Virtualized Access Layer. Petr Grygárek

Similar documents
Network Virtualization

Configuring VM-FEX. Information About VM-FEX. VM-FEX Overview. VM-FEX Components. This chapter contains the following sections:

Network Interface Virtualization Proposal. Joe Pelissier new-dcb-pelissier-niv-proposal-1108

UCS C Series Rack Servers VIC Connectivity Options

Networking in Virtual Infrastructure and Future Internet. NCHC Jen-Wei Hu

Using VM-FEX. Information About VM-FEX. VN-Link. Send comments to CHAPTER

Cisco HyperFlex Systems

Fabric Failover Scenarios in the Cisco Unified Computing System

HW virtualizace a podpora hypervizorů různých výrobců

Unify Virtual and Physical Networking with Cisco Virtual Interface Card

UCS Networking Deep Dive

Understanding PVLANs in UCS

Cisco Nexus 1000V on HP BladeSystem

Virtual Machine Fabric EXtension (VM-FEX) Extending the Network directly to the VM s

Configuring Adapter-FEX

VIRTUALIZING SERVER CONNECTIVITY IN THE CLOUD

Agenda Registration & Coffee

Cloud Networking (VITMMA02) Server Virtualization Data Center Gear

Layer 2 Implementation

Virtual Machine Fabric Extension (VM-FEX)

Nexus 1000V in Context of SDN. Martin Divis, CSE,

Data Center 3.0 Technology Evolution. Session ID 20PT

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Cisco ACI and Cisco AVS

Send document comments to Information About Layer 2 Ethernet Switching

Virtual Security Gateway Overview

Configuring Virtual Ethernet Interfaces

Service Oriented Virtual DC Design

Troubleshooting the Cisco UCS Compute Deployment BRKCOM Cisco and/or its affiliates. All rights reserved.

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Hypervisors networking: best practices for interconnecting with Cisco switches

Configuring SPAN. Finding Feature Information. About SPAN. SPAN Sources

Configuring System Port Profiles

Cisco UCS Virtual Interface Card 1225

Network Virtualisation at 1&1 Matthias Müller

Cisco Nexus 1000V for VMware vsphere VDP Configuration Guide, Release 5.x

Questions & Answers

Cisco Nexus 1000V InterCloud

Návrh serverových farem

Instant Access - Virtual Switching System Hands on Lab

Midmarket Data Center Architecture: Cisco Unified Computing System with the Cisco Nexus 1000V Switch

Table of Contents HOL-PRT-1305

Configure RSPAN with VMware

HP FlexFabric Virtual Switch 5900v Technology White Paper

Configuring Fabric and Interfaces

UCS Networking 201 Deep Dive

Configuring Private VLANs Using NX-OS

Configuring Enhanced Virtual Port Channels

Installing and Configuring VXLAN Gateway

Cisco Virtual Networking Solution for OpenStack

Evolution with End-to-End Data Center Virtualization

Cisco Nexus B22 Blade Fabric Extender for IBM

DCNX5K: Configuring Cisco Nexus 5000 Switches

Cisco HyperFlex Systems

Switched Ethernet Virtual LANs

UCS Networking Deep Dive. Neehal Dass - Customer Support Engineer

Configuring Port Channels

Cisco UCS Virtual Interface Card 1227

Configuring Virtual Port Channels

Cisco Exam Questions & Answers

Server-to-network edge technologies: converged networks and virtual I/O

Nexus DC Tec. Tomas Novak. BDM Sponsor. Sponsor. Sponsor Logo. Sponsor. Logo. Logo. Logo

Design and Implementations of FCoE for the DataCenter. Mike Frase, Cisco Systems

UC Voice Application Connectivity in a VMware UCS Environment

Configuring Access and Trunk Interfaces

Architecting Scalable Clouds using VXLAN and Nexus 1000V

Cisco Exam Questions & Answers


Cisco Certdumps Questions & Answers - Testing Engine

Configure RSPAN with VMware

HP BladeSystem Networking Reference Architecture

Integrating Cisco UCS with Cisco ACI

Cisco Nexus 4000 Series Switches for IBM BladeCenter

CISCO EXAM QUESTIONS & ANSWERS

CISCO EXAM QUESTIONS & ANSWERS

UCS Engineering Details for the SAN Administrator

Cisco Exam Implementing Cisco Data Center Unified Computing Version: 9.0 [ Total Questions: 173 ]

