DOCSLIB.ORG

Network Virtualization Concepts

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Network Virtualization Concepts Network Virtualization Concepts From NDG In partnership with VMware IT Academy www.vmware.com/go/academy Why learn virtualization? • Modern computing is more efficient due to virtualization • Virtualization can be used for mobile, personal and cloud computing • You can also use virtualization in your personal life © Network Development Group reserved for use with NDG.tech/vmware content This content will cover • NSX capabilities and benefits • the major VMware NSX® components in the data, management, and control planes and their interactions • relevant NSX features to use cases • NSX network virtualization components and services • how network virtualization is utilized in an SDDC environment © Network Development Group reserved for use with NDG.tech/vmware content Network Virtualization Benefits • Efficient cloud deployments are only limited by legacy non-virtual network infrastructures • Virtual networks enable the benefits of a cloud deployment to be utilized across an organization's infrastructure • Virtualized networks provide speed, mobility, and security • Isolated networks prevent threats from spreading © Network Development Group reserved for use with NDG.tech/vmware content What is Network Virtualization? Network Hypervisor • Physical network resources are recreated (virtualized) in software • Routers, switches, and load balancers become virtual devices in the hypervisor layer • The pool of devices can be used as needed, on demand • The entire network can now be run on software © Network Development Group reserved for use with NDG.tech/vmware content Overlay Networking • Virtual networks on top of physical networks • End points connected to physical ports are assigned a VNID and connected together via virtual links. • Virtual links are the software equivalent to physical links © Network Development Group reserved for use with NDG.tech/vmware content Flexibility • Virtual networks can be as small as two devices or as large as multiple sites of major enterprise networks. • Flexible enough to use with any cloud or cluster • VMware’s NSX for vSphere runs independently of the host’s operating system • NSX-T Data Center runs within the host’s operating system © Network Development Group reserved for use with NDG.tech/vmware content Virtual Networks vs VLANs • A virtual network is not the same thing as a VLAN • VLANS provide layer 2 organization by assigning physical switchports to a specific purpose or group • Only 4096 VLANs can be created on a layer 2 network; not a lot for a large enterprise. • Configuration of VLANs can be time consuming © Network Development Group reserved for use with NDG.tech/vmware content Virtual Networks vs VLANs • Network virtualization provide network services beyond data transfer • Networks can be recreated in seconds • Snapshots can be created to save and restore an exact state of a network • Every network and security service is virtualized © Network Development Group reserved for use with NDG.tech/vmware content What is Software-Defined Networking Software-Defined Network • Network virtualization and Software-Defined Networking (SDN) both seek to provide greater network agility • Both use software to recreate network components • Both separate the control plane from the data plane • Both use a controller to help centralize management • Both provide increased agility to allow great speed and precision in administration © Network Development Group reserved for use with NDG.tech/vmware content Software-Defined Network • SDN is more broadly-defined • SDN uses software to control switches and routers • The network is not fully virtualized • Hardware still plays a role in SDN © Network Development Group reserved for use with NDG.tech/vmware content Virtual Networks in Physical Networks Virtual Networks in Physical Networks • Virtual networks dramatically increase the scope of physical networks • Virtual networks can run in isolation along side or on top of identical physical networks • Each network is unaffected by the events on another network © Network Development Group reserved for use with NDG.tech/vmware content Bridging Between Virtualized Networks and Traditional VLANs Overlay Encapsulation Methodologies • Two most widely used methodologies of overlay networking: Virtual Extensible Local Area Network (VXLAN) Generic Network Virtualization Encapsulation • VXLAN is vendor neutral and defined by RFC 7348 • GENEVE was jointly developed by by Microsoft, Red Hat, and VMware and is currently going through the IETF process to become an RFC so it is equally vendor neutral • It is important to note the VMware NSX-V utilizes VXLAN and VMware NSX-T uses GENEVE. © Network Development Group reserved for use with NDG.tech/vmware content VXLAN Operation • VXLAN works on hardware, software, or both • 16,777,215 VXLANs are possible compared to 4096 in a traditional VLAN • Creating a virtual network on top of a physical network is called overlay networking • A VXLAN ID is called a VXLAN Network Identifier (VNI). Each VNI is a separate virtual network that runs in the overlay network which are also known as bridge domains • VXLAN Tunnel Endpoints (VTEPs) connect the physical network to the overlay network © Network Development Group reserved for use with NDG.tech/vmware content GENEVE • GENEVE is almost identically to VXLAN • It is more flexible because it offers control plane independence between tunnel endpoints • GENEVE does not have VTEPs (VXLAN tunnel endpoints), just tunnel endpoints (TEPs) © Network Development Group reserved for use with NDG.tech/vmware content The Software Defined Data-Center Data Centers • Data centers have traditionally been ‘hardware-centric’ - focused and reliant on physical equipment • This has not only been financially expensive but has also come at the cost of flexibility and agility in a rapidly-changing business landscape • All major services in a data center can be virtualized © Network Development Group reserved for use with NDG.tech/vmware content Software-Defined Data Centers • Software-Defined Data Center (SDDC) extends virtualization beyond compute (i.e. servers) to network and storage as well • Expensive vendor-specific hardware is replaced with affordable off-the-shelf, industry-standard hardware • In the software-defined data center, the hypervisor is the controller © Network Development Group reserved for use with NDG.tech/vmware content Physical Data Centers Physical Date Centers • Data center infrastructure consists of three main components: compute systems (a server or host), storage devices, and networks • In a physical data center this will all be hardware • It was estimated in 2016 that Google had 2.5 million servers • Physical data centers are inflexible, slow, and expensive © Network Development Group reserved for use with NDG.tech/vmware content Virtualized Data Centers Software Defined Data Centers • Software-defined data centers solve the problems of cost, complexity, inefficiency, and inflexibility • SDDC affords the ability to gather physical resources into logical pools, which can then be allocated to individual VMs or containers • VMware NSX bridges the gap between physical networks and applications, reduces hardware complexity and costs, improves application availability (uptime) and speeds up system recovery. © Network Development Group reserved for use with NDG.tech/vmware content VMware’s SDDC Approach SDDC as a Service • SDDC technology means more of an organization’s infrastructure can be used more of the time, in turn making their staff more productive, and greatly reducing spending on physical equipment and on operating costs • SDDC enables the deployment of applications in minutes or even seconds with policy-driven provisioning that matches resources to continually-changing workloads and business demands. • SDDC makes possible the right availability, security, and compliance for every application. • SDDC supports private, public and hybrid clouds. © Network Development Group reserved for use with NDG.tech/vmware content Data Center Building Blocks Building Blocks • Key components that a large-scale data center will include are applications, servers, storage, networking infrastructure, management, and automation © Network Development Group reserved for use with NDG.tech/vmware content Virtualized Data Center Expectations • Be software-defined • Have built-in security • Be very easy to adjust in size – either scaling out/in by adding/removing devices, or by scaling up/down by adding/removing • support the latest developments in application technology • support infrastructure as a code - i.e. support the writing of code that takes care of configuration and automates provisioning. © Network Development Group reserved for use with NDG.tech/vmware content Network Virtualization Services The OSI Model © Network Development Group reserved for use with NDG.tech/vmware content Virtual Networking Bridged Networking • A network type where both a virtual machine and the host that it is running on are connected to the same network • With bridged networking, the virtual network adapter (vNIC) for the virtual machine connects to a physical NIC on the physical host system • The host network adapter enables the VM to connect to the Local Area Network (LAN) that the host system uses © Network Development Group reserved for use with NDG.tech/vmware content NAT • Network Address Translation (NAT) takes an IP address and translates it into another IP address • NAT works by translating addresses of virtual machines in a private network called a VMnet to that of the host machine •
Load more

Recommended publications
  • Evaluating and Optimizing I/O Virtualization in Kernel-Based Virtual Machine (KVM)
    Evaluating and Optimizing I/O Virtualization in Kernel-based Virtual Machine (KVM) Binbin Zhang1, Xiaolin Wang1, Rongfeng Lai1, Liang Yang1, Zhenlin Wang2, Yingwei Luo1, and Xiaoming Li1 1 Dept. of Computer Science and Technology, Peking University, Beijing, China, 100871 2 Dept. of Computer Science, Michigan Technological University, Houghton, USA {wxl,lyw}@pku.edu.cn, [email protected] Abstract. I/O virtualization performance is an important problem in KVM. In this paper, we evaluate KVM I/O performance and propose several optimiza- tions for improvement. First, we reduce VM Exits by merging successive I/O instructions and decreasing the frequency of timer interrupt. Second, we simplify the Guest OS by removing redundant operations when the guest OS operates in a virtual environment. We eliminate the operations that are useless in the virtual environment and bypass the I/O scheduling in the Guest OS whose results will be rescheduled in the Host OS. We also change NIC driver’s con- figuration in Guest OS to adapt the virtual environment for better performance. Keywords: Virtualization, KVM, I/O Virtualization, Optimization. 1 Introduction Software emulation is used as the key technique in I/O device virtualization in Ker- nel-based Virtual Machine (KVM). KVM uses a kernel module to intercept I/O re- quests from a Guest OS, and passes them to QEMU, an emulator running on the user space of Host OS. QEMU translates these requests into system calls to the Host OS, which will access the physical devices via device drivers. This implementation of VMM is simple, but the performance is usually not satisfactory because multiple environments are involved in each I/O operation that results in multiple context switches and long scheduling latency.
