Editor's note:Overlay Network solution is to maximize the retention of the original network by overlaying a software-defined logical network on the existing network, and to realize the business logic by defining the logical network on it, so as to solve the network problem of the original data center and greatly save the traditional user investment. This article isa precursor to the relationship between the Overlay network and the physical network , which helps you to understand some basic concepts about Overlay .
What happens to cloud-core network devices with Overlay solutions? In this and next installment, we will try to answer these questions. The computing tide pushes the network construction of the data center into the spotlight, and various solutions and technical standards are constantly emerging. The software vendors represented by VMware put forward Overlay Network scheme, and put forward new ideas for the development of data center network. So, What's the problem Overlay solved? As a definable network, what requirements and dependencies does it have on physical devices? Data in question.
1 Traditional Data Center network problems and coping methods
The introduction of Virtualization server technology has brought about a change in the IT infrastructure. Cloud Data Center network evolution, summed up, the main to solve the following three types of virtualization host introduced by the problem.
1.1 Network problems in the sophomore layer
Traditional data center design, in order to avoid large-scale two-layer network caused by the loop and broadcast problems, usually in the access layer on the three-layer end, the second layer of exchange only in the scope of access switches. After the introduction of the virtualization server, the migration and cluster requirements of the virtual machines are in the same two tier. Clusters want to do large, virtual machine migration needs to move far, the two-tier network will be much larger, so that the two-layer range is greatly expanded, it is possible to cross the entire data center, and even across a number of different data centers. The second layer will face many problems, such as how to prevent the two-layer loop? How to improve the efficiency of link use?
To solve this problem, the construction of large-scale loop-free two-layer network, mostly using virtualization technology (such as h3c/hp IRF technology,Cisco 's VPC,VSS technology, or TRILL Technology) to virtualize multiple devices into a single device, turning the original loop link into a bundle link, The standard protocol will resolve the two-tier multipath data transparent transmission problem.
1.2 Network-aware computing and strategy automation following problems
In a virtual machine environment, there are multiple servers under a physical port. How do network devices identify different servers and perform different network policies for different servers? And the server is also a dynamic migration of the server, the business migration, then the server migrated, the security policy deployed on the network automatically follow the new location, keep the policy unchanged before and after the migration?
To solve the problem of network-aware and policy automation, the key is to make the virtual machine's traffic pass through the network device, and the network device senses which virtual machines are on a physical port. When a virtual machine changes, the corresponding network policy is automatically followed. The representative technology is a hp/h3c -led IEEE 802.1QBG Standard, as well as a manufacturer-led IEEE, such as Cisco 802.1BR Standard.
the correspondence relation of 1.3 network attribution and location positioning
Legacy architecture, Server ip Span style= "font-family: the song Body;" The address must match the ip address segments are consistent. Business attribution in what network segment, will be set to the business segment of the ip address, The location of the business is then clarified. Now the server can be migrated, before and after the migration of the ip ip ", and this ip ", and "local" ip
solve the problem of network attribution and business positioning, that is, to solve the "hukou problem" of the virtual machine, essentially the user's virtual server ip address and the physical network where the physical server is located ip address decoupling. The techniques to address this type of problem are lisp ( Span style= "FONT-FAMILY:CALIBRI;" >locator/id separation protocol location Identity Separation Protocol) technology ( ietf rfc6830 ip ip address to decouple the identity and location information of the server.
2 New Solutions-OVERLAY
With the new generation of Overlay network scheme, which is represented by VXLAN Technology, the above-mentioned typical problems have a novel approach, that is, by overlaying a software-defined logical network on the existing network, The original network as far as possible, through the definition of its logical network, the realization of business logic, so as to solve the existing data center network problems, greatly saving traditional user investment.
Overlay is a network technology that transfers (business) Two-tier network architectures to three-layer/four-beginning (traditional networks) . Regarding its concrete realization principle and the interactive detail this article does not repeat, emphatically discusses this technology to the network construction plan the influence.
2.1 The problems of the sophomore layer
Because the Overlay Network tunnel is usually on the virtual switch, and the virtual Switch between the (physical) network only need three layer interoperability. Above the network access layer can run the routing protocol completely, through the routing protocol ECMP and so on realizes the Multipath loop-free network channel. So the sophomore layer only needs Overlay Network support, the access layer above the physical network only need to support the traditional three-layer network protocol can be.
2.2 Network-Aware server issues.
In the traditional scheme, the network first senses the server, then the server changes the operation, and finally according to the change of the server automatic policy follow. In Overlay Networks, access devices are Virtual switches that establish Overlay tunnels so that different server policies can be set up as long as the virtual switches at each end of the tunnel can differentiate between virtual machine traffic. When the virtual server is migrated, the virtual switch with the same origin as the virtual server can get the detailed information of the migration on the network management platform, so it is easy to follow the virtual service automatically.
2.3 The "hukou" issue of the server.
The original server in the migration, you need to accommodate the physical network gateway and address. InOverlayafter the introduction of the network, the businessIPAddress and networkIPaddresses can be completely separated. Overlayin the packageIPAddress for BusinessIPaddress, can be defined according to the user's business;Overlayoutside the packageIPThe address is a network address, defined by the network administrator. Overlaythe business of the network inner layerIPaddress onlyOverlayNetwork tunnel can be perceived at both ends, the outer physical network is not aware, nature will not cause conflict. Overlaythe location of the network outer layerIPaddress characterization The physical network device location that the server is connected to to clarify where the tunnel ends and directs traffic to the appropriate location. Since then, the user's businessIPthe address can be configured separately from the address on the network side and managed separately.
As can be seen,Overlay Technology uses a new way of building definable networks through software, and architecting on traditional networks, answering three of questions that have plagued data center networks for many years, while simultaneously solving VLANs Lack of space, traditional switch MAC table entries are not enough, it can be said that the future of data center network development of an important direction.
This article is from Sdnlab, click here to read the original. If you are interested in this article, you can participate in the following interactive ways to communicate with the author in close range. In addition, our website also has a large enterprise recruitment platform, there are many high-quality posts, interested parties please click the recruitment to see the details.
If you are interested in this article, you can participate in the following interactive ways to communicate with the author in close range.
(1) Weibo (http://weibo.com/sdnlab/)
(2) ( account No.:Sdnlab)
(3) QQ Group
SDN Research Group (214146842)
Opendaylight Research Group (194240432)
Overlay improvements to the data center network