The contention of Network Technology road: Open or Closed

The evolution of it is a process of spiraling up. In the early days of large computers, it was the domain of its profession, all computer systems were closed, and a company offered services ranging from hardware to software and repair and even soft revision upgrades, which could be said to be due to the imperfections of the entire industry. But the entire IT industry is constantly on the road to open, since the IBM PC standard opened, IT industry rapidly mature, today completely changed the mode of social information transmission. Standardized systems can be quickly matured in a short period of time because in an open system, standards are negotiated by several major manufacturers, and the process of standard-setting can see the shadow of compromise and even different standards competing against each other. Theoretically this free market operation mechanism, because the competition is intense, the consumer can enjoy the best standardized product. But the opposite closed-system manufacturers in today's industrial division of specialization and refinement of the background, will lead to technological progress and slow, it is difficult to form scale.

Now, in the field of data center network technology, there are also open systems and closed system two lines of contention, we analyze the context of this technology debate.

The Battle of the road: VEB vs Vepa

With the maturity of commercial virtualization technology and the development of x86 CPU performance, more and more data centers begin to transform into virtualization, a typical feature of the new Generation data center is the transition from "physical server interconnection" to "Virtual Server" interconnection. Virtualization brings server consolidation, business continuity, and resilience to the data center, as well as a new challenge to the data center, which is how to implement an edge virtual bridge for a virtual machine.

The solution of inertia is through the software way, through the server internal platform solution, that is, the so-called virtual edge bridging (VEB, Virtual Ethernet bridge). VEB is the local exchange that supports multiple virtual machines on a physical terminal workstation/server, usually through software simulation of a virtual switch. For example, as the originator of the drive for X86 platform virtualization, VMware built Virtual Switch vswitch on its vsphere platform, even further, implementing the distributed Virtual Interactive VDS (vnetwork distributed switch), Provides a unified network access platform within a data center, and when a virtual machine occurs vmotion, the policies on all ports will move with the virtual machine. But there are two fundamental problems:

1. The function of the virtual switch is too simple. The current vswitch is at most just a simple Soho class two-tier switch that only solves connectivity problems, without ACL policy, no traffic regulation, not to mention QoS. The main reason for this is that the network is not the focus of VMware.

2. Network and host management interface blurred. The data exchange of multiple virtual machines is clustered in a physical outlet, the virtual server port and the entity network Port are no longer one by one correspondence, from the traditional network manager's point of view, the original a series of network policies are based on port deployment, and now can not use the same method deployment, Greatly increased the cost and difficulty of management. The current mainstream virtual platform, there is no network management and configuration of the independent interface, which caused the virtualization server once the problem, not only the fault location needs more time, and managers (network managers and server managers) of the right and wrong position and division of Labor will also be in a state of chaos. The Access layer network of the data center has been extended from the physical entity network to the virtual machine instance of the server, and the corresponding access to the virtual machine network port must be realized.

The industry network giant Cisco has proposed several different solution routes for eVB, one of the most important routes is enhanced VEB, specifically, using Cisco's own Nexus 1000v soft switch to replace VMware's vswitch, Embedded in VMware's virtualization platform. As a result, Cisco claims to be able to implement professional virtual switches, which are Nexus 1000v virtual switches with the rich functionality of Cisco switches, while achieving unified management of Cisco physical switches. Cisco has invested a lot of human and material resources into the nexus1000v solution in marketing, making it sound beautiful, but what is the reality? With a careful analysis, we can see the following problem with this solution.

1. There is still no solution to the problem of fuzzy network and host management interface. Nexus 1000v as a server CPU simulation of the software switch, so that the exchange interface of virtual machines still exist inside the mainframe, simply can not achieve "network, host to host" such as the purpose of clarifying the management interface.

2.nexus 1000v is a CPU to simulate the soft switch, the need for additional server overhead, there is a low exchange performance problems, and may cause system instability.

3. The most important issue, Cisco's solution is a closed-system solution that is currently available to only support VMware virtualization platforms, and for other virtualization platforms, such as Xen and Hyper-V, currently do not see a relevant solution.

To some extent, Cisco can use its Technology brand advantage in the industry, through a closed system of the solution to vigorously marketing, is a kind of customer to a certain degree of "kidnapping", so that customers lose the right to choose.

Therefore, the industry needs an open, standard and simple solution. At this time Vepa (Virtual Ethernet Port aggregator) standard should be potential. Vepa is the new generation of data Center Virtual Access solution standard proposed by HP Collaborative H3C to IEEE, the goal of which is to move the exchange between virtual machines from the inside of the server to the access switch. The working principle is as follows: When two of the virtual confidential in the same server Exchange data, from the virtual machine a data frame will first be sent through the server network card to the top switch, the top switch by looking at the frame head with the MAC address (virtual machine MAC address) found the destination host in the same physical server, This frame is then sent back to the original server to complete the addressing forwarding. The entire flow of data is like a hairpin around the top switch, so this behavior is also known as "card-issuing forwarding." In order to achieve "card-issuing forwarding", Vepa needs to modify the spanning tree protocol, or force the behavior of reflection data frames on the upper-end port (reflective Relay). At the same time, Vepa uses q-in-q technology to add a layer to the basic 802.1q tag to represent the definitions of different virtual machines, which can be used to differentiate and process different virtual machine traffic.

We can see that Vepa has realized the "hard exchange" of virtual machines with the principle of simplicity and practicality, making full use of existing standard protocols. The current network equipment, as long as the software slightly modified, you can quickly launch support. Because of the standardization and openness of Vepa, it has been supported by Juniper, IBM, Qlogic, brocade and so on. H3C firmly believe that the road to open standardization is the king, the future of eVB solutions will be based on the mainstream of the VEPA standard solution.