Networking in the cloud is impressive. Building redundant internet access is as easy as attaching an internet gateway (IGW) to your VPC. In an on-premises network we would have to build VLANs, subnets, IGPs, possibly HSRP and BGP etc. This holds true for many of the services in the cloud.

I’ve seen statements as “The networking team is going away because everyone is moving to the cloud”. “The networking team is going away because webscaler/startup company X networking team is only Y number of people”. This is like comparing apples to ostridges. I call BS. Why?

Networking in the cloud is relatively easy when you can leverage the standard services available, which is not always the case. It’s relatively easy because people are in the beginning of their cloud journey. They have one or a couple of VPCs. If they really move a major part of their app stack to the cloud, networking won’t be so easy. Let’s think about some examples.

In the cloud you can provision resources into different subnets, meaning different availability zones. This leads to a very high availability but it’s not enough. To build a really resilient service you need to be in different regions. It was just recently that Inter-Region Peering got available in AWS. Before that you had to build the connectivity yourself by using for example a router placed in your instance. Standard networking. Something networking people do, not app/dev people.

How do you setup a Direct Connect in AWS? You connect your fiber from your networking device in your rack to the networking device in Amazon’s rack. Then you get the paperwork authorized. Then you provision a VLAN to connect to the DX and setup BGP over it. Who is the person that sets up BGP? Yes, the networking person. Amazon has lately added support for communities in order for you to be able to get routes from different regions and/or only have your routes advertised to a local region or all. Who is going to design this? Yes, the networking person.

Even if you believe in the “everything is going to cloud” fallacy (I don’t). Do you really think that you can get rid of your entire on-premises network? Really? All switches? No Wi-Fi? No security devices? How do you get traffic between your offices? You need a WAN, right? That WAN will connect to the public cloud somehow, be it consuming SaaS services over a DIA circuit or through a DX or over a VPN. Who will manage that? Yes, the networking person. It will become common to see the public cloud as just another site in your WAN and have your SD-WAN device do the routing to the public cloud.

Even if we ignore all of the above for a while. What protocols do instances run on in AWS? TCP/IP… Know a person that knows TCP/IP fairly well? Yes, that would be the networking person. The networking person is the one that best understands traffic flows, security rules, latency, TCP resets and so on. In AWS, the concept of NACLs, security groups etc are just normal networking constructs that we use everyday in our on-premises network.

Networking is NOT going away. It’s just shifting form, as it always has, and always will. Yes, if your job is ONLY racking and stacking or ONLY provisioning switches or ONLY configuring VLANs, you’re job is at risk. I don’t know many people that only do that though. Network engineers need to evolve, as they always have. Things get automated but that doesn’t change the underlying concepts. You can’t automate what you don’t know. Networking is only relatively simple in the cloud because people are in the beginning of their cloud journeys. Wait until containers go really mainstream…Go watch a video from ReInvent with Netflix and tell me networking is easy and will go away. Networking isn’t going anywhere, the size of the networking team could change, yes, but that doesn’t mean that it’s a constant. As people get more time on their hands, there will be more projects to work on, and no matter how much you automate, you still need a certain body count to be able to move forward.

Networking in the cloud is still networking. Designing networks in the cloud can and will be complex, when the size of the deployment is large enough. If you have a solid background in networking, then you can learn networking in the cloud. NEVER NEVER skip the fundamentals, NEVER.

Networking in the Cloud – Different but the Same
Tagged on:             

4 thoughts on “Networking in the Cloud – Different but the Same

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: