This document discusses network virtualization and how it can connect virtualized data centers to wide area networks (WANs). It introduces the concept of a network virtualization platform that abstracts physical network infrastructure and allows provisioning virtual networks and services in a programmatic way. It describes two options for mapping logical networks in a virtualized data center to tunnels in an MPLS WAN core: mapping them to VLANs or MPLS labels. The key role of the network virtualization gateway is to demarcate and map between tunneling formats within the data center and WAN.
2. 2
Compute Virtualization Abstraction Layer
Why we need network virtualization
Physical
Infrastructure
• Provisioning is slow
• Placement is limited
• Mobility is limited
• Hardware dependent
• Operationally intensive
Networking undoes much of the goodness of server virtualization
3. 3
The Solution – Virtualize the Network
Physical
Infrastructure
Compute Virtualization Abstraction Layer
• Programmatic provisioning
• Place any workload anywhere
• Move any workload anywhere
• Decoupled from hardware
• Operationally efficient
Network Virtualization Abstraction Layer
Software Defined Data Center
• Provisioning is slow
• Placement is limited
• Mobility is limited
• Hardware dependent
• Operationally intensiveSOFTWARE-DEFINED
DATACENTER SERVICES
VDC
4. 4
What is Network Virtualization?
Physical Compute & Memory
Server Hypervisor
Requirement: x86
Virtual
Machine
Virtual
Machine
Virtual
Machine
Application Application Application
x86 Environment
Physical Network
Network Virtualization Platform
Requirement: IP Transport
Virtual
Network
Virtual
Network
Virtual
Network
Workload Workload Workload
L2, L3, L4-7 Network Services
Decoupled
5. 5
The Starting Point for Network Virtualization: Virtual Switch
Hypervisor
vSwitch
Hypervisor
vSwitch
Physical Network
6. 6
VLAN
L2
L3
Virtual Network
L2
NSX Gateway
NSX – A Network Virtualization Platform
Physical Network
vSphere Host vSphere Host KVM Xen Server
NSX vSwitch NSX vSwitch Open vSwitch Open vSwitch
Hardware
Software
Controller Cluster
VLAN
VTEP API
HW Partner
VM VM
“NSX API”
CMP
8. 8
Option A: Map Logical Networks to VLANs
NSX
GatewayVRF
VRF
VRF
Logical Networks map to
VLANs; Each VLAN maps
to a VRF (customer-
specific routing table)
PETo Customer Sites
MPLS Core
Virtualized DC
9. 9
Option B: Map Logical Networks to MPLS Labels
NSX
Gateway
Logical Network Prefixes
advertised in MP-BGP
with MPLS labels
ASBRTo Customer Sites
MPLS Core
Treat interface like
inter-AS (RFC 4364)
MPLS Labelled Packets
mapped to/from logical
networks
Virtualized DC
10. 10
What’s the gateway doing?
Mapping tunnel formats
• Use VXLAN/NVGRE/STT in the datacenter, MPLS in the WAN
Demarcation point between WAN services and DC services
• In the WAN, L2 & L3 services are the norm
• In the DC, rich L2-L7 services prevail
• Self-service provisioning in the DC
• Gateway is one end of the L2-L7 pipeline
Reducing state requirements at the PE/ASBR
• No need to terminate 1000s of tunnels to hypervisors
• No per-hypervisor routes
• No VRFs
11. 11
Summary
Network virtualization is about agility
• Brings the operational model of server virtualization to networking
• Provision complex topologies and services in software – enabling automation
• Services decoupled from hardware
Integration with MPLS WANs:
• Treat data center edge as AS boundary
• Retain richness of data center services
• Self-service provisioning
A fundamental shift in the networking landscape