SlideShare uma empresa Scribd logo

VMworld 2013: Advanced VMware NSX Architecture

VMworld
VMworld

VMworld 2013 Bruce Davie, VMware Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare

Tecnologia
1 de 29
Baixar para ler offline
Advanced VMware NSX Architecture Bruce Davie, VMware NET5716 #NET5716
2 Agenda  Network Virtualization Refresher  NSX Architecture  Scale  Integrating Physical Workloads in Virtual Networks  Distributed Services  Connecting with WAN services  Summary & Future Directions
3 Objective  Provide a deep dive into the architecture of NSX, with a focus on: • How the architecture is designed for scale – in the control, management and data planes • How physical devices and wide area services can be incorporated in virtual networks • Where the platform is heading in the future  Reinforce the value proposition of network virtualization
4 Compute Virtualization Abstraction Layer Why we need network virtualization Physical Infrastructure • Provisioning is slow • Placement is limited • Mobility is limited • Hardware dependent • Operationally intensive Networking undoes much of the goodness of server virtualization
5 The Solution – Virtualize the Network Physical Infrastructure Compute Virtualization Abstraction Layer • Programmatic provisioning • Place any workload anywhere • Move any workload anywhere • Decoupled from hardware • Operationally efficient Network Virtualization Abstraction Layer Software Defined Data Center • Provisioning is slow • Placement is limited • Mobility is limited • Hardware dependent • Operationally intensive SOFTWARE-DEFINED DATACENTER SERVICES VDC
6 What is Network Virtualization? Physical Compute & Memory Server Hypervisor Requirement: x86 Virtual Machine Virtual Machine Virtual Machine Application Application Application x86 Environment Physical Network Network Virtualization Platform Requirement: IP Transport Virtual Network Virtual Network Virtual Network Workload Workload Workload L2, L3, L4-7 Network Services Decoupled
7 The Starting Point for Network Virtualization: Virtual Switch Hypervisor vSwitch Hypervisor vSwitch Physical Network
8 VLAN L2 L3 Virtual Network L2 NSX Gateway NSX – The Network Virtualization Platform Physical Network vSphere Host vSphere Host KVM Xen Server NSX vSwitch NSX vSwitch Open vSwitch Open vSwitch Hardware Software Controller Cluster VLAN VTEP API HW Partner VM VM “NSX API” CMP
9 NSX Controller NSX Controller NSX Controller NSX Controller NSX Controller NSX Controller scale out  All nodes active  Workload sliced among nodes  Live software upgrades Node 5 Node 4 WebService API Persistent Storage Logical Network Transport Network Node 1 Node 2 Node 3 Controller Cluster OpenStack CEE Day 2013
10 Tunnels are like cables Physical STT HypervisorHypervisor WORLD VXLAN VXLAN Virtual Network Cable Cable Cable Copper Cable Controller Third party hardware
11 Why Not a Single Tunnel Format?  STT was designed to optimize performance for hypervisor- hypervisor traffic • Leveraging commodity NIC behavior so that tunneling has negligible performance impact • Unfortunately, it’s hard for switches to implement & can raise issues with firewalls  VXLAN is the de facto industry standard for network virtualization • Ideal for multi-vendor situations (e.g. vswitch-physical switch communication) • Will start to see NIC support for high performance in the next year  Extensibility of the header likely needed • STT has 64-bit “context” vs 24-bit VNI  Tunnel format decoupled from control plane  Tunnel format != virtualization architecture
12 Visibility & Virtual Networks  Historically challenging to troubleshoot connectivity between VMs • Is the problem in vswitch or physical network? • What’s the path through the physical network? • Is there a (misconfigured) middlebox in the path?  Network virtualization gives us tools to handle this: • Decomposition: separate the physical from the virtual • Global view: see all the logical network state (port stats, drops, etc.) and tunnel health from the controller API • Synthetic traffic: insert packets at vswitch as if the VM generated them
