fbpx

Fabric Virtualization

Multitenancy, Network Segmentation, Tenant vRouters

Adaptive Cloud Fabric – Unifying Overlay and Underlay Networks

VXLAN-based overlay networks provide powerful benefits for network virtualization and stretching layer 2 network services, but they can create challenges for network scalability and visibility. The Adaptive Cloud Fabric solves these challenges and enables fully automated management of both underlay and overlay networks.

Features

  • Virtual Networks with VLAN/subnet re-use
  • Multiple Virtual Routers (HW accelerated)
  • Role-based Access Management (RBAC)
  • Virtual Network Services:
    • Domain Name Services (DNS)
    • PXE Server
    • Network Time Protocol (NTP) Server
    • Precision Time Protocol (PTP)
  • OpenStack ML2 Neutron Plugin

Network Segmentation

Network segmentation, the ability to take a single physical network and slice and dice it into individually manageable parts, is very important for modern networks, particularly in the data center. Netvisor provides this capability through VNETs.

Each VNET has its own set of network services such as DNS, DHCP, etc. VNETs are not limited to a single rack, but are a fabric wide feature. Management of the network can be done from any switch. Any vlan can contain any switch (or port) on the network and every VNET has its own set of vlans. Netvisor virtualizes the network and masks the underlying network complexity to the applications.

A typical implementation would be similar to the following diagram:

NetVisor VNET Network Segmentation

This segmentation can be easily achieved using Netvisor architecture. The database servers can run on different machines connected to the switches in the fabric. They will part of VNET “Database”.

VNET Resources

  • VNET gets following resources under its control
    • Assigned vnet-private-ports across the FABRIC that connects his bare metal, virtualized servers (vswitch or SR-IOV based) and storage devices
    • VPORTs related to its VMs and Containers (each bare metal server also has a vport)
    • For VLAN based VNETs, control over assigned VLANs that it can manage
    • For VXLAN based VNET, control over full 4k VLANs independent from other tenants
    • Any IP address range independent from other tenants
    • Shared ports for accessing shared services like Routing etc
    • Ability to assign VXLAN VNI to fabric tunnels and create tunnels between the switch (H/W VTEPS) and his servers using vnet-private-ports
  • VNET has ability to manage its own resources
    • VNET also gets a container based VNET manager that runs a CLI to manage his private-ports, VLAN, VXLAN-VNI, shared-services
  • Application Analytics
    • VNET also has access to his application analytics (every TCP connection between his servers, VMs and storage) and ability to filter and get historical data directly from CLI

VNET & Software-Defined Infrastructure

VNET & Software-Defined Infrastructure

Virtual Network Goals

  • VNET provides physical Network Topology Independent Abstraction for Multi-tenancy
  • Fabric administrator creates VNETs and allows the tenants to get control over dedicated set of switch ports across the FABRIC termed as vnet-private-ports
  • VNET has full control over vnet-private-ports, his 4k VLANs and any IP address range without conflict with other tenants
  • Tenant also has access to shared ports for shared services like external routers etc
  • VNET gets a topology independent view of its physical ports and VPORTS
  • Tenant has access to a independent container based vnet-manager to configure and manage his own resources and application analytics related to its physical servers, VMs and applications

Communication between VNETs – vRouters

Communication between VNETs can be routed over the fabric using vrouters. Netvisor offers hardware vrouters as well as software vrouters. In the following, we will illustrate the creation of some routers.

Creating vRouters