young-man-wearing-vr-glasses-with-neon-light-futu-2021-12-17-19-01-47-utc

Introducing Intent-based networking; it’s not hype.

 

 

Intent-based Networking

Intent-based networking is not just hype and we see a lot of intent-driven networks already with the many SD WAN overlay roll-outs. It is a necessary development and from a technology standpoint, it has now arrived. However, cultural acceptance will take a little longer. Organizations are looking to modernize their business processes and their networks. Yet, the traditional vertically integrated monolithic networking solutions prohibit the network from achieving agility. This is why we need intent based networking systems. So, what is intent based networking? Intent-based networking is where an end-user describes what the network should do and the system automatically configures the policy. It uses declarative statements i.e what the network should do as opposed to imperative statements. 

 

  • A key point: Video on intent-based networking

In this video, we will discuss the basics of intent-based networking: informing the controller about the end goal and allowing the controller-based network to figure out the low-level device and configuration details. Finally, as a product reference, we discuss Cisco SD-Access.

 

 

You are telling the network what you want to accomplish, not exactly what to do and how to do it i.e tell me what you want, not how to do it, all of which gets translated behind the scenes. Essentially, intent-based networking which is a piece of networking software takes the “what” and converts it into the “how”. The system does this by generating the resulting configuration for design and device implementation. The system is provided with algorithms that translate business intent into network configurations. Humans can not match the speed of algorithms and this is key. The system is aware of the network state and is able to ingest real-time network status from multiple sources in a transport and protocol-agnostic way.

It adds the final piece of the puzzle, by continuously validating in real-time that the intent is being met. The system is continuously comparing the actual to the desired state of the running network. If the desired state is not met, then corrective actions can take place such as modifying a QoS policy or applying an access control list (ACL). This allows for a closer alignment between the network infrastructure and business initiatives and gives the network correctness all the time.

 

Networking Complexity

Networks continue to get more complex as traffic demands increase. While software-defined networking (SDN) can abstract the underlying complexities we need to look at how we orchestrate the policy and intent across multi-vendor, multi-domain elements.

To overcome complexity, you have to abstract. We have been doing this with tunnelling for decades. However, there are different abstractions used at the business level and at the infrastructure resource level. At a business level, you need to be flexible as rules will change and must be approached differently from how the operating system approaches modelling resources. For this, we need to make new architecture decisions, as it’s not just about configuration management and orchestrations. None of these can look at the network state which is what we need to do.

For this, we need network intelligence. The way networks are built and managed today uses a manual approach, without any algorithmic validation. The manual approach to networking is not viable in the future.  Let’s face it, humans make mistakes. There are a number of reasons for network outages, ranging from software bugs, and hardware/power failure to security breaches. But human error is still the number one cause. We are inhibited by manual configuration. Intent-based networking eliminates this inhibition.

 

intent-based networking
Diagram: Intent-Driven Network.

 

The traditional approach to networking

In the traditional network model, there is a gap between the architect’s intent and what’s actually achieved. Not just for device configuration, but also for achieved runtime behaviour. Until now there has not been a way to validate the original intent, or to have a continuous verification mechanism. Once you have achieved this level of assurance you can focus on business needs and not be constrained by managing a legacy network. For example, Netflix moved its control plane to the cloud and now focuses all of its time on its customer base. We have gone halfway and spent billions of dollars on the compute, storage, and applications but the network still lags. The architecture and protocols have become more complex but the management tools have not kept pace. Fortunately, now this is beginning to change.

 

Software-defined networking; slow deployments

SDN shows great promise that could release networking, but deployments have been slow. Primarily down to large cloud-scale organizations with ample resources and dollars. But what can the rest of the industry do if we do not have that level of business maturity?  Intent-based networking is a natural successor to SDN as many of the intent-based vendors have borrowed the same principles and common architectures. The systems are built on the divide between the application and the network infrastructure. However, SDN operates at the network architecture level where the control plane instructs the data plane forwarding node. Intent-based systems work higher at the application level to offer true brownfield network automation. Both SDN and SD-WAN have made huge leaps in network programmability but intent-based networking is a further leap to zero-touch self-healing networks. For additional information on SD-WAN, including the challenges with existing WANs, such as lack of agility with BGP ( what is BGP protocol in networking ) and the core features of SD-WAN, check out this SDWAN tutorial.

 

Intent-Based Networking Use Case

Let’s say the wide-area network (WAN) edge consists of a number of network infrastructure devices including Layer 3 routers, SD-WAN appliances such as Viptela SD-WAN, and WAN optimization controllers. All of these devices could send diagnostic information for the intent-based system to ingest. As a matter of fact, the system can ingest from multiple sources, including a monitoring system and network telemetry. As a result, the system is able to keep track of application performance over a variety of links. If there is a performance-related problem and the policies are not being met and application performance is degrading, the system can take an action such as to re-route the traffic over a less congested link or simply notify a network team member. The intent-based system does not have to take corrective action, similar to how IDS/IPS are deployed. These devices can take corrective action if need be, but many use IDS/IPS to alert.

 

Looking deeper on intent based networking systems

The intent-based architecture is a combination of machine learning (ML), cognitive computing, and deep analytics providing enhanced levels of automation and programmability through an easy-to-use GUI. The combination of these technologies allows you to move from a reactive to a proactive system.

ML, a sub-application of artificial intelligence (AI) allows intent-based systems to analyze and learn from data automatically without the need for explicit programming. Therefore, enables systems to learn and make predictions on the data for autonomous behaviour. Intent-based networking represents a radical new approach to network architecture and takes networking to the next level in terms of intelligence.

It is not a technology that is going to be accepted overnight. Its adoption will be slow as to some a fully automated network can sound daunting placing the faith of your business which for many organizations is the network. However, deploying intent-based networking systems offers a new way to build and operate networks, compared to traditional networking,  increasing agility, availability, and security.

 

 

Matt Conran
Latest posts by Matt Conran (see all)

Comments are closed.