    [Show full text]
  • Virtualizing Your Network: Benefits & Challenges
    Network Monitoring Technology Virtualizing Your Network: Benefits & Challenges What is Virtualization? factory or process plant. Virtualization can give this software Gartner Research1 defined network virtualization as the a longer operating lifecycle time, and can save both costs process of combining hardware and software network and intellectual property. resources and functionality into a single virtual network. This offers access to routing features and data streams that can provide newer, service-aware, resilient solutions; newer security services that are native within network elements; support for subscriber-aware policy control for peer-to- peer traffic management; and application-aware, real-time session control for converged voice and video applications with guaranteed bandwidth on-demand. For the most part, when we speak of virtualization, we speak of hardware virtualization. That means that we create, on a host machine, a virtual machine that looks like another computer with an operating system and software. The software on the virtual machine is separate from the host machine’s resources, and as far as it is concerned, it is running on its own computer (that we call the guest). Both in information technology (IT) and in operational technology (OT) environments the benefits of virtualization have led to its rapid adoption. This white paper is not a prescriptive guide to network virtualization, rather it is a high-level overview focused on the benefits and challenges of network virtualization. While it will Desktop virtualization separates the logical desktop from review the benefits, it will also cover the specific challenges the actual hardware. Virtual desktop infrastructure (VDI) network administrators and their respective businesses should permits the user to interact with the computer through understand to cost-effectively apply this technology to gain another host computer or device on a network connection.
    [Show full text]
  • Energy Efficiency in Office Computing Environments
    Fakulät für Informatik und Mathematik Universität Passau, Germany Energy Efficiency in Office Computing Environments Andreas Berl Supervisor: Hermann de Meer A thesis submitted for Doctoral Degree March 2011 1. Reviewer: Prof. Hermann de Meer Professor of Computer Networks and Communications University of Passau Innstr. 43 94032 Passau, Germany Email: [email protected] Web: http://www.net.fim.uni-passau.de 2. Reviewer: Prof. David Hutchison Director of InfoLab21 and Professor of Computing Lancaster University LA1 4WA Lancaster, UK Email: [email protected] Web: http://www.infolab21.lancs.ac.uk Abstract The increasing cost of energy and the worldwide desire to reduce CO2 emissions has raised concern about the energy efficiency of information and communica- tion technology. Whilst research has focused on data centres recently, this thesis identifies office computing environments as significant consumers of energy. Office computing environments offer great potential for energy savings: On one hand, such environments consist of a large number of hosts. On the other hand, these hosts often remain turned on 24 hours per day while being underutilised or even idle. This thesis analyzes the energy consumption within office computing environments and suggests an energy-efficient virtualized office environment. The office environment is virtualized to achieve flexible virtualized office resources that enable an energy-based resource management. This resource management stops idle services and idle hosts from consuming resources within the office and consolidates utilised office services on office hosts. This increases the utilisation of some hosts while other hosts are turned off to save energy. The suggested architecture is based on a decentralized approach that can be applied to all kinds of office computing environments, even if no centralized data centre infrastructure is available.
    [Show full text]
  • Adaptive Distributed Firewall Using Intrusion Detection Lars Strand
    UNIVERSITY OF OSLO Department of Informatics Adaptive distributed firewall using intrusion detection Lars Strand UniK University Graduate Center University of Oslo lars (at) unik no 1. November 2004 ABSTRACT Conventional firewalls rely on a strict outside/inside topology where the gateway(s) enforce some sort of traffic filtering. Some claims that with the evolving connectivity of the Internet, the tradi- tional firewall has been obsolete. High speed links, dynamic topology, end-to-end encryption, threat from internal users are all issues that must be addressed. Steven M. Bellovin was the first to propose a “distributed firewall” that addresses these shortcomings. In this master thesis, the design and implementation of a “distributed firewall” with an intrusion detection mechanism is presented using Python and a scriptable firewall (IPTables, IPFW, netsh). PREFACE This thesis is written as a part of my master degree in Computer Science at the University of Oslo, Department of Informatics. The thesis is written at the Norwegian Defence Research Establishment (FFI). Scripting has been one of my favourite activities since I first learned it. Combined with the art of Computer Security, which I find fascinating and non-exhaustive, it had to be an explosive combina- tion. My problem next was to find someone to supervise me. This is where Professor Hans Petter Langtangen at Simula Research Laboratory and Geir Hallingstad, researcher at FFI, stepped in. Hans Petter Langtangen is a masterful scripting guru and truly deserves the title “Hacker”. Geir Hallingstad is expert in the field of computer/network security and gave valuable input and support when designing this prototype.
