Posted by Steve Herrod
Chief Technology Officer
VMworld 2011 is well-underway with more than 19,000 attendees gathered in Las Vegas to learn about, celebrate, and drive the future of both virtualization and cloud computing. The amount of news has been staggering, but I want to take more time to focus on one particularly important announcement in this blog; a new vision and approach for networking in the cloud era.
Cloud computing holds the promise of accessing shared resources in a secure, scalable, and self-service manner, and these core tenets place huge demands on today’s physical network infrastructure. While compute and storage are virtualized, network is still a physical impediment to full workload mobility and can inhibit multi-tenancy and scalability goals. Even with VLAN technologies, the network continues to restrict workloads to the underlying physical network and to non-scalable, hard-to-automate constructs.
Have we seen this before?
I like to think about this problem as similar to one we’ve previously seen in the telephony industry. One of the fundamental challenges with today’s networking is that we use an IP address for two unrelated purposes, as an identity AND as a location. Tying these together restricts a (virtual) machine from moving around as easily as we would like. We had the same challenge with telephony before wireless came of age… our phone number rang for us at a specific destination rather than following us wherever we went!
Just as our mobile phone numbers allow us to take calls virtually anywhere, separation of a machine’s network ID from its physical location enables more mobility and efficiency for applications. And this is exactly what we’re after in the cloud… a model that enables the efficient and fluid movement of virtual resources across shared cloud infrastructures both within and across datacenters. This improved mobility will ultimately enable better approaches to load balancing, disaster recovery, power-usage optimization, datacenter provisioning and migration, and other challenges approaching us in the cloud era.
VMware has collaborated with Cisco and other industry leaders to develop an innovative solution to these challenges called “VXLAN” (Virtual eXtensible LAN). VXLAN enables multi-tenant networks at scale, and it is the first step towards logical, software-based networks that can be created on-demand, enabling enterprises to leverage capacity wherever it’s available. How does it work?
Using “MAC-in-UDP” encapsulation, VXLAN provides a Layer 2 abstraction to virtual machines (VMs), independent of where they are located. It completely untethers the VMs from physical networks by allowing VMs to communicate with each other using a transparent overlay scheme over physical networks that could span Layer 3 boundaries. Since VMs are completely unaware of the physical networks constraints and only see the virtual layer 2-adjacency, the fundamental properties of virtualization such as mobility and portability are extended across traditional network boundaries. Furthermore, logical networks can be easily separated from one another, simplifying the implementation of true multi-tenancy.
And VXLAN enables better programmability by providing a single interface to authoritatively program the logical network. Operationally, it will provide the needed control and visibility to the network admin while allowing the flexibility of elastic compute for the cloud admin.
And VXLAN can be implemented to be very efficient and resource savvy. We take advantage of efficient multicast protocols for the VM’s broadcast and multicast needs. We leverage Equal-Cost Multi-path (ECMP) in the core networks for efficient load sharing. And within the virtualized environment we leverage vSphere’s DVS, vSwitch, and network IO controls to ensure the VMs get the bandwidth and security that they require. Cisco will certainly leverage the N1000V switch as one key place for VXLAN implementation, and other partners will soon announce their approach as well.
VMware has collaborated closely with Cisco and industry leaders including Arista, Broadcom, Brocade, Emulex, and Intel in making this an industry-wide effort and to ensure a seamless experience across virtual and physical infrastructure. As part of this effort, we have published an informational IETF draft (see http://www.ietf.org/id/draft-mahalingam-dutt-dcops-vxlan-00.txt) to detail the use case and the technology. To achieve its full potential, VXLAN must be adopted across the industry, and we’re committed to helping this happen in an open and standards-compliant way.
VXLAN is the flagship in a growing set of capabilities that deliver a new model of networking for the cloud. For some additional context, be sure to check out Allwyn’s blog on logical networks from May. It addresses the physical limitations associated with today’s networking infrastructures in an evolutionary way, and offers a model that enables the efficient and fluid movement of virtual resources across cloud infrastructures. And what’s more, it does so in an evolutionary way that leverages today’s network infrastructure investments. Stay tuned for even more updates on this exciting new development!