UCS Networking Deep Dive

UCS with VMware ESXi End to End Jumbo MTU Configuration Example

Maailman paras palvelinjärjestelmä. Tommi Salli Distinguished Engineer

UCS Networking Deep Dive

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

Cisco Actualtests Questions & Answers

vnetwork Future Direction Howie Xu, VMware R&D November 4, 2008

Enterprise. Nexus 1000V. L2/L3 Fabric WAN/PE. Customer VRF. MPLS Backbone. Service Provider Data Center-1 Customer VRF WAN/PE OTV OTV.

Reference Architecture. DataStream. Architecting DataStream Network. Document # NA Version 1.03, January

The Role of Networking in a Virtualized World Sponsor Technology Roadmap. Kevin Ryan Director Data Center Solutions

Nexus 1000v Port-Channel Best Practices

Network Services in Virtualized Data Center

Security and Virtualization in the Data Center. BRKSEC Cisco Systems, Inc. All rights reserved. Cisco Public

Network Design Considerations for VMware Deployments. Koo Juan Huat

Compute and Storage Implementation

Cisco Questions & Answers

vsphere 6.0 with HP ProLiant Gen9 Servers, OneView, 3PAR, Cisco Nexus 5600 and Brocade 6510 Deployment Guide

Cisco Virtual Security Gateway (VSG) Mohammad Salaheldin

NETWORK VIRTUALIZATION. Fabio Bellini Systems Engineer

Configuring Port Channels

Deploying Applications in Today s Network Infrastructure

Ronny L. Bull & Dr. Jeanna Matthews. DerbyCon 4.0. Sept 27th, 2014

Emulex Universal Multichannel

Transcription:

Virtualized Access Layer Petr Grygárek

Goals Integrate physical network with virtualized access layer switches Hypervisor vswitch Handle logical network connection of multiple (migrating) OS images hosted on physical server(s) Apply network policies to virtualized switches and virtualized network attachments QoS, ACLs & security profiles, During VM migration, policies have to be migrated with VM Unified management & policies of both physical and logical network elements Connects together server administrator s and network administrator s views and processes Network awareness of inter-vm traffic Policy enforcement, statistics, packet capture, Avoid extending of STP domain

Possible solution approaches 1. Implement standard network functions and APIs into software-based virtual switches E.g. Cisco Nexus1000V 2. Avoid local switching and forward traffic from individual remote virtual NICs to physical switch for processing via separate logical channels Dynamically create corresponding logical veth interface on HW switch to provide configuration and feature consistency Suitable when vertical traffic prevails Which does not 100% apply anymore in current DC models with horizontally-scalable applications

802.1Qbg - Edge Virtual Bridging Defines multiple technologies Virtual Ethernet Bridge (VEB) (roughly corresponds to VMWare vswitch) L2 inter-vm communication VLAN support Virtual Ethernet Port Aggregator (VEPA) hypervisor forwards even inter-vm traffic to external switch No MAC address learning & flooding needed external switch s monitoring and security tools can be enforced Switching function can also be built into CNA Standard Mode (tagless) external switch needs to be able to forward frame back to the port which the frame came from (modified standard behaviour) reflective relay Multi-channel - QinQ between hypervisor and external switch multiple logical attachment points for individual VNICs Broadcast/multicast replication on controller switch

