Click the blue text to follow us
Not long ago, there was an article titled “A Comprehensive Overview: The Evolution of IP Networks” that introduced the development and changes in IP networks from the perspective of network engineers. Among the recommendations, Silivano Gai’s book, “Building Future-Proof Cloud Infrastructure Architecture,” is indeed worth reading. It provides a high-level overview:
“The debate between bridging and routing supporters has been very active for the last 25 years. With Ethernet being the only surviving technology at layer 2, the term bridging is today a synonym of Ethernet bridging, with its behavior defined by the Institute of Electrical and Electronics Engineers (IEEE) in IEEE 802.1 [2] and implemented by bridges. On the other hand, IP is the only surviving technology at layer 3, and routing is the synonym of IP routing with its behavior defined by IETF [3] (Internet Engineering Task Force) RFC (Request For Comment) standards and implemented by routers.”
Therefore, network virtualization is relatively straightforward, concerning the matters between L2 and L3. Following up on the previous assignment, I believe we need a terminology explanation section. Let’s start with network virtualization.
| Category | Technology |
| Switch | VEB, VEPA, VNTAG, VSS, DVS, OVS, FEX |
| Layer 2 Link | VLAN |
| L2 Network on L2 | VLAN |
| L2 Network on L3 | NVO3, VXLAN, NVGRE, STT, TRILL, LISP |
| Routing | VRF, VRRP |
| L3 Network on L3 | MPLS, GRE, GUE, Geneve |
VEB (Virtual Ethernet Bridge)
The initial example of VEB is VMware’s vSwitch.
For the implementation of VEB, there are two categories: software and hardware [1].
Software VEB connects the virtual switch to the physical network card, where packets from the virtual network card first reach the virtual switch. Based on the information from the virtual switch, packets between VMs are forwarded by the vSwitch, while packets destined for the outside are forwarded to the physical network card.
Hardware VEB is essentially based on SR-IOV network cards, which allow virtual network cards to bypass the hypervisor’s virtual switch and connect directly to the virtual machine. The SR-IOV network card replaces the function of the virtual switch, while the packet path between VMs remains the same.
It can be seen that the basic function of VEB is to facilitate packet exchange between VMs, which occurs on the server side. If we consider the overall network management functionality, especially controls like ACLs, switch manufacturers have a demand to ensure that traffic between VMs reaches the switch.
VEPA (Virtual Ethernet Port Aggregator):
This is what some refer to as “hairpinning”; all traffic from the virtual machine goes through the physical network card to the external switch, allowing the original functions of the virtual switch to be offloaded to the physical switch, integrating physical and virtual networks.
Here, the concept of hairpinning arises, where traffic between virtual machines on the same physical machine enters and exits through the corresponding port on the switch. For a qualified layer 2 switch, STP (Spanning Tree Protocol) does not allow this. This requires special virtualization support.
EVB stands for Edge Virtual Bridge. VEPA is a protocol proposed by HP under the IEEE 802.1qbg standard.
For VEPA, the rights of the VM and Hypervisor are separated. If they need direct access to the network card, or if some VMs wish to use VEB, VEPA introduces the S-Channel concept to support diverse needs.
VNTAG (Virtual Network TAG)
To address the STP violations mentioned above regarding VEPA, Cisco proposed VNTAG based on IEEE 802.1qbh ‘Bridge Port Extension’ to solve the network management issues for VMs [2].
VIF_ID defines multiple virtual network interfaces on a physical network port, thus solving the hairpinning issue.
Switches themselves also have virtualization needs:
VSS (VMware Standard Virtual Switch) does not need further explanation. It is the most basic virtual network [3].
DVS (Distributed Virtual Switches)
This is also a VMware concept for network management across multiple nodes in vSphere [4].
OVS (Open vSwitch)
This is currently the most popular virtual network switch in public clouds.
FEX (Fabric Extender)
Cisco’s virtual switch system can aggregate physical switches into a single logical switch.
VLAN – This does not need explanation.
Traditional data centers need to support BUM (Broadcast, Unknown-Unicast, and Multicast) traffic and layer 2 bridging technology. To accommodate these functions, the network architecture is relatively complex, with excessive redundancy designs that are difficult to scale. Generally, a “1+1” redundancy design is adopted, and network scale is expanded by adding switches.
Modern data centers do not have these burdens; the homogeneity of devices is high, and the network can focus on Unicast and layer 3 routing, significantly simplifying the complexity of the network. Modern data center networks generally adopt a fully layer 3 design, routing network protocols, without layer 2 bridging, multicast, and broadcast functionalities.
Overlay
Essentially, this runs layer 2 protocols over a layer 3 network [6].
Next, we will understand the concepts of layer 2 over layer 3 and layer 3 over layer 3.
