Yunshu
Challenges brought by Virtualization
• Large L2 Network
-Traditional access control based on service VLAN cannot be implemented
-Global broadcast storm
-Cross-service ARP spoofing attacks
Challenges brought by Virtualization
• The host machine functions part of the access layer switch
-Traditional policies based on IP addresses and vswitch ports are difficult to implement
-No unified network status monitoring platform
-DDOS attacks are more likely to succeed, with greater impact
-SA and Net OPS have unclear responsibilities.
How can we solve this problem?
• Sorry, delete
How can we solve this problem?
• Sorry, delete
How to solve problems in the industry
• VEB (Virtual Ethernet Bridge)
Implementation of VEB
• VDS (vNetwork Distributed Switch)
How to solve problems in the industry
• Hardware VEB
-SR-IOV (SingleRoot I/O Virtualization alization)
How to solve problems in the industry
• VN-Tag
How to solve problems in the industry
• 802.1Qbh (VN-Tag, NIV, and VN-Link)
How to solve problems in the industry
• VEPA (Virtual Ethernet Port Aggregator)
How to solve problems in the industry
• 802.1Qbg EVB (Edge Virtual Bridging)
-Multi-Channel VEPA ()
Future
• What If I directly use VM MAC for TAG?
• Is there a solution that does not simulate regression to traditional networks?