Virtualized Access Layer. Petr Grygárek



Similar documents
Virtual networking technologies at the server-network edge

Running a VSM and VEM on the Same Host

Configuring iscsi Multipath

How To Set Up A Virtual Network On Vsphere (Vsphere) On A 2Nd Generation Vmkernel (Vklan) On An Ipv5 Vklan (Vmklan)

Huawei Enterprise A Better Way VM Aware Solution for Data Center Networks

DCB for Network Virtualization Overlays. Rakesh Sharma, IBM Austin IEEE 802 Plenary, Nov 2013, Dallas, TX

Network Virtualization

Network Troubleshooting & Configuration in vsphere VMware Inc. All rights reserved

Deploying 10 Gigabit Ethernet on VMware vsphere 4.0 with Cisco Nexus 1000V and VMware vnetwork Standard and Distributed Switches - Version 1.

How to Deploy a Nexus 1000v lab with a single ESX host.

Expert Reference Series of White Papers. VMware vsphere Distributed Switches

Next Generation Data Center Networking.

Configuring Network Load Balancing for vethernet

VXLAN: Scaling Data Center Capacity. White Paper

PassTest. Bessere Qualität, bessere Dienstleistungen!

Configuring Network Load Balancing for vethernet

Configuring Network Load Balancing for vethernet

Cloud Networks Uni Stuttgart

What is VLAN Routing?

SOLUTIONS FOR DEPLOYING SERVER VIRTUALIZATION IN DATA CENTER NETWORKS

Visibility into the Cloud and Virtualized Data Center // White Paper

How to Deploy a Nexus 1000v lab with VMware Workstation.

Enhancing Cisco Networks with Gigamon // White Paper

Expert Reference Series of White Papers. Cisco Data Center Ethernet

VMware ESX Server Q VLAN Solutions W H I T E P A P E R

How to Create VLANs Within a Virtual Switch in VMware ESXi

Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.

Cisco Nexus 1000V Virtual Ethernet Module Software Installation Guide, Release 4.0(4)SV1(1)

How to monitor network traffic inside an ESXi host

CHAPTER 10 LAN REDUNDANCY. Scaling Networks

Switching in an Enterprise Network

The Future of Computing Cisco Unified Computing System. Markus Kunstmann Channels Systems Engineer

Configuring Local SPAN and ERSPAN

Objectives. The Role of Redundancy in a Switched Network. Layer 2 Loops. Broadcast Storms. More problems with Layer 2 loops

Virtual Networking Features of the VMware vnetwork Distributed Switch and Cisco Nexus 1000V Series Switches

A Platform Built for Server Virtualization: Cisco Unified Computing System

OVERLAYING VIRTUALIZED LAYER 2 NETWORKS OVER LAYER 3 NETWORKS

Demystifying Cisco ACI for HP Servers with OneView, Virtual Connect and B22 Modules

Configuring Cisco Nexus 5000 Switches Course DCNX5K v2.1; 5 Days, Instructor-led

WHITE PAPER. Network Virtualization: A Data Plane Perspective

Geschreven door Administrator woensdag 13 februari :37 - Laatst aangepast woensdag 13 februari :05

Microsoft SQL Server 2012 on Cisco UCS with iscsi-based Storage Access in VMware ESX Virtualization Environment: Performance Study

VXLAN Bridging & Routing

Implementing and Troubleshooting the Cisco Cloud Infrastructure **Part of CCNP Cloud Certification Track**

vsphere Networking vsphere 5.5 ESXi 5.5 vcenter Server 5.5 EN

QoS Queuing on Cisco Nexus 1000V Class-Based Weighted Fair Queuing for Virtualized Data Centers and Cloud Environments

How To Make A Virtual Machine Aware Of A Network On A Physical Server

Standardizing Data Center Server- Network Edge Virtualization

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch

How To Manage A Virtualization Server

Reference Design: Deploying NSX for vsphere with Cisco UCS and Nexus 9000 Switch Infrastructure TECHNICAL WHITE PAPER

- EtherChannel - Port Aggregation

Cisco Datacenter 3.0. Datacenter Trends. David Gonzalez Consulting Systems Engineer Cisco

Install Guide for JunosV Wireless LAN Controller

Gaining Control of Virtualized Server Environments

Nutanix Tech Note. VMware vsphere Networking on Nutanix

Visibility into the Cloud and Virtualized Data Center // White Paper

Cloud Networking Disruption with Software Defined Network Virtualization. Ali Khayam