    [Show full text]
  • Network Virtualization for Dummies®, Vmware Special Edition Published by John Wiley & Sons, Inc
    These materials are © 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. Network Virtualization VMware Special Edition by Mora Gozani These materials are © 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. Network Virtualization For Dummies®, VMware Special Edition Published by John Wiley & Sons, Inc. 111 River St. Hoboken, NJ 07030‐5774 www.wiley.com Copyright © 2016 by John Wiley & Sons, Inc., Hoboken, New Jersey No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without the prior written permission of the Publisher. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748‐6011, fax (201) 748‐6008, or online at http://www.wiley.com/go/permissions. Trademarks: Wiley, For Dummies, the Dummies Man logo, The Dummies Way, Dummies.com, Making Everything Easier, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the United States and other countries, and may not be used without written permission. VMware, vSphere, and vRealize are registered trademarks and VMware NSX and VMware vRealize Operations, and vRealize Automation are trademarks of VMware, Inc. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc., is not associ- ated with any product or vendor mentioned in this book.
    [Show full text]
  • Read Book Hyper-V Network Virtualization Cookbook Ebook
    HYPER-V NETWORK VIRTUALIZATION COOKBOOK PDF, EPUB, EBOOK Ryan Boud | 228 pages | 02 Dec 2014 | Packt Publishing Limited | 9781782177807 | English | Birmingham, United Kingdom Hyper-V Network Virtualization Cookbook PDF Book In , Slack faced a problem: the load on its backend servers had increased by 1,x. The Best Tech Newsletter Anywhere Join , subscribers and get a daily digest of news, geek trivia, and our feature articles. Case studies How Slack rearchitected its system to achieve zero downtime and improve latency, reliability and availability In , Slack faced a problem: the load on its backend servers had increased by 1,x. For one thing, VPN servers are located all over the world. We still need to add the other hard drives. Each IDE Controller only has two slots available for adding drives. Networking Fundamentals Read how we developed our new breakthrough NLP-powered feature. The Best Tech Newsletter Anywhere Join , subscribers and get a daily digest of news, geek trivia, and our feature articles. Here is how to change what gets switched back on. Now navigate to the exported virtual machine and be sure to select folder that your virtual machine was exported into. Since we launched in , our articles have been read more than 1 billion times. Security and privacy are big concerns these days, particularly when it comes to dealing with sensitive information on the internet. The wizard allows the disk geometry to be changed, which can be handy if a drive has become close to full and a little more breathing room is needed. By submitting your email, you agree to the Terms of Use and Privacy Policy.
    [Show full text]
  • DISTRIBUTED FIREWALL: a WAY of DATA SECURITY in LOCAL AREA NETWORK Satinder1, Vinay2 1Assistant Professor (Extn.), Department of Computer Science, Govt
    International Journal of Advance Research In Science And Engineering http://www.ijarse.com IJARSE, Vol. No.4, Special Issue (01), April 2015 ISSN-2319-8354(E) DISTRIBUTED FIREWALL: A WAY OF DATA SECURITY IN LOCAL AREA NETWORK Satinder1, Vinay2 1Assistant Professor (Extn.), Department of Computer Science, Govt. College For Women, Hisar, Haryana, INDIA 2Computer Programmer, Computer Section, College of Basic Sciences & Humanities, CCS HAU, Hisar, Haryana, INDIA ABSTRACT Today, Computer and Internet network are essential part of our life. A number of personal transaction occur every second and computer network are mostly used only for transmission of information rather than processing. So, network security is essentialfor avert hacking of our confidential or important information. Network security can be attained by firewall. Firewall is a system or a group of system that implement a set of security rules to apply access control between two networks to protect inside network from outside network. In Short, we can say that, Firewall is a set of software programming and hardware device to secure host computer. A firewall is typically placed at the extremity of a system and act as filter for an illegitimate traffic. But, Conventional firewalls trust on the notions of restricted topology restriction and controlled entry points to apply traffic filtering.There are some problems for restricting the network topology i.e. End-to-End encryption problems, filtering of some protocols.Distributed firewallprotect from hackers attacks that originate from both the Internet and the internal network.Italso protect the client'scomputer and network's serversfrom unwanted hackers and intrusion.In this paper, we introduce the concept of distributed firewall.
