Triple Network

So what is this Triple Network that Softlayer goes on about, it is just marketing hype and is it useful?

The answer is it depends.

It is true that each and every machine has 3 networks, personally I consider it to be closer to 2.5 networks.

• One dedicated interface that is providing an IPv4 public facing address.  This is it’s own network card on a bare metal server and a virtual network card in a virtual server off a dedicate network card in the hypervisor.
• One dedicated interface that is connected to a private network, it is only addressable internal of the Softlayer network.  Again it’s own network card on a bare metal server and a virtual network card in a virtual server off a dedicate network card in the hypervisor.
• Last connection is basically an to out-of band management, think of this as your HP ILO, IBM RSA2, Dell DRAC.  Used for such tasks as OS reloads, out-of band KVM via IPMI and initiate power cycles.  Less function for a virtual machine but you can still reboot and out-of band KVM.

Every server in Softlayer (Virtual Host or Bare Metal) have dual public, dual private and single management interfaces cabled, that’s 5 network cables per physical server.

Here is the to the Data Center tour where you can get a visual understanding of the network, about 1:42 gives a good example of the network design.

Standard for all servers customer servers is 100 Mbps for Public and Private, you pay a little more for upgrades like 1 Gbps, 10 Gbps, redundant interfaces and dual unbonded interfaces (Last 3 only on Bare Metal).  No need for redundant interfaces for a virtual server because the hypervisor has redundant interfaces.

Dual unbonded 10 Gbps interfaces configured right can actually give you 20 Gbps on the Public network and another 20 Gbps on the Private network.  If your going to try to get the most out of 20 Gbps remember your going to need SSD, or a fast SAN LUN, and remember each rack has multiple 10 or 40 Gbps upstream connectivity.

Redundant interfaces on Public or Private networks actually go to different physical switches, otherwise they couldn’t really call it redundant could they.

Security.

Consider carefully the Public and Private networks you can create a more secure environment but reducing your attack-able footprint.  By only allowing the bare minimum servers access to the Public network (The only network with internet access) you can reduce the amount of servers that can be directly accessed on the internet.

This example only has the web servers accessible to the internet and the database and application servers are only accessible on the private network.