13 Hardware VTEPs  Benefits: • Fine-grained access: can pull a single physical port into the virtual world • Connect bare metal workloads with higher performance/throughput  Same operational model (provisioning, monitoring) as virtual networks Consistent provisioning and operations for entire Data Center, regardless of workloads, over a simple IP fabric
14 API (OVSDB) Tunnels (VXLAN) Physical Workloads VM Controller Cluster Hypervisor vSwitch Hypervisor vSwitch Hypervisor vSwitch Hypervisor vSwitchVM VM Logical network (VNI) Connecting the Physical to the Virtual DB VM MACS PHYMACS IP Underlay (no mulitcast required)
15 Demo Topology KVM Server 1 VM100 192.168.1.110 VM101 192.168.1.111 VM102 192.168.1.112 KVM Server 2 VM200 192.168.1.120 Arista 7150 Hardware VTEP Bare-metal Server 192.168.1.200 Ethernet vswitch Ethernet in VXLAN 10.10.100.200 NSX Manager NSX Controller
16
17 Hardware VTEP Summary  Consistent treatment of physical and virtual workloads • Virtual networks created by API calls to controller, as usual • API extended to treat <physical port, VLAN> pair like virtual port  Controller and VTEP share state via database protocol • No multicast requirement for underlay network • State sharing avoids need to flood to learn MACs • OVSDB: same protocol used for Open vSwitch configuration • draft-pfaff-ovsdb-proto-02.txt (submitted for RFC publication) • New schema specific to this usage (vtep.ovsdbschema)  Adds more options on the performance/functionality spectrum for gateways
18 Distributed Services  NSX architecture allows many services to be implemented in a fully distributed way • Examples include firewalls (statefull/stateless), logical routing, load balancing  Benefits: • Scale: no central bottleneck – apply as many vswitches to the task as there are hypervisors in the logical network • Optimal forwarding through the data center – no hairpinning • Ensure all packets get appropriate services applied (cf. centralized firewall)
19 Example: Distributed L3 Forwarding Logical View Hypervisor1 Hypervisor2 Hypervisor3 Hypervisor4 Open vSwitch Open vSwitch Open vSwitch Open vSwitch APP VM WEB VM Physical View L Switch L Switch L Router Web App World
20 Distributed L3 Forwarding (post ARP) Logical View L Switch L Switch L Router Web App World Hypervisor3 Open vSwitch APP VM WEB VM Life of a packet Hypervisor1 SRC Src MAC = Web Dst MAC = Router Src IP = Web Dst IP = App Hypervisor1 Open vSwitch SRC Src MAC = Router Dst MAC = App Src IP = Web Dst IP = App Tunnel
21 IP/MPLS CORE Hypervisor Hypervisor Hypervisor NSX Gateway Open vSwitch Open vSwitch Open vSwitch PE To Customer Sites Connecting Virtualized Data Centers to the WAN SP offers a “Cloud + VPN” service
22 Option A: Map Logical Networks to VLANs NSX Gateway VRF VRF VRF Logical Networks map to VLANs; Each VLAN maps to a VRF (customer- specific routing table) PETo Customer Sites MPLS Core
23 Option B: Map Logical Networks to MPLS Labels NSX Gateway Logical Network Prefixes advertised in MP-BGP with MPLS labels ASBRTo Customer Sites MPLS Core Treat interface like inter-AS (RFC 4364) MPLS Labelled Packets mapped to/from logical networks Forms the basis for federation of data centers
24 What’s next for Network Virtualization?  Changing the operational model of networking • Snapshot, rollback, what-if testing, etc.  Federation/Multi-DC use cases  Physical/Virtual Integration • More network control for physical end-points • Underlay visibility/troubleshooting  Advanced L4-L7 services  Higher level policies drive networking  Application of formal methods (e.g. Header Space Analysis)  And many more…
25 Summary & The Road Ahead  Network virtualization – extending benefits of server virtualization to the whole DC • It’s all about agility • And scale (but benefits appear even at modest scale)  Network virtualization brings the benefits of a programmatic operational model: • Provision complex applications & topologies in software  increased automation • Decoupled from hardware • Evolve new capabilities at software speeds  Arguably the biggest shift in networking in a generation
26 Other VMware Activities Related to This Session  HOL: HOL-SDC-1303 VMware NSX Network Virtualization Platform  Breakout NET5796 Virtualization and Cloud Concepts for Network Administrators
THANK YOU
Advanced VMware NSX Architecture Bruce Davie, VMware NET5716 #NET5716

