Feeds

Mellanox adds VM-flitting to ConnectX-3 server adapters

Going Pro with VXLAN and NVGRE to stretch across Layer 3 nets

Internet Security Threat Report 2014

Switch and adapter maker Mellanox Technologies added support for virtual LAN overlays to its Ethernet switches late last year and now it is building in support for the two primary overlays into its ConnectX-3 server adapters to match.

Virtual LAN overlays make Layer 3 routing between networks invisible to those networks and look like one, big, flat virtual network as far as virtual machines are concerned. This overlay allows for a virtual machine running on one server on one LAN to be live migrated across Layer 3 links to another server running on another LAN without screwing up or having to reset the network settings for that virtual machine.

Mellanox added support for virtual LAN overlays into its MLNX-OS switch operating system to allow routing over Layer 3 in the network back in November 2012. This Layer 3 overlay was enabled in any switch using the SwitchX or SwitchX-2 ASICs from Mellanox that was configured to support 10Gb/sec or 40Gb/sec Ethernet. Mellanox wove the VXLAN approach to virtual LAN overlays from VMware into its switch operating system, and also added the competing NVGRE approach from Microsoft to MLNX-OS.

You need virtual LAN overlays on a cloud for a simple reason. Virtual LANs top out at 4,096 in a single domain, and if you are building a cloud, you need a virtual LAN for every customer and their applications. In very large multitenant clouds, you quickly run out of virtual LANs.

The ConnectX-3 Pro server adapter from Mellanox

The ConnectX-3 Pro server adapter from Mellanox

More importantly, perhaps, when a virtual machine tries to jump from one network to another, it actually cuts itself off from the network, which is a perfect way to make a VM useless but also perfectly safe. The virtual LAN overlays create a tunnel that decouples a VM's location in a cluster from its address on the network.

This is all good, but at the moment, network adapter cards for servers also do a lot of different functions, such as TCP segmentation or TCP checksum offload, to speed up the network, but this functionality is all unavailable to the network once you use VXLAN or NVGRE.

Well, until now that is. The new ConnectX-3 Pro cards use a new chip etched by Mellanox that includes an interconnect offload engine so you can do virtual LAN overlays in hardware on the server adapter instead of imposing overhead on the server itself, and do so without sacrificing those other offload functions that are in the adapter.

Both VXLAN and NVGRE offload is supported on the new Pro adapter cards, matching what is available on the Ethernet switches from Mellanox that were tweaked last year to support virtual LAN overlays.

How the virtual LAN overlay plays out on servers and switches

How the virtual LAN overlay plays out on servers and switches

The ConnectX-3 Pro cards plug into PCI-Express 3.0 slots and come in single-port and dual-port variants supporting InfiniBand running at up to 56Gb/sec and Ethernet running at 40Gb/sec.

Specifically, there will be variants of the Pro cards that have one or two 10Gb/sec Ethernet ports, one or two 40Gb/sec ports, or one or two hybrid ports that can speak either 56Gb/sec InfiniBand or 40Gb/sec Ethernet. The server adapter cards also support Remote Direct Memory Access over Converged Ethernet, or RoCE, which provides low latency on Layer 2 networks that rivals InfiniBand.

Like existing cards, the Pro cards support Windows, Linux, and FreeBSD operating systems and VMware ESXi and Citrix Systems XenServer hypervisors. (Presumably Hyper-V support is on the way.)

Mellanox is sampling the new cards now and will ship them in May. Pricing will be announced at that time. ®

Internet Security Threat Report 2014

More from The Register

next story
Docker's app containers are coming to Windows Server, says Microsoft
MS chases app deployment speeds already enjoyed by Linux devs
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
'Urika': Cray unveils new 1,500-core big data crunching monster
6TB of DRAM, 38TB of SSD flash and 120TB of disk storage
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
SDI wars: WTF is software defined infrastructure?
This time we play for ALL the marbles
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
Oracle hires former SAP exec for cloudy push
'We know Larry said cloud was gibberish, and insane, and idiotic, but...'
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.