Feeds

Getting your virtual hands dirty with virtual networking

You need something to link all those virtual servers

  • alert
  • submit to reddit

Mobile application security vulnerability report

We're all familiar with the concept of a virtual server. However, when planning and implementing a virtualisation project, it's not just the servers that can be and should be virtualised – it's the network too.

Among the first differences that you'll notice when setting up a virtual machine (VM) is the network setup. Naturally, it's not possible physically to plug a VM into the network, but the OS expects to be connected. The answer is a virtual Ethernet adapter which allows an OS inside the VM to operate as if it were physically connected.

Both Microsoft's Hyper-V and VMware's ESX – the virtualisation market leaders – provide virtual networking services in the form not just one or more virtual NICs but virtual switches too. This means that the hypervisor handles all layer 2 accesses to the network, and provides support for standard networking protocols and services such as VLANs. Both hypervisors allow you for example to build virtual networks both inside individual hosts and across hosts, allowing VMs to communicate as if they were physically connected, and to provide a connection internally between the guest machine and its host.

Virtual networking can also help reduce network management overheads

Virtual switches provide the same services as their physical analogues, so you'll find MAC port forwarding tables, the ability to create VLANs, and ESX for example also makes available a SPAN or mirror port to allow network sniffing for diagnostic purposes. The connection is made in the host's RAM so it's virtually instantaneous and free from the kinds of problems that hardware can throw up.

And because you only need one virtual switch per host machine – the host can add as many ports as the network configuration needs – one of the first changes you'll notice once you start consolidating servers is that the number of network ports required drops. If the host supports a large number of VMs and/or they're particularly I/O-intensive, then it may need several physical NICs, but this number should still be smaller than the number of VMs; if not, then one or more of the VMs may benefit from being re-constituted as a physical server. It's always advisable of course to use at least two physical NICs per host anyway, for redundancy and load balancing purposes.

Virtual networking can also help reduce network management overheads, as the virtual switch will incorporate a DHCP server that can deliver IP addresses appropriate to the VM's location and/or subnet, which is a consideration if the implementation of some form of datacentre orchestration is likely.

Ideally too, a virtual switch should be able to apply network policies no matter where in the datacentre the VM resides, such as VLANs and security policies. For example, Cisco's Nexus 1000V virtual switch does this by integrating into VMware's ESX kernel, displacing VMware's virtual switching system to provide services such as security, policy enforcement, automated provisioning and diagnostics. This allows the management of virtual machines as they migrate across physical servers during routine hardware maintenance or while balancing server workloads.

In an ideal world, the datacentre's network hardware infrastructure should be required to change as little as possible on the introduction of virtualisation, apart perhaps from an increased emphasis on the reliability aspects, given the number of servers dependent on each host although clearly some change will be needed. But at the higher layers, the key is to automate as much as possible, aiming for the holy grail of the datacentre as a unified computing fabric. ®

Boost IT visibility and business value

More from The Register

next story
Report: American tech firms charge Britons a thumping nationality tax
Without representation, too. Time for a Boston (Lincs) Macbook Party?
iPad? More like iFAD: We reveal why Apple ran off to IBM
But never fear fanbois, you're still lapping up iPhones, Macs
Apple gets patent for WRIST-PUTER: iTime for a smartwatch
It does everything a smartwatch should do ... but Apple owns it
Apple orders huge MOUNTAIN of 80 MILLION 'Air' iPhone 6s
Bigger, harder trouser bulges foretold for fanbois
Child diagnosed as allergic to iPad
Apple's fondleslab is the tablet dermatitis sufferers won't want to take
Microsoft takes on Chromebook with low-cost Windows laptops
Redmond's chief salesman: We're taking 'hard' decisions
For Lenovo US, 8-inch Windows tablets are DEAD – long live 8-inch Windows tablets
Reports it's killing off smaller slabs are greatly exaggerated
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.