Community Leaderboard

# Name Points
1 Kevin Stewart Kevin Stewart  8623
2 What Lies Beneath What Lies Beneath  2459
3 nitass nitass  2394
4 Cory Cory  1594
5 IheartF5 IheartF5  1511
Full Leaderboard »

DevCentral Latest Activity Stream

Kevin Stewart answered the question Customize logon page

2 minutes ago

Arunprabhu asked the question Multi tenancy design, Route domain

17 minutes ago

Bruno commented on SDN Prerequisite: Stateful versus Stateless

Hello Lori

I partially disagree with your conclusion about SDN vs state(less) as there are a number of cases where controllers have been used to manage large scale states in networks.

As you may know, controllers are not new to networking, they have been there in voice networks, ATM networks, optical networks, etc. In the case of cellular networks, all the services from basic phone features to being able to roam is possible because portions of the IMS, acting as a controller, manage state for my mobile device. Considering the number of cellular devices out there, it is safe to conclude the IMS, as a controller, handles large amount of state.

Now that being said what you are hinting at is "where" should different type of state be maintained. For instance a firewall rule has no state until implemented on a device and once traffic flow through it, that becomes the only place that state is maintained. Should it report its states to a central controller ? There would have to be some benefits to do so a bit like my IMS example... For instance to possibly solve active / active asynchronous connectivity to 2 DC (a bit like the ASM policy synch between DCs but with state on top...) or some form of active correlation of sessions between diverse enforcement points which currently are acting as "ships in the night" and cannot be coordinated. (not implying these are good use cases).

Today we tend to solve these issues by aggregating the traffic to a small set of perimeter devices, reducing the use case to a simpler one as all the state reside on one or few devices. SDN opens the possibility of similar benefits in a distributed architecture.

This is not a binary discussion and again, current networking technologies have shown that controllers functions can indeed maintain large scale state if there is a need for it and if this is the case, well we build the appropriate types of controllers for the job.

Chee

22 minutes ago

Kevin Stewart answered the question Blue screen after connecting to F5

30 minutes ago

Arunkumar asked the question LTM 1600 - TACACS server( ACS 5.2)

1 hour ago