Download Slide 1

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
Document related concepts

AppleTalk wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Net bias wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Zero-configuration networking wikipedia , lookup

IEEE 1355 wikipedia , lookup

RapidIO wikipedia , lookup

Computer network wikipedia , lookup

Network tap wikipedia , lookup

Multiprotocol Label Switching wikipedia , lookup

Distributed firewall wikipedia , lookup

Asynchronous Transfer Mode wikipedia , lookup

Deep packet inspection wikipedia , lookup

Airborne Networking wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Packet switching wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Transcript 
Diverter: A New Approach to
Networking Within Virtualized
Infrastructures
Aled Edwards, Anna Fischer, Antonio Lain
HP Labs
© 2008 Hewlett-Packard Development Company, L.P.
The information contained herein is subject to change without notice
Outline
•
Data Center Networks for Cloud Computing
•
Our Approach: Diverter
•
Evaluation
•
Future Work
2
25 May, 2017
Data Center
Networks for
Cloud Computing
Data Center Networks
for Cloud Computing
Goals (and Challenges!)
•
Multi-tenancy and Security
− Host multiple customers on a single shared infrastructure
− Allow each customer to configure their own network topology
to suit application needs
− Data and performance isolation between customers, and the
utility
− Allow controlled and efficient inter-communication between
customers if required and permitted
• “provide rich ecosystem of interacting services”
•
•
•
•
4
Large scale
Automation
Flexibility / Programmability
Performance
25 May, 2017
Data Center Networks
for Cloud Computing
Problems with Traditional Approaches
•
Traditional L2
− Flat network: isolation, scalability
− VLANs: configuration, management
− Encapsulation, Tunneling
− Explicit routing entities required, e.g. routing VMs
•
Traditional L3
− Mobility
− Routing bottlenecks
5
25 May, 2017
Our Approach:
Diverter
Our Approach: Diverter
High-level Overview
•
Isolate customer resources into Cells
− Cell is a collection of virtual resources
− Cell has a single owner
•
Each Cell can have its own virtual network
topology
− Cells consist of several Subnets
− Cell owner can define network policies
• Security: define who can communicate with VMs
• QoS: define bandwidth limits for VMs
7
25 May, 2017
Our Approach: Diverter
Virtual Network Topology
Subnet
Subnet A1
Subnet A2
Subnet B1
Cell B
Virtual Router
C3
Subnet C1
Cell A
Virtual
Router
Subnet C2
Subnet B2
Cell C
Virtual Router
Globally managed virtual IP address space representing virtual network
topologies
IP address format: 10.<CELL>.<SUBNET>.<HOST> (for example)
8
25 May, 2017
Our Approach: Diverter
Realisation as a Distributed Virtual Router
•
Virtual routers are realised as Distributed Virtual
Router implementation (“VNET”)
As virtual routing functionality is distributed
− VNET component running on each server
across all servers rather than implemented
intercepts
packets to/from
VMs,
processes them,
by− VNET
particular,
traditional
routing
entities,
eventually forwards them, or discards them
•communication
VNET takes carebetween
of
any endpoints in the
infrastructure
always
involves
a single
− Simulating routing
across
subnets, just
or Cells
network
“hop”.
− Multicast/broadcast
distribution
− Address discovery
9
25 May, 2017
Our Approach: Diverter
How Does It Work? MAC Rewriting!
•
VNET rewrites packets to simulate routing hop
− Packets are sent to / received from virtual router
interface when crossing subnets
− Important to emulate behaviour of traditional network
topology
•
VNET uses (modified) ARP to discover physical
machines hosting a particular VM
• VNET rewrites packets to send directly to physical
machines hosting destination VM
• VNET rewrites packets to limit VM
broadcast/multicast traffic to particular Cell/subnet
10
25 May, 2017
MAC Rewriting Simplified
Virtual machines
1. Packet TX
sVMAC dVMAC
7. Packet RX
Virtual machines
•Direct
network
sVMAC
dVMAChop between any
endpoint
•No virtual
MACs
6. Packet
RWleaking onto the
physical wire
2. Packet
intercept
Physical host B
Physical host A
3. Packet RW
4. Packet TX
5. Packet RX
sPMAC dPMAC
sPMAC dPMAC
Physical network
11
25 May, 2017
Virtual Router Simulation
3. Packet TX
sVMAC RVMAC
Virtual machines
9. Packet RX
Virtual machines
1. DHCP
2. ARPResponse
Request /
with Virtual
Reply
for
4.Router
Packet
RouterIPIP
RVMAC dVMAC
8. Packet RW
Virtual MACs do not
intercept
leak across subnets!
Physical host B
Physical host A
5. Packet RW
6. Packet TX
7. Packet RX
sPMAC dPMAC
sPMAC dPMAC
Physical network
12
25 May, 2017
Our Approach: Diverter
Further Benefits
•
Efficiency
−
−
−
−
•
Use of multicast/unicast ARP instead of broadcast
Local DHCP response generation
No packet encapsulation
Fast tracking of moving VMs/addresses
Security
− Integrated network policy framework
• Enforcement of fine-grained packet filtering
• Allow frequent changes of network policies
•
Manageability
− No programming of physical infrastructure required
• No synchronization between physical switches and servers
• Only rely on underlying flat L2 network
• Separation of concerns: network administrators vs. server administrators
− Communication possible with non-VNET servers
− No programming of explicit routing entities required
− No specific hardware (or hardware modifications) required
13
25 May, 2017
Evaluation
Traditional L2 vs. Diverter
Intra-subnet vs. Inter-subnet Communication
Routing VM
Subnet A
Traditional L2
Diverter
Physical network
15
25 May, 2017
Subnet B
Subnet A
Performance Evaluation
VM Network Throughput
800
700
600
MAC RW
500
EtherIP
400
300
200
100
0
16
25 May, 2017
Intra-subnet
Inter-subnet (single VM TX)
Inter-subnet (double VM TX)
Future Work
Future Work
•
Direct Network I/O
− Integrate with virtualization-aware HW on server-side,
e.g. SR-IOV NICs, blade server networking
− Integration with new I/O virtualization approaches
developed around KVM/Xen
•
QoS
•
Virtual Network Cloning
•
Data Center Network Federation
•
L2 Scalable Data Center Ethernet
18
25 May, 2017
Related documents
155
155
1. Assume that for the network represented on the right the routing
1. Assume that for the network represented on the right the routing
Document
Document
Name: Leo Mendoza WAN (used to be slow, noisy)
Name: Leo Mendoza WAN (used to be slow, noisy)
Instructor Rubric for Presentations
Instructor Rubric for Presentations
Subnetting
Subnetting
IP ADDRESSING
IP ADDRESSING
Routing
Routing
Semester One
Semester One
WWW Lab1
WWW Lab1
Sustainable Consumption & Production
Sustainable Consumption & Production
Assignment 4
Assignment 4
William Stallings Data and Computer Communications
William Stallings Data and Computer Communications
old_Ch1
old_Ch1
Vnet/IP REAL-TIME PLANT
Vnet/IP REAL-TIME PLANT