NVO3 (Network Virtualization Overlays) [5]
The purpose of the NVO3 Working Group is to develop a set of protocols and/or protocol extensions that enable network virtualization within a data center (DC) environment that assumes an IP-based underlay. An NVO3 solution provides layer 2 and/or layer 3 services for virtual networks enabling multi-tenancy and workload mobility, addressing the issues described in the problem statement (including management and security), and consistent with the framework previously produced by the NVO3 Working Group.
The NVO3 Working Group will develop solutions for network virtualization based on the following architectural tenets: – Support for an IP-based underlay data plane – A logically centralized authority for network virtualization. Network virtualization approaches that do not adhere to these tenets are explicitly outside the scope of the NVO3 Working Group.
In pursuit of the solutions described above, the NVO3 Working Group will document an architecture for network virtualization within a data center environment.
NVO3 resembles an overall framework for multi-tenant public cloud environments, similar to the previous OSI 7-layer model, which does not have strong operational significance; rather, the roles of certain technologies are more significant.
VXLAN (Virtual eXtensible Local Area Networks)
VNI – Virtual Network Interface
VTEP – Virtual Tunnel End Point
VXLAN packet format
NVGRE (Network Virtualization Using Generic Routing Encapsulation)
As the name suggests, it is based on GRE (Generic Routing Encapsulation), and the packet format is as follows. The main user currently is Microsoft.
STT (Stateless Transport Tunneling Protocol)
STT, like VXLAN and NVGRE, is also a tunneling protocol.
In STT, because it uses the TCP header, two optimization techniques are introduced: LSO (Large Segmentation Offloading) and LRO (Large Receive Offloading).
TRILL (Transparent Interconnection of Lots of Links)
This is a method for optimizing bandwidth in data center networks. As a representative of the new large layer 2 network, it competed with SPB (Shortest Path Bridging) in 2010, but the concept of large layer 2 networks has now been replaced by the overlay concept.
TRILL may represent the decline of switch-centric data center networks, as network virtualization shifts towards the era of VXLAN/NVGRE/STT based on host locations.
LISP (Locator/ID Separation Protocol)
This is a next-generation layer 3 routing protocol led by Cisco. It is uncertain whether it can replace the currently widely used BGP protocol in data centers.
VRF (Virtual Routing and Forwarding)
Similar to layer 2 VLAN, it allows multiple routing tables to coexist on a single physical router.
VRRP (Virtual Router Redundancy Protocol)
This is mainly a redundancy configuration protocol between routers, with detailed comparisons below [7].
MPLS (Multi-Protocol Label Switching)
This seems to be the cornerstone of the entire internet today. It is a standard L3 in L3.
GRE (Generic Routing Encapsulation)
Let’s stop here for now; we have only discussed some terms related to network virtualization in data centers, and it feels like this topic is becoming increasingly complex. Before the rise of cloud computing, there were terms like carrier Ethernet and data center Ethernet. Now, with the emergence of NFV, there is a trend of integration between the two networks, possibly within the larger framework of 5G and edge computing, where ICT has already merged.
[1]http://networkerhere.blogspot.com/2012/11/impact-of-server-virtualization-on.html
[2]http://www.definethecloud.net/access-layer-network-virtualization-vn-tag-and-vepa/
[3]https://pubs.vmware.com/vsphere-51/topic/com.vmware.wssdk.pg.doc/PG_Networking.11.4.html?resultof=%22%56%53%53%22%20%22%76%73%73%22%20
[4]https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.wssdk.pg.doc%2FPG_Networking.11.4.html
[6]Enterprise Digitalization Cornerstone – Alibaba Cloud Computing Infrastructure Practice
[5]https://datatracker.ietf.org/wg/nvo3/about/
[7]https://www.networkstraining.com/hsrp-vrrp-glbp-comparison/
|
High-End WeChat Group Introduction |
|
|
Startup Investment Group |
AI, IoT, Chip Founders, Investors, Analysts, Brokers |
|
Flash Memory Group |
Covering over 5000 global Chinese flash and storage chip elites |
|
Cloud Computing Group |
Discussions on all-flash, software-defined storage (SDS), hyper-convergence, and public/private cloud |
|
AI Chip Group |
Discussions on AI chips and heterogeneous computing with GPUs, FPGAs, and CPUs |
|
5G Group |
Discussions on IoT and 5G chips |
|
Third-Generation Semiconductor Group |
Discussions on compound semiconductors like GaN and SiC |
|
Storage Chip Group |
Discussions on various storage media and controllers like DRAM, NAND, and 3D XPoint |
|
Automotive Electronics Group |
Discussions on MCUs, power supplies, sensors, and other automotive electronics |
|
Optoelectronic Devices Group |
Discussions on optical communication, lasers, ToF, AR, VCSEL, and other optoelectronic devices |
|
Channel Group |
Pricing, market trends, channels, and supply chains for storage and chip products |
< Long press to recognize the QR code to add friends >
Join the above group chats
Long press and follow
Leading you into the era of intelligent storage, intelligent everything,
and the information revolution of the Internet of Everything
WeChat ID: SSDFans