you can now have tens of VMs running on a single piece of hardware. And because many of those VMs are running in clouds, they must be publicly accessible. This means you can’t use private addresses with NAT.
3. Firewalls have to get a lot smarter. Previously, most enterprises subscribed to the “egg model” of network security — crunchy on the outside, soft and gooey on the inside. The fundamental assumption was that you were trying to protect yourself from the “bad guys” on the outside and everybody on the inside was considered a “good guy.” With cloud, however, the model is under attack. What does “inside” mean in a cloud environment? Do you trust your cloud provider? If they aren’t exactly a good guy, do you treat them like a bad guy?
4. Networking gear will stratify into two fundamental types: ASIC-based low-level switches and software-based high-touch processing. In the past, we tended to think of networking devices as always being purpose-built hardware systems. That’s true for some devices. Low-level switching hardware, for instance, is all built around high-speed ASICs. The ASICs are fast, but relatively dumb. That is, they perform one or two simple jobs, but they do them very quickly. High level packet processing has almost always been done in software, albeit software running on purpose-built hardware. Whereas the algorithms that govern low-level switching are largely settled and therefore unlikely to change moving forward, the algorithms that govern high-level packet processing are constantly in flux (think about the move to IPv6 and smarter firewalls, mentioned previously). Because of this, it’s almost impossible to embed them in hardware as they would be obsolete in a couple of years. Everybody wants to buy a system and then keep it current with a software upgrade. This phenomenon wasn’t directly tied to the adoption of cloud computing, but with cloud computing you’ll see it accelerating. There are going to be a lot of changes to the network and so you’re going to see massive amounts of network upgrades (both topologies as well as devices) to accommodate the change.
5. High-level network packet processing goes virtual. Once you admit that high-level packet processing is all about software, you can then ask yourself, “In a cloud environment, where is the best place to run that processing?” It turns out that embedding the processing inside an x86 virtual machine is very handy. You are now able to run your VPN code inside your cloud provider and can provide an overlay routed network to connect your cloud-based VMs into your data center network. The first steps in this direction have already occurred with products like Vyatta. Expect it to accelerate.

It’s going to be interesting to see cloud computing and the network evolve over the next few years. There is a very close relationship between them and innovations on one side will force innovations on the other side.