Feeds

VMware, Cisco stretch virtual LANs across the heavens

VXLAN virtualizes Layer 3 networks

Combat fraud and increase customer satisfaction

VMworld 2011 VMware and Cisco have teamed up with a quartet of fellow industry heavyweights to attack a vexing virtual-network configuration problem by proposing a solution that takes its inspiration from – of all places – cell phones.

VMware has long since figured out how to teleport virtual machines around a network of servers using its vMotion live migration, and the company now includes vMotion for Storage with its new vSphere 5.0 hypervisor stack, allowing for data to be moved closer to virtual machines as they flit around. But the network itself remains rigid and often requires manual reconfiguration, which defeats the purpose of having a cloud manage itself.

VMware was out there on the forefront of virtual switching with the inclusion of its own virtual switch in earlier implementations of the vSphere stack. Networking giant Cisco Systems created its own Nexus 1000V virtual switch for network admins who want to work with the same Cisco IOS switch operating system and related management tools.

But these virtual switches only work within the confines of a single rack or blade server chassis, not across the entire data center network. Xsigo Systems has come up with its own way around the virtual LAN reconfiguration problem, and some other switch makers have made their switches VM-aware to minimize the amount of tweaking network admins need to do as VMs migrate.

But proprietary solutions can lead to madness, so VMware and Cisco want everyone to cope with the VLAN reconfiguration problem in a standardized way. That's why they've hooked up with Arista Networks, Emulex, Broadcom, and Intel to propose that we all adopt something they're calling Virtual Extensible LAN, or VXLAN for short.

VMware VXLAN

VXLAN: Calling all VMs

During his VXLAN tech preview at VMworld in Las Vegas, VMware CTO Steve Herrod said that the technology borrows a metaphor from telephone networks.

In the old days, he said, before cell phones came along, your phone number wasn't just something that identified you, it was also something that identified where you were. And the problem with an IP address on a local area network is that it has also been used to code both identity and location on the network.

What we need to do, Herrod said, and what VMware and Cisco are proposing to do with VXLAN, is to break the linkage between location and identity with IP numbers, just like cell phone networks do with our phone number.

"This is one of the largest steps in the virtualization journey we started on years ago," Herrod said in his keynote, adding that VXLAN works by encapsulating Layer 2 packets in the Layer 3 part of the IP network. The upshot, he said, was that vMotion would work without having to manually reassign IP addresses if a VM was assigned a location on the server network out of reach of its original virtual switch.

In a blog post, Herrod wrote that the VXLAN approach will encapsulate MAC addresses inside of UDP, providing an abstracted Layer 2 network for the VMs to link to. In essence, VXLAN turns Layer 3 networks into a kind of hypervisor for Layer 2 networks, "allowing VMs to communicate with each other using a transparent overlay scheme over physical networks that could span Layer 3 boundaries," he wrote.

And because this is a virtualized Layer 3 network, you can separate out Layer 2 networks and do so programmatically and on the fly - just like virtual servers are spun up and down atop a server virtualization hypervisor today.

One of the problems is that networks top out at 4,094 VLANs, and a compute cloud with thousands of servers and tens of thousands of VMs will easily smack up against this ceiling. Virtual server clouds want a Layer 2 network to span the entire data center, or even perhaps span multiple data centers or out to public clouds, allowing a VM to easily move across network boundaries.

VMware will be adding VXLAN technologies to its Distributed Virtual Switch at the heart of the vSphere stack, as well as in its vSwitch virtual switch and network I/O controls inside of the hypervisor. Herrod wrote that Cisco plans to implement VXLAN with its Nexus 1000V virtual switch as well, and that "other partners will soon announce their approach".

To help get other networking providers on board with VXLAN, VMware and Cisco have put out a draft specification with the Internet Engineering Task Force to get the standards process rolling. "To achieve its full potential, VXLAN must be adopted across the industry, and we’re committed to helping this happen in an open and standards-compliant way," Herrod wrote.

According to the IETF spec, the Layer 2 overlay for Layer 3 networks does so in segments that are given a 24-bit segment identification called the VXLAN Network Identifier, or VNI. This 24-bit ID allows up to 16 million VXLAN segments to coexist on the same network administration domain. The beauty of this scheme is that the VM is totally unaware that it is not just talking using the same MAC addresses and Layer 2 networks it has in the past. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
BOFH: Oh DO tell us what you think. *CLICK*
$%%&amp Oh dear, we've been cut *CLICK* Well hello *CLICK* You're breaking up...
AMD's 'Seattle' 64-bit ARM server chips now sampling, set to launch in late 2014
But they won't appear in SeaMicro Fabric Compute Systems anytime soon
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
Cisco reps flog Whiptail's Invicta arrays against EMC and Pure
Storage reseller report reveals who's selling what
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.