    [Show full text]
  • Provisioning Service Differentiation for Virtualized Network Devices
    ICNS 2011 : The Seventh International Conference on Networking and Services Provisioning Service Differentiation for Virtualized Network Devices Suk Kyu Lee, Hwangnam Kim, Jun-gyu Ahn, Kwang Jae Sung, and Jinwoo Park School of Electrical Engineering Korea University, Seoul, Republic of Korea Email: {sklee25, hnkim, dubhe, kjsung80, jwpark}@korea.ac.kr Abstract— In order to efficiently utilize the network bandwidth the existing works (that are described in Section II), many of and flexibly enable one or more networks to be combined or the virtualization techniques have been focused on the fairness subdivided into virtual networks, it is essential to virtualize among virtual machines’ CPU and I/O. network devices and then to provide service differentiation for the virtualized network devices. In this paper, we propose a virtualizing method for network devices based on the virtual machine and offers a differentiated scheduling scheme to satisfy QoS requirements that are imposed on virtualized devices. We have built the network virtualization framework combining the Virtual Box, time-slot-based time-sharing scheme, and leaky- bucket controller, and then we have conducted a performance evaluation study with real testbed. The empirical study indicates that the service differentiation for virtualized network devices is successfully supported by the proposed framework. Keywords - Network Virtualization, Scheduling Policy, Virtual Box, Virtual Machine I. INTRODUCTION Figure 1. Comparison of network resource usage between two virtual machines without any scheduling scheme. There has been a large improvement in the field of However, there has not been much research conducting on virtualization in the past decade. As noted by Goldberg [7], how to provide service differentiation for the network the idea of the virtual machine emerged around 1970s, but, resources.
    [Show full text]
  • Virtualization Basics: Understanding Techniques and Fundamentals
    Virtualization Basics: Understanding Techniques and Fundamentals Hyungro Lee School of Informatics and Computing, Indiana University 815 E 10th St. Bloomington, IN 47408 [email protected] ABSTRACT example of growing involvement in virtualization technolo- Virtualization is a fundamental part of cloud computing, gies with the cloud. Early technologies and developments especially in delivering Infrastructure as a Service (IaaS). in the virtualization have been accomplished by some com- Exploring different techniques and architectures of the vir- panies such as IBM from 1967 and VMware from 1998. In tualization helps us understand the basic knowledge of virtu- open source communities, Xen, KVM, Linux-vServer, LXC alization and the server consolidation in the cloud with x86 and others have supported virtualization in different plat- architecture. This paper describes virtualization technolo- forms with different approaches. In this paper, x86 archi- gies, architectures and optimizations regarding the sharing tecture virtualization will be discussed with these historical CPU, memory and I/O devices on x86 virtual machine mon- changes. itor. In cloud computing, Infrastructure-as-a-Service (IaaS) pro- vides on-demand virtual machine instances with virtualiza- Categories and Subject Descriptors tion technologies. IaaS has been broadly used to provide re- C.0 [General]: Hardware/software interface; C.4 [Performance quired compute resources in shared resource environments. of systems]: Performance attributes; D.4.7 [Operating Amazon Web Services (AWS), Google Compute Engine, Mi- Systems]: Organization and design crosoft Windows Azure, and HP Cloud offer commercial cloud services. OpenStack, Eucalyptus, SaltStack, Nimbus, General Terms and many others provide private open source cloud plat- Performance, Design forms with community support in development.