IEEE 802.1BR - Bridge Port Extension (1) (originally started in 802.1qbh) Defines Extended bridge Standardized alternative to proprietary technologies like Cisco FEX Model of controlling (physical) bridge + Port Extender(s) managed as single entity (port extenders can be understood as remote I/O cards) no local switching - all traffic goes via controlling switch support for remote HW-based multicast/broadcast traffic replication E-channel - logical channel between Extended port and corresponding virtual interface on controlling switch E-Tag - E-channel ID, contained in modified Ethernet frames equivalent of Cisco VNTag (=slightly different format built on 802.1BR prestandard) Port extenders may be cascaded example: controlling switch - FEX + 802.1BR-compatible server NIC (NIC virtualization) + 802.1BR-compatible hypervisors on blade servers connected to each virtualized switch VM Allows multiple network layers to be managed as single device/layer Tags are NOT stacked Tag- to-port mapping table still needed in Port Extenders Tags are learnt together with MAC addresses on controlling SW

IEEE 802.1BR - Bridge Port Extension (2)

Port Extender Functionality As simple as possible Northbound: add tag based on receiving (virtual) port & forward Southbound: forward based on DST VIF Remove E-Tag at a last hop

Bridge Port Extension Use Cases Physical server NIC adapter partitioning ("Adapter-FEX") multiple simulated NICs presented by BIOS/PCI to OS, single attachment link to physical switch tens of simulated NICs are currently supported Ethernet vnics or FibreChannel HBAs dual uplink provides seamless redundancy of virtualized server NICs active+standby mode, NIC teaming in OS does not need to be configured Virtualized physical VM-to-physical switch connection fixed VEths (e.g. Redhat, Windows, VMWare ESX hypervisors) floating veths (e.g. VMWare ESX hypervisors)

VNTag/E-Tag header fields Presence of VNTag/Etag (4B) identified by special EtherType value (2B) VNTag header may be followed by 802.1q header Frame fields Direction: indicates whether frame travels from or to remote adapter Source VIF (12b) Looped flag: frame looped by physical switch back to the same adapter (inter-vnic switching) Needed to avoid broadcast/multicast cycles Destination VIF (12b) / VIF_List if Pointer bit is specified, VIF_List is used to specify destination VIFs to replicate the frame

Port extender to controller switch Interactions Port extender reports number of ports to upstream switch upstream switch automatically creates corresponding number of tags associating each tag with single extender port

802.1q versus VNTag 802.1q trunk is treated by physical switch as a single port in terms of applied policies Policies mostly cannot be applied per-vlan All VLANs (trunk) extended to the host, server admin has to properly selects VLAN to be fed to individual VMs extension of (per-vlan) STP domains to the host VNTag creates virtual interfaces corresponding to vnics that can be assigned separate policies veths treated the same way as ordinary ports by switch operating system

Cisco Nexus 5000 Static veth Configuration Example inteface veth 1 switchport mode trunk bind interface Ethernet101/1/2 channel 3 101/1/2 identifies physical downlink interface (FEX-attached VNTag-capable host) Channel 3 identifes VIF

Cisco Nexus 5000 Dynamic veth Configuration Example N5K registers itself to vsphere as vds and reports its configured port profiles Profile can be seen as port-group in vcengter Server administrator defines channel # and profile for each vnic vethernet autocreate interface Ethernet1/10 switchport mode vntag // FEX downlink port-profile type vethernet MYPROFILE switchport mode access switchport access vlan 60 port-binding dynamic state enabled // created automatically interface vethernet 23769 bind interface ethernet 1/10 channel <# defined on server> inherit port-profile MYPROFILE

References: Related IEEE standards: http://www.ieee802.org/1/pages/802.1br.html http://www.ieee802.org/1/pages/802.1bg.html Comparisons of related standards (Cisco) http://www.cisco.com/en/us/prod/collateral/switches/ps9441/ps990 2/whitepaper_c11-620065_ps10277_Products_White_Paper.html Cisco FEX standards: http://www.cisco.com/en/us/solutions/collateral/ns224/ns945/ns113 4/qa_c67-693220.pdf VNTag & IEEE standards http://www.ieee802.org/1/files/public/docs2009/new-pelissier-vntagseminar-0508.pdf Virtual Ethernet Bridging http://www.ieee802.org/1/files/public/docs2008/new-dcb-ko-veb- 0708.pdf

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback