• United States

We need innovation to help escape from the cloud-services land of Oz

Sep 05, 20184 mins

Industry-standard networking practices can streamline corporate access to public clouds.

yellow brick road ruby slippers not in kansas any more wizard of oz
Credit: Getty Images

Welcome to Agility City! Let me set the scene.

In the castle, the Wonderful Wizard orchestrates networks in beautiful and powerful ways. Point-to-point tunnel connections are heralded as “architectural wonders,” which decades ago were called bridges with disdain.

Meanwhile, The Wicked Witch of the West brews a primordial potion of complexity that is hidden behind curtains of automated provisioning. Packets of information are heavily laden with unnecessary information and double encryption.

It almost makes you want Dorothy Gale to appear and click her ruby slippers – “There’s no place like home. There’s no place like home.” If only we start talking about true networking and not orchestration of bridges.

I spent some time watching AWS re:Invent 2017 Networking sessions on YouTube and felt like a house was just dropped on top of me. AWS has solved many problems with their new releases and added new kinds of connectivity inside the AWS world.

However, connecting corporate networks to theirs is still a tunnel-fest. If you are very careful, stay within the limits defined, avoid overlapping addresses and provision all your routes correctly, it will allow any-where-to-any-where communication. Just don’t expect to go over 50 connections per VPC, or 1.25 GigaBits per IPSec tunnel. Even Toto would bark at that!

Bridges were replaced with routed links when networking was created. But IPSec tunnels are newfangled bridges that are the new connector of choice. The tunnels are being designed into public cloud networking schemes and are at the center of most SD-WAN solutions. The Wizard cannot change the fundamental nature of the networking world by handing out brains, hearts and medals for bravery. Even winged monkeys can’t hide in the mess of point-to-point connections that are state full network-to-network bridges.

Instead, determine the following variables: A = How many current VPC’s will you eventually use. B = How many locations need to access your VPC’s. Simply multiply AxBx2 to get the count of bridges that need to be provisioned, monitored and controlled. One company I recently spoke with had data centers on five continents, over 100 large office locations and more than 1,300 VPC’s at AWS alone. No amount of wizardry can hide this mess.

Software, especially open source software, is the key to innovation. Cookies are placed in packets to solve authentication and session management problems. Applications overcome NATs and network induced problems and the developers ignore any and all information from the network.

To increase performance, software developers use the network in parallel fashion and cache contents. Application guys develop improvements at a rapid pace, including standards such as QUIC, and TLS1.3. Innovation in the networking industry recently has focused on creating curtains to go over top of or hide the ugly and inefficient architecture. Orchestration of layers of networking complexity is not the answer.

Instead of letting AWS at re:Invent tell you how to connect to them, our industry needs to agree on how we want networks to operate. We need to do what AWS, Azure and Google do – use software to innovate networking. Concepts like embedded cookies that can traverse NAT boundaries to communicate network information are possible. Routing that traverses private/public boundaries is possible. IPv4 and IPv6 borders no longer have to be barriers to routing protocols. Semantic-based routing definitions are likely.

We have the power to innovate. We know the requirements. Let’s get back to networking basics. Eliminate the layers of encapsulation and double encryption. Throw water on the piles of tunnels and bridges to melt them away. Click your heels together and dream of a future network that can interconnect networks intelligently without bridges or tunnels.

Toto, let’s go home!


Patrick MeLampy is a co-founder and Chief Operating Officer at 128 Technology, a company that is attempting to "Fix the Internet."

Prior to 128 Technology, MeLampy was Vice President of Product Development for Oracle Communications Network Session Delivery products. Prior to Oracle, MeLampy was CTO and founder of Acme Packet, a company acquired by Oracle in February of 2013 for $2.1 billion dollars.

MeLampy has an MBA from Boston University, and an engineering degree from the University of Pittsburgh. He has 28 years of experience and has been awarded 35 patents in the telecommunications field.

The opinions expressed in this blog are those of Patrick MeLampy and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.