Technical Comparison of 802.1Qbg, 802.1Qbh, 802.1BR, and VN-Tag

At present, there are several technical systems on the boundaries between computing virtualization and network Virtualization: 802.1Qbg, 802.1Qbh, 802.1BR, and Cisco VN-Tag, the objective is to solve the connection, association and perception between virtual machines and external virtual networks. This article compares the similarities and differences between these technical frameworks so that readers can understand the differences between different technologies.

I. Technical Overview

Table 1 brief information about various technologies

1.802.1Qbg

802.1Qbg not only supports Virtual Ethernet Bridging, but also two unique VEPAVirtual Ethernet Port Aggregator modes. This mode is also called basic VEPA mode) and Multi-Channel.

In VEB mode, vswitches in the server have relatively comprehensive network functions, as shown in figure 1. In VEB mode, information exchange between Virtual Machine Virtual machines (VMS) in the same VLAN inside the server is directly transmitted through the vSwitch without going through the external network. In this mode, the network in the server is relatively independent from the external physical network, but it is only a standard connection. The vSwitch inside the server is also a network element. This method greatly increases the number of network elements in the network, so that the network size in the virtualization environment is large.

Figure 1 VEB mode: The network function enters the server

VEPA mode is a simple mode that modifies the VEB function. 2 shows that after the VEPA component receives data from the VM, it first forwards the data to the upstream interface, that is, the external network interface, this fully utilizes the hardware capabilities and advanced features of the external network. For communication between VMS in the same VLAN within the server, data must be forwarded first, and then forwarded back to the server to find the target VM. This method simplifies the vSwitch function of the server and combines VEPA with the hardware processing of the external network to associate the internal and external networks. The internal network is logically used as an extended port, it seems that the external network function is extended to the server, and all VMS correspond to a physical network port. In this way, the processing of broadcast/Multicast is relatively complex. After the data enters the server from the network, the VEPA component performs broadcast and multicast replication.

Figure 2 VEPA mode: Some network functions are supported in the server

Multi-Channel is a simpler structure, as shown in Figure 3. This architecture eliminates the network features in the server and indirectly connects VMS to external physical networks in the form of logical channels. The best way is to connect a VM to a channel. Each channel is terminated separately on a physical switch. The endpoint serves as the vPort of the switch ). In this mode, broadcast/multicast processing is concentrated. If each VM is connected to a vPort, broadcast/multicast to multiple VMS must be replicated by external physical network devices, copy the packets to the vports corresponding to each VM, and then enter the server through each channel. The server does not need to process the packets and sends them directly to the VM Based on the channel.

Figure 3 Multi-Channel mode: The network function is only available outside the server.

2.802.1Qbh/802.1BR/VN-Tag

802.1Qbh, as one of the DCB Data Center Protocol families, was proposed by Cisco and has been terminated. Cisco also proposed the 802.1BR protocol. The two have big differences in details, but they are consistent in principle. VN-Tag is Cisco's proprietary technology. It was previously proposed by IEEE and abolished after a period of discussion. It is still used in Cisco's own solutions.

Cisco expands the functions and logic of the network from the network perspective, enters the server, and connects to the virtualization technology. In the standardization technology, these technologies are called PE, Port Extender, it is called FE and Fabric Extender in its private technology implementation. From the virtualization perspective, the Multi-Channel functions of PE/FE and 802.1Qbg are very similar. PE/FE can be cascade as scalable components, cisco also specifically defines such a network device form. In fact, the Multi-Channel components can also be cascade, however, HP does not emphasize the physical form of Multi-Channel components (from the perspective of increasing network performance and density, HP does not think that the network device does not need to appear with an Extender ); the difference is that PE/FE optimizes the performance of the multicast/broadcast function. 4 shows that PE/FE can gradually replicate multicast/broadcast at each level, this reduces the replication pressure on the network end. The Multi-Channel in Figure 3 is multicast/broadcast replication on the network end.

Figure 4 802.1Qbh/802.1BR/VN-Tag mode: Some network functions are forwarded to the server.

In virtualization technology, all the above-mentioned VEB (vSwitch), Multi-Channel, 802.1Qbh/802.1BR/VN-Tag components are called ER (Edge Relay ).

Ii. Technical Comparison

1. Message format difference

802.1Qbg VEB/VEPA

Both the VEB and VEPA of 802.1Qbg are normal 802.1Q Ethernet data frames, as shown in Figure 5.