    [Show full text]
  • Data Center Server Virtualization Solution Using Microsoft Hyper-V
    St. Cloud State University theRepository at St. Cloud State Culminating Projects in Information Assurance Department of Information Systems 5-2017 Data Center Server Virtualization Solution Using Microsoft yH per-V Sujitha Dandu St Cloud State University, [email protected] Follow this and additional works at: https://repository.stcloudstate.edu/msia_etds Recommended Citation Dandu, Sujitha, "Data Center Server Virtualization Solution Using Microsoft yH per-V" (2017). Culminating Projects in Information Assurance. 23. https://repository.stcloudstate.edu/msia_etds/23 This Starred Paper is brought to you for free and open access by the Department of Information Systems at theRepository at St. Cloud State. It has been accepted for inclusion in Culminating Projects in Information Assurance by an authorized administrator of theRepository at St. Cloud State. For more information, please contact [email protected]. Datacenter Server Virtualization Solution Using Microsoft Hyper-V by Sujitha Dandu A Starred Paper Submitted to the Graduate Faculty of St. Cloud State University in Partial Fulfillment of the Requirements for the Degree of Master of Information Assurance February, 2017 Starred Paper Committee: Dr. Dennis Guster, Chairperson Dr. Susantha Herath Dr. Balasubramanian Kasi 2 Abstract Cloud Computing has helped businesses scale within minutes and take their services to their customers much faster. Virtualization is considered the core-computing layer of a cloud setup. All the problems a traditional data center environment like space, power, resilience, centralized data management, and rapid deployment of servers as per business need have been solved with the introduction of Hyper-V (a server virtualization solution from Microsoft). Now companies can deploy multiple servers and applications with just a click and they can also centrally manage the data storage.
    [Show full text]
  • Evaluating Xen, Vmware, and Openvz Virtualization Platforms for Network Virtualization
    Evaluating Xen, VMware, and OpenVZ Virtualization Platforms for Network Virtualization Carlo Fragni, Marcelo D. D. Moreira, Diogo M. F. Mattos, Lu´ıs Henrique M. K. Costa, and Otto Carlos M. B. Duarte Universidade Federal do Rio de Janeiro - GTA/PEE/COPPE - Rio de Janeiro, Brazil Abstract—Network virtualization is a technique that allows Native Linux having multiple concurrent isolated networks sharing physi- 1200 Xen cal network resources. This work analyzes the main available VMWare virtualization platforms, Xen, OpenVZ, and VMware, for net- 1000 OpenVZ work virtualization. We compare their virtualization techniques, achieved performance in virtualizing computational resources 800 and appropriateness for usage in a virtual network environment. 600 To achieve our goal, we conduct experiments to evaluate overhead introduced by the virtualization platforms in comparison to a 400 non-virtualized environment. Throughput (in Mb/s) 200 I. OVERVIEW There has been recently great interest in network virtualiza- 0 tion, since it is considered a main component in many propos- Figure 1. Network reception test using large packet size. als for future internet architectures [1]. Network virtualization II. TESTS grants the ability to run concurrent virtual networks using independent network stacks, adding flexibility to the network. Many tests were made to evaluate overhead introduced by In order to implement network virtualization, a virtualization the virtualization tools in comparison to the non virtualized platform must be used. There are three main
    [Show full text]
  • 10 YEARS of OPEN VSWITCH SUCCESS and FAILURE BEN PFAFF WHAT IS OPEN VSWITCH? Controller
    10 YEARS OF OPEN VSWITCH SUCCESS AND FAILURE BEN PFAFF WHAT IS OPEN VSWITCH? controller Open source project HV • Software switch Ethernet OVS VM • Portable • Programmable • Fast OPEN VSWITCH SUCCESS • Used in NSX on KVM, Windows, and public cloud • Widely used in Xen, KVM, OpenStack • Incumbent targeted by new projects • Over 5,000 academic citations LET'S CELEBRATE! • 2018: ACM SIGCOMM SOSR Software Systems Award. • 2015: NSDI "Best Paper" Award for "The Design and Implementation of Open vSwitch". KEYS TO SUCCESS PEOPLE, TECHNOLOGY, AND ENVIRONMENT ENVIRONMENT • Open source virtualization was exploding, but there was no good virtual switch. • Open vSwitch was in the right place at the right time. It filled a gap. • Nicira founders had relevant academic and business connections. • Nicira founders provided a valuable vision. PEOPLE • OVS had the best people: Justin Pettit, Jesse Gross, Ethan Jackson. Martin Casado: "You end up putting basically your best development resources... on the open source side of the house, which from a company is kind of difficult to do, because you basically want that best developer to work on the core product on the inside." (on "a16 Podcast: Monetizing Open Source", April 10, 2017.) • Nicira had PhD-type innovators: • Links to academics. • Willing and able to do library research and recognize where it was valuable. • Able to step back and consider larger problems. • Kind (by and large). TECHNOLOGY • We didn't know what Nicira needed, so we built OVS to do anything. • No one would want NSX-specific agents except NSX customers. • Lots of open source projects are aimed at one company's use case.
    [Show full text]