1
00:00:00,270 --> 00:00:09,540
So this is the story of a server admin called Paul and a network admin called Peter, and the story

2
00:00:09,540 --> 00:00:14,790
talks about the frustrations Paul has with what Peter is telling him.

3
00:00:15,150 --> 00:00:20,940
Paul feels that network engineers like Peter and let's use some sales and marketing terms just to make

4
00:00:20,940 --> 00:00:28,020
the story funny, is not agile, is not dynamic, doesn't listen to his requests, takes too long,

5
00:00:28,020 --> 00:00:31,860
is too slow, is too antiquated and seriously.

6
00:00:31,890 --> 00:00:35,100
Needs to get out and play golf more often.

7
00:00:35,610 --> 00:00:44,100
Paul can just not understand why Peter still configures switches and routers through a antiquated old

8
00:00:44,100 --> 00:00:47,700
system, the CLI or command line interface.

9
00:00:47,910 --> 00:00:50,910
So let's talk about Paul's frustrations.

10
00:00:51,150 --> 00:00:54,480
Paul wants to deploy multiple iSCSI servers.

11
00:00:54,510 --> 00:01:01,380
These could be different types of hypervisors, but let's use VMware ESXi because that's quite a popular

12
00:01:01,380 --> 00:01:02,490
implementation.

13
00:01:02,790 --> 00:01:06,930
He wants to have the servers in different parts of the data center.

14
00:01:07,150 --> 00:01:15,390
Now, Peter, the network person, is telling Paul that to limit broadcasts and limit traffic propagation

15
00:01:15,390 --> 00:01:21,330
in the network as well as to implement better security, these ESXi servers need to be in different

16
00:01:21,330 --> 00:01:22,200
subnets.

17
00:01:22,290 --> 00:01:24,060
Now, that's a problem for Paul.

18
00:01:24,240 --> 00:01:26,670
Things have changed recently in iSCSI.

19
00:01:26,700 --> 00:01:32,730
But let's assume for now that he wants to implement things such as the motion where he wants to dynamically

20
00:01:32,730 --> 00:01:40,950
move a VM from one iSCSI server to another and is not able to do that across a routed infrastructure.

21
00:01:41,130 --> 00:01:45,030
He doesn't want Peter to implement a layer three routing infrastructure.

22
00:01:45,180 --> 00:01:50,580
He tells Peter, I need to have these iSCSI servers in the same subnet.

23
00:01:51,180 --> 00:01:55,080
So let's give them IP addresses of ten 111 and ten 112.

24
00:01:55,320 --> 00:01:58,800
Peter just laughs and says, No, you can't have that.

25
00:01:58,830 --> 00:02:02,340
You need to have your servers in different subnets.

26
00:02:02,670 --> 00:02:08,430
Now you can already start hopefully understanding the frustration and battles that are taking place

27
00:02:08,430 --> 00:02:12,340
every day between server administrators and network administrators.

28
00:02:12,360 --> 00:02:18,180
You yourself may be on the receiving end of this and involved in these kind of discussions and hopefully

29
00:02:18,180 --> 00:02:22,980
not too heated battles between server people and network people.

30
00:02:23,220 --> 00:02:26,790
So this is a problem for Paul, the server administrator.

31
00:02:27,390 --> 00:02:33,420
So first problem, I can't have my ESXi servers in the same subnet, which means I can't use the motion,

32
00:02:33,420 --> 00:02:35,610
but I want to use the motion, so that's a problem.

33
00:02:36,000 --> 00:02:41,080
Next issue Paul wants to implement micro segmentation as an example.

34
00:02:41,100 --> 00:02:43,830
He wants to put his VMs.

35
00:02:43,830 --> 00:02:50,400
So let's assume we've got two VMs here in separate subnets, but let's assume that he's got hundreds

36
00:02:50,400 --> 00:02:52,140
or thousands of VMs.

37
00:02:52,140 --> 00:02:58,500
So he tells Peter the network admin, I need 5000 VLANs for argument's sake.

38
00:02:58,890 --> 00:03:02,130
Now, Peter, the network guy says, Sorry, you can't have that.

39
00:03:02,190 --> 00:03:09,690
8 to 1 queue only supports approximately about 4096 VLANs.

40
00:03:09,690 --> 00:03:11,430
But you can't have all of those.

41
00:03:11,520 --> 00:03:14,940
You can only have, let's say, 4000 VLANs.

42
00:03:15,090 --> 00:03:20,910
So immediately, that's another problem for Paul because he is limited by the number of VLANs that he

43
00:03:20,910 --> 00:03:21,750
can deploy.

44
00:03:22,050 --> 00:03:26,760
Now, you might be thinking, well, in my network I would never use 4000 VLANs.

45
00:03:26,760 --> 00:03:33,360
But remember, in a multi-tenant data center, you may very quickly end up with many VLANs being used

46
00:03:33,450 --> 00:03:35,460
and taking it a step further.

47
00:03:35,490 --> 00:03:43,050
You might, as an example, want to have a firewall in front of a web server which may be separated

48
00:03:43,050 --> 00:03:48,870
by another firewall, protecting a database server in case the web server gets compromised.

49
00:03:48,900 --> 00:03:56,790
So in many implementations with multi tier applications, you may want to put different servers in different

50
00:03:56,790 --> 00:03:59,820
subnets and taking it to the extreme.

51
00:03:59,820 --> 00:04:06,000
Why don't you have every VM in a separate VLAN and have a firewall in front of every VM?

52
00:04:06,180 --> 00:04:08,160
So this is a problem for Paul.

53
00:04:08,190 --> 00:04:12,830
Peter is telling him that he can't have a layer to infrastructure between his servers.

54
00:04:12,840 --> 00:04:15,570
He's limited in the number of VLANs that he can use.

55
00:04:15,720 --> 00:04:19,510
And to make it even worse when Paul does request a VLAN.

56
00:04:19,529 --> 00:04:25,860
Let's say he wants to put this VM into VLAN 500 and he talks to Peter and says please implement this

57
00:04:25,860 --> 00:04:27,120
VLAN on your network.

58
00:04:27,150 --> 00:04:34,140
Peter says, Well, I need to manually configure each device through the CLI and we have to go through

59
00:04:34,140 --> 00:04:41,490
a change control process to ensure that we don't cause problems on the network and we only make changes

60
00:04:41,490 --> 00:04:43,140
on a Friday evening.

61
00:04:43,140 --> 00:04:47,910
But today's Monday, says Paul, I want to implement these VMs today.

62
00:04:48,360 --> 00:04:51,450
Peter simply says, Well, you should have asked last week.

63
00:04:51,510 --> 00:04:57,210
Now, making light of this and there are ways that you may be working around these problems in your

64
00:04:57,210 --> 00:04:59,540
environments, but try and see the first.

65
00:04:59,620 --> 00:05:02,980
Duration that a server guy has with a network guy.

66
00:05:03,310 --> 00:05:05,740
VMs can be deployed within seconds.

67
00:05:06,010 --> 00:05:08,110
Networks take a long time to deploy.

68
00:05:08,260 --> 00:05:13,690
VMs can have policies applied to them within seconds from a central management console.

69
00:05:13,990 --> 00:05:19,420
I don't know about you, but I'm pretty sure that you don't manage virtual machines, especially when

70
00:05:19,420 --> 00:05:25,510
you've got hundreds or thousands of them by manually typing commands into each device.

71
00:05:25,780 --> 00:05:33,490
I'm pretty sure you use a orchestration tool like OpenStack or VMware's management tools to manage lots

72
00:05:33,490 --> 00:05:34,750
and lots of VMs.

73
00:05:34,900 --> 00:05:42,010
So why on earth are you configuring routers individually or switches individually through the CLI server?

74
00:05:42,040 --> 00:05:47,530
Guys might be looking at network guys as Paula in this example, saying, you guys are still in the

75
00:05:47,530 --> 00:05:48,630
stone ages.

76
00:05:48,910 --> 00:05:52,060
You still doing things the way that you did 20 years ago.

77
00:05:52,090 --> 00:05:56,260
But following along with our story and once again, just take it as a story.

78
00:05:56,380 --> 00:05:58,470
US network guys are hard of hearing.

79
00:05:58,480 --> 00:06:02,540
We refuse to listen to server guys because we know what we're doing.

80
00:06:02,560 --> 00:06:05,410
We've been implementing networks for 1020 years.

81
00:06:05,710 --> 00:06:10,840
The way we've deployed them is stable, robust and scalable in our opinion.

82
00:06:10,840 --> 00:06:12,250
So why change it?

83
00:06:12,400 --> 00:06:17,440
Server guys got tired of fighting with network guys and decided to change everything.

84
00:06:18,040 --> 00:06:25,690
Remember the disruption that took place in a VoIP environment and how applications like WhatsApp changed

85
00:06:25,690 --> 00:06:28,160
everything when setting up calls.

86
00:06:28,180 --> 00:06:35,170
So the guys have had enough of fighting and dealing with network people, and the easiest solution is

87
00:06:35,170 --> 00:06:41,560
to take them out of the equation so no longer deal with network people because as we know, network

88
00:06:41,560 --> 00:06:48,440
people tend to be grumpy, tend to be very difficult to deal with, only see their way of doing things.

89
00:06:48,460 --> 00:06:50,950
So server guy said Enough is enough.

90
00:06:50,980 --> 00:06:53,530
Let's not deal with network people.

91
00:06:53,800 --> 00:06:56,830
And I only say this as a joke because I am a network person.