Google Cloud service lets customers prioritize network traffic between clouds

Google Cloud has rolled out a new service that will let enterprise customers set traffic priorities and control bandwidth for cloud-based workloads.

The application awareness package is part of Google’s Cross-Cloud Interconnect service which offers secure, dedicated high-speed connections between the Google Cloud network and customer networks hosted in other clouds—such as, Amazon Web Services, Microsoft Azure, Oracle Cloud Infrastructure, or Alibaba.

Cross-Cloud Interconnect supports 10Gbps or 100Gbps dedicated, encrypted links to connect Google virtual private cloud (VPC), other VPCs, or virtual networks in different clouds. The service supports other security options such as IPsec VPN or MACsec, according to Google.

The idea with Cross-Cloud Interconnect is to let enterprise customers run their applications on multiple clouds, host multicloud SaaS applications, or migrate workloads from one cloud to another, according to Muninder Sambi, vice president of cloud networking with Google Cloud.

The application awareness service lets customers set two traffic policies: strict priority across traffic classes and bandwidth share per traffic class. The strict prioritization of busines-critical traffic ensures that lower-priority traffic egressing Google Cloud does not adversely impact higher-priority traffic during congested periods on Cloud Interconnect connections, Sambi wrote in a blog outlining the new service.

Customers can define low-priority traffic such as bulk file transfers, high-priority traffic such as streaming or live video, and essential network traffic such as Border Gateway Protocol (BGP) [core routing exchange information] or Bidirectional Forwarding Detection (BFD) [which detects link failures and other problems] transmissions, Sambi said.

In addition to the traffic priority, the service lets customers utilize traffic shaping controls to set the maximum bandwidth that each traffic class can use on Cross-Cloud Interconnect outbound data transfers, Sambi stated.

“A bandwidth percentage policy type lets users specify the target bandwidth share that each traffic class can use. Assigning percentages to each traffic class helps ensure that each traffic class can use its specified share of Cloud Interconnect bandwidth during congestion events,” Sambi stated.

“If excess bandwidth is available because a traffic class isn’t using its assigned share fully, the remaining bandwidth is shared equally among all other traffic classes,” Sambi stated.

Traditionally, customers have lacked the capability to prioritize traffic over Cloud Interconnect, forcing them to substantially overprovision bandwidth or risk subpar performance during periods of congestion. This can result in increased costs, inefficient resource utilization, and potential disruption to business operations. Application awareness addresses this need, Sambi stated.

Cloud Interconnect with application awareness lets organizations ensure consistent performance and reliability for their critical applications, even during peak traffic periods and congestion events on their Cloud Interconnect—allowing businesses to build distributed applications while consuming SaaS and AI/ML services, Sambi stated.

For improved Cross-Cloud Interconnect network management, Google Cloud added a feature called VPC Flow Logs that lets customers gain flow-level visibility into network traffic within Google Cloud. By recording packets sent and received by virtual machines, VPC Flow Logs lets customers analyze network traffic not only for performance monitoring and troubleshooting, but also for network forensics, security and compliance, and cost optimization, Sambi stated.

“In order to provide a consistent and easy-to-use observability experience, we’ve expanded VPC Flow Logs coverage to include visibility into network traffic over Dedicated Interconnect, Partner Interconnect, Cross-Cloud Interconnect, and Cloud VPN. Customers can now generate flow logs not just for subnets, but also for your VLAN attachment and VPN tunnels, and receive the same 5-tuple (source IP, destination IP, source port, destination port, and protocol) granularity as you do for traffic within Google Cloud,” Sambi stated.

Flow Analyzer is available for all VPC Flow Logs customers and lets customers identify and visualize network traffic flows, including top talkers, without having to write complex SQL queries. All VPC Flow Logs can also be integrated and analyzed with services from the observability partner of the customer’s choice, Sambi stated.

Source:: Network World