Recomendados

VMworld 2013: Operational Best Practices for NSX in VMware Environments
VMworld 2013: Operational Best Practices for NSX in VMware Environments VMworld 2013: Operational Best Practices for NSX in VMware Environments
VMworld 2013: Operational Best Practices for NSX in VMware Environments
VMworld
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip Verloy
Filip Verloy
 
VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld
 
VMware NSX primer 2014
VMware NSX primer 2014VMware NSX primer 2014
VMware NSX primer 2014
Sanjay Basu
 
VMware NSX - Lessons Learned from real project
VMware NSX - Lessons Learned from real projectVMware NSX - Lessons Learned from real project
VMware NSX - Lessons Learned from real project
David Pasek
 
The Future of Cloud Networking is VMware NSX
The Future of Cloud Networking is VMware NSXThe Future of Cloud Networking is VMware NSX
The Future of Cloud Networking is VMware NSX
Scott Lowe
 
VMware NSX + Cumulus Networks: Software Defined Networking
VMware NSX + Cumulus Networks: Software Defined NetworkingVMware NSX + Cumulus Networks: Software Defined Networking
VMware NSX + Cumulus Networks: Software Defined Networking
Cumulus Networks
 
VMworld 2014: Virtualize your Network with VMware NSX
VMworld 2014: Virtualize your Network with VMware NSXVMworld 2014: Virtualize your Network with VMware NSX
VMworld 2014: Virtualize your Network with VMware NSX
VMworld
 

Recomendados

VMworld 2013: Operational Best Practices for NSX in VMware Environments
VMworld 2013: Operational Best Practices for NSX in VMware Environments VMworld 2013: Operational Best Practices for NSX in VMware Environments
VMworld 2013: Operational Best Practices for NSX in VMware Environments
VMworld
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip Verloy
Filip Verloy
 
VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld
 
VMware NSX primer 2014
VMware NSX primer 2014VMware NSX primer 2014
VMware NSX primer 2014
Sanjay Basu
 
VMware NSX - Lessons Learned from real project
VMware NSX - Lessons Learned from real projectVMware NSX - Lessons Learned from real project
VMware NSX - Lessons Learned from real project
David Pasek
 
The Future of Cloud Networking is VMware NSX
The Future of Cloud Networking is VMware NSXThe Future of Cloud Networking is VMware NSX
The Future of Cloud Networking is VMware NSX
Scott Lowe
 
VMware NSX + Cumulus Networks: Software Defined Networking
VMware NSX + Cumulus Networks: Software Defined NetworkingVMware NSX + Cumulus Networks: Software Defined Networking
VMware NSX + Cumulus Networks: Software Defined Networking
Cumulus Networks
 
VMworld 2014: Virtualize your Network with VMware NSX
VMworld 2014: Virtualize your Network with VMware NSXVMworld 2014: Virtualize your Network with VMware NSX
VMworld 2014: Virtualize your Network with VMware NSX
VMworld
 
VMworld Europe 2014: Advanced Network Services with NSX
VMworld Europe 2014: Advanced Network Services with NSXVMworld Europe 2014: Advanced Network Services with NSX
VMworld Europe 2014: Advanced Network Services with NSX
VMworld
 
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld
 
VMworld 2014: Introduction to NSX
VMworld 2014: Introduction to NSXVMworld 2014: Introduction to NSX
VMworld 2014: Introduction to NSX
VMworld
 
VMworld 2013: Deploying VMware NSX Network Virtualization
VMworld 2013: Deploying VMware NSX Network Virtualization VMworld 2013: Deploying VMware NSX Network Virtualization
VMworld 2013: Deploying VMware NSX Network Virtualization
VMworld
 
VMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
VMworld 2016: How to Deploy VMware NSX with Cisco InfrastructureVMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
VMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
VMworld
 
Nsx security deep dive
Nsx security deep diveNsx security deep dive
Nsx security deep dive
solarisyougood
 
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
VMworld
 
Network Virtualization with VMware NSX
Network Virtualization with VMware NSXNetwork Virtualization with VMware NSX
Network Virtualization with VMware NSX
Scott Lowe
 
VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...
VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...
VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...
VMworld
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use cases
Angel Villar Garea
 
VMworld 2015: The Future of Network Virtualization with VMware NSX
VMworld 2015: The Future of Network Virtualization with VMware NSXVMworld 2015: The Future of Network Virtualization with VMware NSX
VMworld 2015: The Future of Network Virtualization with VMware NSX
VMworld
 
nsx overview with use cases 1.0
nsx overview with use cases 1.0nsx overview with use cases 1.0
nsx overview with use cases 1.0
Ploynatcha Akkaraputtipat
 
VMworld 2013: VMware NSX Integration with OpenStack
VMworld 2013: VMware NSX Integration with OpenStack VMworld 2013: VMware NSX Integration with OpenStack
VMworld 2013: VMware NSX Integration with OpenStack
VMworld
 
The Vision for the Future of Network Virtualization with VMware NSX
The Vision for the Future of Network Virtualization with VMware NSXThe Vision for the Future of Network Virtualization with VMware NSX
The Vision for the Future of Network Virtualization with VMware NSX
Scott Lowe
 
NSX Reference Design version 3.0
NSX Reference Design version 3.0NSX Reference Design version 3.0
NSX Reference Design version 3.0
Doddi Priyambodo
 
NSX-MH
NSX-MHNSX-MH
NSX-MH
sethuraman ramanathan
 
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
Anthony Burke
 
An Introduction to VMware NSX
An Introduction to VMware NSXAn Introduction to VMware NSX
An Introduction to VMware NSX
Scott Lowe
 
VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...
VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...
VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...
VMworld
 
Software Defined Networking (SDN) with VMware NSX
Software Defined Networking (SDN) with VMware NSXSoftware Defined Networking (SDN) with VMware NSX
Software Defined Networking (SDN) with VMware NSX
Zivaro Inc
 
VMworld 2013: What's New with VMware Horizon Workspace: Technical Deep Dive
VMworld 2013: What's New with VMware Horizon Workspace: Technical Deep DiveVMworld 2013: What's New with VMware Horizon Workspace: Technical Deep Dive
VMworld 2013: What's New with VMware Horizon Workspace: Technical Deep Dive
VMworld
 
Deltagarlista dialogmöte den 2 februari
Deltagarlista dialogmöte den 2 februariDeltagarlista dialogmöte den 2 februari
Deltagarlista dialogmöte den 2 februari
Johan Westerholm
 

Mais conteúdo relacionado

Mais procurados

NSX Reference Design version 3.0
NSX Reference Design version 3.0NSX Reference Design version 3.0
NSX Reference Design version 3.0
Doddi Priyambodo
 
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
Anthony Burke
 
Software Defined Networking (SDN) with VMware NSX
Software Defined Networking (SDN) with VMware NSXSoftware Defined Networking (SDN) with VMware NSX
Software Defined Networking (SDN) with VMware NSX
Zivaro Inc
 

Mais procurados (20)

VMworld Europe 2014: Advanced Network Services with NSX
VMworld Europe 2014: Advanced Network Services with NSXVMworld Europe 2014: Advanced Network Services with NSX
VMworld Europe 2014: Advanced Network Services with NSX
 
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
 
VMworld 2014: Introduction to NSX
VMworld 2014: Introduction to NSXVMworld 2014: Introduction to NSX
VMworld 2014: Introduction to NSX
 
VMworld 2013: Deploying VMware NSX Network Virtualization
VMworld 2013: Deploying VMware NSX Network Virtualization VMworld 2013: Deploying VMware NSX Network Virtualization
VMworld 2013: Deploying VMware NSX Network Virtualization
 
VMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
VMworld 2016: How to Deploy VMware NSX with Cisco InfrastructureVMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
VMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
 
Nsx security deep dive
Nsx security deep diveNsx security deep dive
Nsx security deep dive
 
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
 
Network Virtualization with VMware NSX
Network Virtualization with VMware NSXNetwork Virtualization with VMware NSX
Network Virtualization with VMware NSX
 
VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...
VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...
VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use cases
 
VMworld 2015: The Future of Network Virtualization with VMware NSX
VMworld 2015: The Future of Network Virtualization with VMware NSXVMworld 2015: The Future of Network Virtualization with VMware NSX
VMworld 2015: The Future of Network Virtualization with VMware NSX
 
nsx overview with use cases 1.0
nsx overview with use cases 1.0nsx overview with use cases 1.0
nsx overview with use cases 1.0
 
VMworld 2013: VMware NSX Integration with OpenStack
VMworld 2013: VMware NSX Integration with OpenStack VMworld 2013: VMware NSX Integration with OpenStack
VMworld 2013: VMware NSX Integration with OpenStack
 
The Vision for the Future of Network Virtualization with VMware NSX
The Vision for the Future of Network Virtualization with VMware NSXThe Vision for the Future of Network Virtualization with VMware NSX
The Vision for the Future of Network Virtualization with VMware NSX
 
NSX Reference Design version 3.0
NSX Reference Design version 3.0NSX Reference Design version 3.0
NSX Reference Design version 3.0
 
NSX-MH
NSX-MHNSX-MH
NSX-MH
 
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
 
An Introduction to VMware NSX
An Introduction to VMware NSXAn Introduction to VMware NSX
An Introduction to VMware NSX
 
VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...
VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...
VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...
 
Software Defined Networking (SDN) with VMware NSX
Software Defined Networking (SDN) with VMware NSXSoftware Defined Networking (SDN) with VMware NSX
Software Defined Networking (SDN) with VMware NSX
 

Destaque

Deltagarlista dialogmöte den 2 februari
Deltagarlista dialogmöte den 2 februariDeltagarlista dialogmöte den 2 februari
Deltagarlista dialogmöte den 2 februari
Johan Westerholm
 

Destaque (12)

VMworld 2013: What's New with VMware Horizon Workspace: Technical Deep Dive
VMworld 2013: What's New with VMware Horizon Workspace: Technical Deep DiveVMworld 2013: What's New with VMware Horizon Workspace: Technical Deep Dive
VMworld 2013: What's New with VMware Horizon Workspace: Technical Deep Dive
 
Deltagarlista dialogmöte den 2 februari
Deltagarlista dialogmöte den 2 februariDeltagarlista dialogmöte den 2 februari
Deltagarlista dialogmöte den 2 februari
 
Juniper Festa @ Interop Tokyo 2015
Juniper Festa @ Interop Tokyo 2015Juniper Festa @ Interop Tokyo 2015
Juniper Festa @ Interop Tokyo 2015
 
Osdc2014 openstack networking yves_fauser
Osdc2014 openstack networking yves_fauserOsdc2014 openstack networking yves_fauser
Osdc2014 openstack networking yves_fauser
 
VMworld 2016: Advanced Network Services with NSX
VMworld 2016: Advanced Network Services with NSXVMworld 2016: Advanced Network Services with NSX
VMworld 2016: Advanced Network Services with NSX
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep Dive
 
Understanding and deploying Network Virtualization
Understanding and deploying Network VirtualizationUnderstanding and deploying Network Virtualization
Understanding and deploying Network Virtualization
 
#NET5488 - Troubleshooting Methodology for VMware NSX - VMworld 2015
#NET5488 - Troubleshooting Methodology for VMware NSX - VMworld 2015#NET5488 - Troubleshooting Methodology for VMware NSX - VMworld 2015
#NET5488 - Troubleshooting Methodology for VMware NSX - VMworld 2015
 
VMware Ready vRealize Automation Program
VMware Ready vRealize Automation ProgramVMware Ready vRealize Automation Program
VMware Ready vRealize Automation Program
 
Cloud Management with vRealize Operations
Cloud Management with vRealize OperationsCloud Management with vRealize Operations
Cloud Management with vRealize Operations
 
Cloud Computing Using OpenStack
Cloud Computing Using OpenStack Cloud Computing Using OpenStack
Cloud Computing Using OpenStack
 
VNG/IRD - Cloud computing & Openstack discussion 3/5/2014
VNG/IRD - Cloud computing & Openstack discussion 3/5/2014VNG/IRD - Cloud computing & Openstack discussion 3/5/2014
VNG/IRD - Cloud computing & Openstack discussion 3/5/2014
 

Semelhante a VMworld 2013: Advanced VMware NSX Architecture

Net1674 final emea
Net1674 final emeaNet1674 final emea
Net1674 final emea
VMworld
 
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Dan Mihai Dumitriu
 

Semelhante a VMworld 2013: Advanced VMware NSX Architecture (20)

VMworld 2013: Designing Network Virtualization for Data-Centers: Greenfield D...
VMworld 2013: Designing Network Virtualization for Data-Centers: Greenfield D...VMworld 2013: Designing Network Virtualization for Data-Centers: Greenfield D...
VMworld 2013: Designing Network Virtualization for Data-Centers: Greenfield D...
 