White Paper. Using VLAN s in Network Design. Kevin Colo

Advanced VSAT Solutions Bridge Point-to-Multipoint (BPM) Overview

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Control Tower for Virtualized Data Center Network

SAP Solutions on VMware Infrastructure 3: Customer Implementation - Technical Case Study

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Ethernet Virtual Bridging Automation Use Cases

Bring your virtualized networking stack to the next level

Analysis of Network Segmentation Techniques in Cloud Data Centers

Programmable Networking with Open vswitch

vsphere Networking ESXi 5.0 vcenter Server 5.0 EN

HP Virtual Connect Ethernet Cookbook: Single and Multi Enclosure Domain (Stacked) Scenarios

VMware Virtual Networking Concepts I N F O R M A T I O N G U I D E

BLADE PVST+ Spanning Tree and Interoperability with Cisco

How To Use Ecx In A Data Center

What s New in VMware vsphere 5.5 Networking

vsphere Networking vsphere 6.0 ESXi 6.0 vcenter Server 6.0 EN

The Impact of Virtualization on Cloud Networking Arista Networks Whitepaper

Cisco Nexus 1000V Series Switches

Building the Virtual Information Infrastructure

Multi-Chassis Trunking for Resilient and High-Performance Network Architectures

Enterasys Data Center Fabric

Open Source Network: Software-Defined Networking (SDN) and OpenFlow

hp ProLiant network adapter teaming

HP Virtual Connect for the Cisco Network Administrator

Hyper-V Networking. Aidan Finn

Virtual Private LAN Service on Cisco Catalyst 6500/6800 Supervisor Engine 2T

HP Virtual Connect: Common Myths, Misperceptions, and Objections

VMware NSX Network Virtualization Design Guide. Deploying VMware NSX with Cisco UCS and Nexus 7000

Ethernet-based Software Defined Network (SDN) Cloud Computing Research Center for Mobile Applications (CCMA), ITRI 雲 端 運 算 行 動 應 用 研 究 中 心

Virtual Networking Management White Paper. Version Status: DMTF Informational Publication Date: DSP2025

ADVANCED NETWORK CONFIGURATION GUIDE

Best Practices Guide: Network Convergence with Emulex LP21000 CNA & VMware ESX Server

Expert Reference Series of White Papers. vcloud Director 5.1 Networking Concepts

Virtual PortChannels: Building Networks without Spanning Tree Protocol

Simplify IT. With Cisco Application Centric Infrastructure. Barry Huang Nov 13, 2014

Underneath OpenStack Quantum: Software Defined Networking with Open vswitch

Transcription:

Virtualized Access Layer Petr Grygárek

Goals Integrate physical network with virtualized access layer switches Hypervisor vswitch Handle logical network connection of multiple (migrating) OS images hosted on physical server(s) Apply network policies to virtualized switches and virtualized network attachments QoS, ACLs & security profiles, During VM migration, policies have to be migrated with VM Unified management & policies of both physical and logical network elements Connects together server administrator s and network administrator s views and processes Network awareness of inter-vm traffic Policy enforcement, statistics, packet capture, Avoid extending of STP domain

Possible solution approaches 1. Implement standard network functions and APIs into software-based virtual switches E.g. Cisco Nexus1000V 2. Avoid local switching and forward traffic from individual remote virtual NICs to physical switch for processing via separate logical channels Dynamically create corresponding logical veth interface on HW switch to provide configuration and feature consistency Suitable when vertical traffic prevails Which does not 100% apply anymore in current DC models with horizontally-scalable applications

802.1Qbg - Edge Virtual Bridging Defines multiple technologies Virtual Ethernet Bridge (VEB) (roughly corresponds to VMWare vswitch) L2 inter-vm communication VLAN support Virtual Ethernet Port Aggregator (VEPA) hypervisor forwards even inter-vm traffic to external switch No MAC address learning & flooding needed external switch s monitoring and security tools can be enforced Switching function can also be built into CNA Standard Mode (tagless) external switch needs to be able to forward frame back to the port which the frame came from (modified standard behaviour) reflective relay Multi-channel - QinQ between hypervisor and external switch multiple logical attachment points for individual VNICs Broadcast/multicast replication on controller switch

IEEE 802.1BR - Bridge Port Extension (1) (originally started in 802.1qbh) Defines Extended bridge Standardized alternative to proprietary technologies like Cisco FEX Model of controlling (physical) bridge + Port Extender(s) managed as single entity (port extenders can be understood as remote I/O cards) no local switching - all traffic goes via controlling switch support for remote HW-based multicast/broadcast traffic replication E-channel - logical channel between Extended port and corresponding virtual interface on controlling switch E-Tag - E-channel ID, contained in modified Ethernet frames equivalent of Cisco VNTag (=slightly different format built on 802.1BR prestandard) Port extenders may be cascaded example: controlling switch - FEX + 802.1BR-compatible server NIC (NIC virtualization) + 802.1BR-compatible hypervisors on blade servers connected to each virtualized switch VM Allows multiple network layers to be managed as single device/layer Tags are NOT stacked Tag- to-port mapping table still needed in Port Extenders Tags are learnt together with MAC addresses on controlling SW

IEEE 802.1BR - Bridge Port Extension (2)

Port Extender Functionality As simple as possible Northbound: add tag based on receiving (virtual) port & forward Southbound: forward based on DST VIF Remove E-Tag at a last hop

Bridge Port Extension Use Cases Physical server NIC adapter partitioning ("Adapter-FEX") multiple simulated NICs presented by BIOS/PCI to OS, single attachment link to physical switch tens of simulated NICs are currently supported Ethernet vnics or FibreChannel HBAs dual uplink provides seamless redundancy of virtualized server NICs active+standby mode, NIC teaming in OS does not need to be configured Virtualized physical VM-to-physical switch connection fixed VEths (e.g. Redhat, Windows, VMWare ESX hypervisors) floating veths (e.g. VMWare ESX hypervisors)

VNTag/E-Tag header fields Presence of VNTag/Etag (4B) identified by special EtherType value (2B) VNTag header may be followed by 802.1q header Frame fields Direction: indicates whether frame travels from or to remote adapter Source VIF (12b) Looped flag: frame looped by physical switch back to the same adapter (inter-vnic switching) Needed to avoid broadcast/multicast cycles Destination VIF (12b) / VIF_List if Pointer bit is specified, VIF_List is used to specify destination VIFs to replicate the frame

Port extender to controller switch Interactions Port extender reports number of ports to upstream switch upstream switch automatically creates corresponding number of tags associating each tag with single extender port

802.1q versus VNTag 802.1q trunk is treated by physical switch as a single port in terms of applied policies Policies mostly cannot be applied per-vlan All VLANs (trunk) extended to the host, server admin has to properly selects VLAN to be fed to individual VMs extension of (per-vlan) STP domains to the host VNTag creates virtual interfaces corresponding to vnics that can be assigned separate policies veths treated the same way as ordinary ports by switch operating system

Cisco Nexus 5000 Static veth Configuration Example inteface veth 1 switchport mode trunk bind interface Ethernet101/1/2 channel 3 101/1/2 identifies physical downlink interface (FEX-attached VNTag-capable host) Channel 3 identifes VIF

Cisco Nexus 5000 Dynamic veth Configuration Example N5K registers itself to vsphere as vds and reports its configured port profiles Profile can be seen as port-group in vcengter Server administrator defines channel # and profile for each vnic vethernet autocreate interface Ethernet1/10 switchport mode vntag // FEX downlink port-profile type vethernet MYPROFILE switchport mode access switchport access vlan 60 port-binding dynamic state enabled // created automatically interface vethernet 23769 bind interface ethernet 1/10 channel <# defined on server> inherit port-profile MYPROFILE

References: Related IEEE standards: http://www.ieee802.org/1/pages/802.1br.html http://www.ieee802.org/1/pages/802.1bg.html Comparisons of related standards (Cisco) http://www.cisco.com/en/us/prod/collateral/switches/ps9441/ps990 2/whitepaper_c11-620065_ps10277_Products_White_Paper.html Cisco FEX standards: http://www.cisco.com/en/us/solutions/collateral/ns224/ns945/ns113 4/qa_c67-693220.pdf VNTag & IEEE standards http://www.ieee802.org/1/files/public/docs2009/new-pelissier-vntagseminar-0508.pdf Virtual Ethernet Bridging http://www.ieee802.org/1/files/public/docs2008/new-dcb-ko-veb- 0708.pdf

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information