Ch3 Net Virt
Ch3 Net Virt
Virtualization Techniques
Chapter 3:
Network Virtualization
1
Chapter Content
2
Introduction to network
virtualization
3
Definitions
Virtual Networks:
▪ A virtual network (VN) is a collection of virtual nodes and virtual links. Essentially, a virtual network is
a subset of the underlying physical network resources.
4
Definitions (..)
Network virtualization:
▪ Network virtualization is defined by the decoupling of the roles of the traditional Internet
Service Providers (ISPs) into two independent entities :
▪ Infrastructure providers: manage the physical infrastructure,
▪ Service providers: create virtual networks by aggregating resources from multiple infrastructure
providers and offer end-to-end services.
▪ The NV creates multiple logical virtual networks having separate control and data plane.
5
Need for network virtualization
7
Need for NV (..)
2. Abstract the Topology
▪ Partial deployment
▪ Tunnel through components you don’t control
▪ Simplicity
▪ Hide inessential details, churn, migration, …
▪ Privacy
▪ Hide internal details of the network
▪ Scalability
▪ Present a smaller topology and fewer events
▪ Experimentation
▪ Try topologies that don’t really exist
8
Architecture
Business Model:
9
Architecture (..)
10
Benefits of NV
▪ Rapid innovation: network services now delivered at software speeds
▪ New forms of network control: API to NV controller allows creation and management of virtual
networks under software control
▪ Simplified operations: network state managed like a VM – provision centrally in SW, snapshot,
rollback, etc.
11
NV Design Goals
▪ In order to materialize network virtualization, each of these design criteria should be fulfilled.
▪ Flexibility
▪ Manageability
▪ Scalability
▪ Isolation
▪ Stability and convergence
▪ Programmability
▪ Heterogeneity
▪ Legacy support
12
NV types
▪ Four main types of VNEs:
▪ Overlay Networks
13
VLAN & VPN
14
VLANs
▪ A virtual local area network (VLAN) is a group of logically networked hosts with a single
broadcast domain regardless of their physical connectivity.
▪ VLANs provide elevated levels of isolation. So multiple partition can be created, allowing for
multiple VLANs to co-exist
15
VLAN as Network virtualization example
▪ Multiple VLANs can be created by logically by a layer 2 segmentation
▪ Each user can only communicate with other users within the same VLAN
Isolation
16
VPN Definition
▪ A VPN is an assembly of private networks connected to each other but are isolated from
public networks (e.g., the Internet).
17
Types of VPN
▪ There are two basic VPN types:
▪ Allows a user to connect to a private network and access its services and resources
remotely.
▪ Multiple VPNs can be created on the top of one or more network infrastructure
(or Internet)
Isolation
19
Overlay Networks
20
What is overlay network ?
▪ An overlay network is a logical network built on top of one or more existing physical networks.
▪ Nodes in the overlay are connected by virtual or logical links, each of which corresponds to a path,
or many physical links, in the underlying network.
21
VXLAN definition
▪ One of the proposed protocols is the Virtual eXtensible LAN (VxLAN) proposed in RFC 7348. It
encapsulates Ethernet frames in a UDP datagram.
▪ Originally, this solution has been proposed to facilitate the interconnection of cloud servers that are
based on virtualization.
▪ Each VM on a physical machine is identified by a 24-bit VxLAN network identifier, named VNI.
▪ The hypervisor of each server manages the encapsulation and de-encapsulation of the frames
contained in the VxLANs (VTEP: VxLAN Tunnel EndPoint).
22
VXLAN Architecture
23
VXLAN Encapsulation
24
VXLAN Scenario
25
VXLAN Benefits
▪ High scalability:
▪ From 4096 VLAN ID (12 bits) to 16Millions VNID (VXLAN Network Identifier).
26
Active & Programmable
networks
27
Promise
28
What is programmable networks ?
▪ Programmable networks research was motivated by the need to create, deploy, and
manage novel services on the fly in response to user demands.
▪ Maybe not directly, but programmability can ensure the coexistence of multiple
networks.
29
Approaches
▪ Two approaches are proposed to implement the concept
▪ Approach 1 :
▪ Make a clear distinction between transport, control, and management planes that
constitute programmable networks and emphasizes on QoS guarantees.
▪ Approach 2 :
▪ This architecture decouples the network control and forwarding functions enabling the network
control to become directly programmable and the underlying infrastructure to be abstracted for
applications and network services.
▪ In an SDN scenario, the rules governing the handling of packets reach the switch from a controller,
an application that runs on a server. The switch then queries the controller for rules about packet
management.
32
SDN architecture
33
SDN layers
▪ Infrastructure layer: it is the foundation layer consists of both physical and virtual
network devices such as switches and routers. All the network devices will implement
OpenFlow protocol to implement traffic forwarding rules.
▪ Control layer: This layer consists of a centralized control plane that is decoupled from
the physical infrastructure to provide centralized global view to entire network. The layer
will use OpenFlow protocol to communicate with below layer i.e. infrastructure layer.
▪ Application layer: it consists of network services, application and orchestration tools that
are used to interact with control layer. It provide an open interface to communicate with
other layers in the architecture.
34
OpenFlow Protocol
▪ OpenFlow introduced by the McKeown group at Stanford University
(2008)
▪ OpenFlow Switch
▪ Receives commands (flow entries,
queries) from the OpenFlow controller
in order to populate entries in the
flow-table
▪ Holds the flow-table in volatile memory 36
NFV
37
NFV – Network Function Virtualization
▪ NFV (Network Function Virtualization) is an approach consisting of performing certain network
functions, traditionally done on dedicated hardware, on x86 servers.
▪ Completely implemented, NFV reduces the amount of proprietary hardware needed to launch
and operate network services.
▪ Its purpose is to separate the network functions from dedicated hardware devices - such as
routers, firewalls, and load balancers - to host the services they provide on virtual machines
(VMs, Virtual Machines).
38
What network function to virtualize ?
39
NFV vs Traditional Networks
40
Why we need NFV ?
▪ Virtualization: Use network resource without
▪ worrying about where it is physically located,
▪ how much it is, how it is organized, etc.
▪ Orchestration: Manage thousands of devices
▪ Programmable: Should be able to change behavior on the fly.
▪ Dynamic Scaling: Should be able to change size, quantity
▪ Automation
▪ Visibility: Monitor resources, connectivity
▪ Performance: Optimize network device utilization
▪ Multi-tenancy
▪ Service Integration
▪ Openness: Full choice of Modular plug-ins 41
Global architecture
42
Global architecture (NFVI, VNF, Mano)
43
WS : Network Virtualization
Building and configuring a simple SDN architecture using Mininet
46