Feeds

VMware, Cisco stretch virtual LANs across the heavens

VXLAN virtualizes Layer 3 networks

Designing a Defense for Mobile Applications

VMworld 2011 VMware and Cisco have teamed up with a quartet of fellow industry heavyweights to attack a vexing virtual-network configuration problem by proposing a solution that takes its inspiration from – of all places – cell phones.

VMware has long since figured out how to teleport virtual machines around a network of servers using its vMotion live migration, and the company now includes vMotion for Storage with its new vSphere 5.0 hypervisor stack, allowing for data to be moved closer to virtual machines as they flit around. But the network itself remains rigid and often requires manual reconfiguration, which defeats the purpose of having a cloud manage itself.

VMware was out there on the forefront of virtual switching with the inclusion of its own virtual switch in earlier implementations of the vSphere stack. Networking giant Cisco Systems created its own Nexus 1000V virtual switch for network admins who want to work with the same Cisco IOS switch operating system and related management tools.

But these virtual switches only work within the confines of a single rack or blade server chassis, not across the entire data center network. Xsigo Systems has come up with its own way around the virtual LAN reconfiguration problem, and some other switch makers have made their switches VM-aware to minimize the amount of tweaking network admins need to do as VMs migrate.

But proprietary solutions can lead to madness, so VMware and Cisco want everyone to cope with the VLAN reconfiguration problem in a standardized way. That's why they've hooked up with Arista Networks, Emulex, Broadcom, and Intel to propose that we all adopt something they're calling Virtual Extensible LAN, or VXLAN for short.

VMware VXLAN

VXLAN: Calling all VMs

During his VXLAN tech preview at VMworld in Las Vegas, VMware CTO Steve Herrod said that the technology borrows a metaphor from telephone networks.

In the old days, he said, before cell phones came along, your phone number wasn't just something that identified you, it was also something that identified where you were. And the problem with an IP address on a local area network is that it has also been used to code both identity and location on the network.

What we need to do, Herrod said, and what VMware and Cisco are proposing to do with VXLAN, is to break the linkage between location and identity with IP numbers, just like cell phone networks do with our phone number.

"This is one of the largest steps in the virtualization journey we started on years ago," Herrod said in his keynote, adding that VXLAN works by encapsulating Layer 2 packets in the Layer 3 part of the IP network. The upshot, he said, was that vMotion would work without having to manually reassign IP addresses if a VM was assigned a location on the server network out of reach of its original virtual switch.

In a blog post, Herrod wrote that the VXLAN approach will encapsulate MAC addresses inside of UDP, providing an abstracted Layer 2 network for the VMs to link to. In essence, VXLAN turns Layer 3 networks into a kind of hypervisor for Layer 2 networks, "allowing VMs to communicate with each other using a transparent overlay scheme over physical networks that could span Layer 3 boundaries," he wrote.

And because this is a virtualized Layer 3 network, you can separate out Layer 2 networks and do so programmatically and on the fly - just like virtual servers are spun up and down atop a server virtualization hypervisor today.

One of the problems is that networks top out at 4,094 VLANs, and a compute cloud with thousands of servers and tens of thousands of VMs will easily smack up against this ceiling. Virtual server clouds want a Layer 2 network to span the entire data center, or even perhaps span multiple data centers or out to public clouds, allowing a VM to easily move across network boundaries.

VMware will be adding VXLAN technologies to its Distributed Virtual Switch at the heart of the vSphere stack, as well as in its vSwitch virtual switch and network I/O controls inside of the hypervisor. Herrod wrote that Cisco plans to implement VXLAN with its Nexus 1000V virtual switch as well, and that "other partners will soon announce their approach".

To help get other networking providers on board with VXLAN, VMware and Cisco have put out a draft specification with the Internet Engineering Task Force to get the standards process rolling. "To achieve its full potential, VXLAN must be adopted across the industry, and we’re committed to helping this happen in an open and standards-compliant way," Herrod wrote.

According to the IETF spec, the Layer 2 overlay for Layer 3 networks does so in segments that are given a 24-bit segment identification called the VXLAN Network Identifier, or VNI. This 24-bit ID allows up to 16 million VXLAN segments to coexist on the same network administration domain. The beauty of this scheme is that the VM is totally unaware that it is not just talking using the same MAC addresses and Layer 2 networks it has in the past. ®

The Power of One eBook: Top reasons to choose HP BladeSystem

More from The Register

next story
Apple fanbois SCREAM as update BRICKS their Macbook Airs
Ragegasm spills over as firmware upgrade kills machines
Attack of the clones: Oracle's latest Red Hat Linux lookalike arrives
Oracle's Linux boss says Larry's Linux isn't just for Oracle apps anymore
THUD! WD plonks down SIX TERABYTE 'consumer NAS' fatboy
Now that's a LOT of porn or pirated movies. Or, you know, other consumer stuff
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
FLAPE – the next BIG THING in storage
Find cold data with flash, transmit it from tape
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.