Does virtualization require network management programs?

The current traditional network may not support the scalability required for large-scale server virtualization and automated configuration in the infrastructure-as-a-service model, but the new network virtual method may even be a network manager hypervisor ), it will change everything.

Currently, more than 50% of servers are used as virtual machines. Each virtual machine is connected to the virtual network through a vswitch and network adapter. These vswitches and network adapters are created through the server virtualization management program. This large-scale virtualization enables service providers and large enterprises to provide infrastructure as a service. With this service, enterprises or user groups can configure virtual machines and network resources by clicking a few clicks. Eventually, they will be able to use these resources to create small virtual data centers.

On the server side, the related technologies are ready, but traditional networks impede this flexibility. Traditional networks have complicated physical components and browsing management problems, making it unable to support environments with changing and unpredictable capacity requirements. In traditional networks, engineers struggle with layer-2 and layer-3 configurations, tedious access/distribution/core architecture, and management of traffic and ports of physical switches, routers, and firewalls; there are also various bandwidth problems for LAN and WAN. Even worse, the 802.1q standard only provides a maximum of 4094 VLANs, which is far from enough for cloud providers or large enterprises that want to create multi-tenant networks for the infrastructure-as-a-service model.

Network virtualization needs

The network traffic function is different from that of the server where the operating system and application are located on a specific host. In fact, network data packets are already virtualized. in the network, physical components of the network, including switches, routers, and firewalls, need to be virtualized.

However, once these components are virtualized, engineers need to be able to programmatically control the configuration of these resources. To achieve this goal, you must eliminate physical network limitations such as VLAN scalability, MAC scalability, virtual machine mobility, and IP address conflict ). In addition, the network administrator needs the same virtual network visibility and functions as the physical network. Some server hypervisor can enable VMware to have a vSwitch and virtual network adapter), but these server hypervisor is not professional enough.

At this time, the network management program should be launched.

Status Quo of network management programs

Currently, many network vendors are developing and managing virtual network configuration and control technologies. However, only a few vendors regard this technology as a "Network Management Program ".

Among them, the most famous one should be the Nicira solution, which is a distributed software suite that can create scalable, fully functional, and isolated virtual networks, this network will be completely independent from the underlying physical network. Nicira solutions can run on any physical network and are compatible with any server management program. Nicira's open programmable approach not only can be used in Layer 2 and Layer 3 networks, but also supports Layer 4-7 services in virtual networks.

However, since Nicira has sold its technology to some large cloud and Internet vendors, it remains to be observed whether this technology can continue to grow for a long time. Many competitors have other strategies.

The virtual network component still exists.

Vyatta, Cisco, VMware, Extreme Networks, and other companies have launched new network virtualization solutions. Some solutions run together with the server virtual hypervisor, while others are virtual devices that provide Layer 3 or security services. Below we list several solutions:

◆ Cisco has received a lot of attention through its Nexus 1000-V advanced vswitch for vSphere. This switch is fully focused on virtual network management and visibility. With Nexus 1000-V, engineers can ensure that vSphere virtual machines implement QoS and security policies when moving from one host to another through vMotion. Cisco also recently launched Virtual Security Gateway (VSG) for Nexus 1000-V, which can provide network Security for vSphere. VSG is comparable to the virtual version of Cisco ASA security devices.

◆ VMware continues to launch more virtual network solutions for its vShield product series. When vSphere 5 was launched, we also saw vShield 5, which provides vShield Edge for Firewalls and VPNs. In addition, VMware has launched another innovative vShield solution, vShield Endpoint, which provides security compliance and data protection solutions.

◆ Extreme Networks launched an XNV Network Management Program, which seems to be competing with Cisco's Nexus v, however, it is more similar to Microsoft Hyper-V, Cisco XenServer, VMware vSphere, and Linux KVM. But because it is regarded as a "Network Manager", it does not mean it has the same functionality as Nicira.

◆ Vyatta provides enterprise-level virtual network routers, firewalls, and VPN solutions. Those who need layer-3 IP services can directly install these solutions on physical servers and then turn them into vrouters. Vyatta turned its technology into a "network operating system" and said it could provide functionality similar to Cisco's L3 switch, but it uses a Linux revision.

Software Defined network SDN) Is it a real network management program?

With the emergence of network virtualization solutions, many companies are developing SDN policies to make the network more flexible and better managed, so as to apply to infrastructure as a service mode and virtual resource configuration. With SDN, engineers can create a separate control and forwarding plane and use the central software controller to execute forwarding rules and policies. With SDN policies, engineers can define how Virtual routers and firewalls work with virtual switches to provide virtual networks.

Nicira's network management program and some other available solutions can be applied to the entire SDN architecture. Whether the network management program will be applied to large-scale virtualization environments remains to be observed. What we can determine now is that virtualization will not stop at server hardware and will be more complex than Virtualization of basic network components.