Figure 5 Ethernet data frame

VEPA is a simple modification of VEB's working mode, and does not involve data-level format modification. From the technical perspective, the virtual computing environment that has been deployed can quickly evolve to the virtual perception capability of the network.

802.1Qbg Multi-Channel

The Multi-Channel of 802.1Qbg adopts the common QinQ data format. 6, the VLAN of the outer Tag is called the S-VLAN, which is used to identify the local Channel number connected to the virtual machine, this Tag is valid only locally between the physical port of the switch and the NIC of the server. It is stripped after entering the network. The VLAN of the inner layer Tag is called the C-VLAN, which is used to identify the business VLAN of the VM, it is valid within the network range provided by the VM for applications and is used globally.

Figure 6 Multi-Channel packets

Although Multi-Channel uses a new data format inside the server, it is also a new environment application of mature QinQ technology. It provides a new technical explanation of QinQ content, to simplify the network structure in the server.

802.1Qbh

The 802.1Qbh packet is inserted with a E-TAG mark 7 in the Ethernet frame format to mark the VM connection channel and virtual port mapped to the switch. Figure 8 shows the basic content of the E-TAG extension field initially defined in the standard.

Figure 7 802.1Qbh packets

Figure 8 packet labels in 802.1Qbh

802.1Qbh explicitly identifies the source end of the data in the data content by specifying the Channel ID, and supports data replication, which is also a local optimization of performance. Here we need to add that the 802.1Qbh data format is after two stages, previously called M-Tag, and then evolved to the E-TAG mode, the definitions between the two are different.

802.1BR

802.1BR is an alternative protocol of 802.1Qbh, but the basic content has been modified, the packet in the Ethernet frame format inserted a E-TAG mark 9, used to mark the VM connection channel and mapped to the vswitch virtual port, the difference is that the original reserved fields in 802.1Qbh are clearly defined. Figure 10 shows the basic content of the E-TAG extension field initially defined in the standard.

Figure 9 802.1BR Message format

Figure 10 packet label in 802.1BR

802.1BR and 802.1Qbh are the same technology. They only fill channel attribute information with reserved bits, and the former is more flexible in channel control.

VN-Tag

VN-Tag is a Cisco proprietary technology. It once claimed that its FE/PE device is compatible with both 802.1Qbh and 802.1BR. As shown in 11, the packet inserted a VN-TAG tag in the Ethernet frame format to mark the VM connection channel and virtual port mapped to the switch. Figure 12 shows the basic content of the E-TAG extension field initially defined in the standard.

Figure 11 VN-Tag Message format

Figure 12 packet label (including EtherType) in VN-Tag)

According to the significant difference between the VN-Tag and 802.1BR/802.1Qbh packets, the two messages cannot be interpreted. Cisco said in the product that the VN-tag device is compatible with 802.1Qbh at the same time, it should be very difficult. a vn-Tag is coming out early, and 802.1Qbh is discussed later (the Message format of 802.1Qbh is different in two stages). Second, 802.1Qbh is abolished and then 802.1BR, the format is different.

2. Forwarding difference

Table 1 Comparison of forwarding differences

3. Control Protocol differences

Table 2 Comparison of control protocols

4. comparison summary

From the comparison of the technical model, we can see that the 802.1BR function is completely the expansion of the network to the server, and there is no definition for VM connection and perception. Therefore, if 802.1Qbg VDP protocol is added on this basis, some 802.1BR modifications are also supported technically. 802.1Qbg and VN-Tag have excellent network extension and VM Association awareness capabilities, the difference is that 802.1Qbg defines a protocol with a clear division of labor, and the network components interact with ER components in the server. The standardized interconnection mode is flexible, but the VIC protocol of VN-Tag is not defined between the network device and the ER, but between the management system and the ER.

Iii. Conclusion

802.1Qbg is currently supported by mainstream manufacturers, such as IBM, HP, and H3C. 802.1BR is not productized yet, and VM awareness is implemented based on 802.1BR, we still need to use the 802.1Qbg control protocol. VN-Tag has been implemented on Cisco network products, and its server needs to use a network card that supports VN-Tag to match the network.

Based on the implementation of standardized technology, various manufacturers will gradually begin Interoperability Work on product docking, including at the underlying device level of virtualization systems, network cards, networks, etc, and Management system interfaces gradually form a complete interaction system.