VMworld 2013: An Introduction to Network Virtualization
VMworld 2013: An Introduction to Network Virtualization VMworld 2013: An Introduction to Network Virtualization
VMworld 2013: An Introduction to Network Virtualization
 
VMworld 2014: Advanced Topics & Future Directions in Network Virtualization w...
VMworld 2014: Advanced Topics & Future Directions in Network Virtualization w...VMworld 2014: Advanced Topics & Future Directions in Network Virtualization w...
VMworld 2014: Advanced Topics & Future Directions in Network Virtualization w...
 
Reference design for v mware nsx
Reference design for v mware nsxReference design for v mware nsx
Reference design for v mware nsx
 
Network Virtualization Meets the WAN
Network Virtualization Meets the WANNetwork Virtualization Meets the WAN
Network Virtualization Meets the WAN
 
Net1674 final emea
Net1674 final emeaNet1674 final emea
Net1674 final emea
 
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
Midokura OpenStack Day Korea Talk: MidoNet Open Source Network Virtualization...
 
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della SicurezzaNSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
 
Understanding network and service virtualization
Understanding network and service virtualizationUnderstanding network and service virtualization
Understanding network and service virtualization
 
VMworld 2013: vSphere Networking and vCloud Networking Suite Best Practices a...
VMworld 2013: vSphere Networking and vCloud Networking Suite Best Practices a...VMworld 2013: vSphere Networking and vCloud Networking Suite Best Practices a...
VMworld 2013: vSphere Networking and vCloud Networking Suite Best Practices a...
 
NFV в сетях операторов связи
NFV в сетях операторов связиNFV в сетях операторов связи
NFV в сетях операторов связи
 
VMware nsx network virtualization tool
VMware nsx network virtualization toolVMware nsx network virtualization tool
VMware nsx network virtualization tool
 
OVHcloud Hosted Private Cloud Platform Network use cases with VMware NSX
OVHcloud Hosted Private Cloud Platform Network use cases with VMware NSXOVHcloud Hosted Private Cloud Platform Network use cases with VMware NSX
OVHcloud Hosted Private Cloud Platform Network use cases with VMware NSX
 
PLNOG16: VXLAN Gateway, efektywny sposób połączenia świata wirtualnego z fizy...
PLNOG16: VXLAN Gateway, efektywny sposób połączenia świata wirtualnego z fizy...PLNOG16: VXLAN Gateway, efektywny sposób połączenia świata wirtualnego z fizy...
PLNOG16: VXLAN Gateway, efektywny sposób połączenia świata wirtualnego z fizy...
 
Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep Dive
 
Dave Chandler Presents SDN at World Wide Technology's TECday - St. Louis
Dave Chandler Presents SDN at World Wide Technology's TECday - St. LouisDave Chandler Presents SDN at World Wide Technology's TECday - St. Louis
Dave Chandler Presents SDN at World Wide Technology's TECday - St. Louis
 
VMware NSX and Arista L2 Hardware VTEP Gateway Integration
VMware NSX and Arista L2 Hardware VTEP Gateway IntegrationVMware NSX and Arista L2 Hardware VTEP Gateway Integration
VMware NSX and Arista L2 Hardware VTEP Gateway Integration
 
CloudKC: Evolution of Network Virtualization
CloudKC: Evolution of Network VirtualizationCloudKC: Evolution of Network Virtualization
CloudKC: Evolution of Network Virtualization
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
 

Mais de VMworld

VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld
 
VMworld 2015: Advanced SQL Server on vSphere
VMworld 2015: Advanced SQL Server on vSphereVMworld 2015: Advanced SQL Server on vSphere
VMworld 2015: Advanced SQL Server on vSphere
VMworld
 
VMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's BackboneVMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's Backbone
VMworld
 

Mais de VMworld (20)

VMworld 2016: vSphere 6.x Host Resource Deep Dive
VMworld 2016: vSphere 6.x Host Resource Deep DiveVMworld 2016: vSphere 6.x Host Resource Deep Dive
VMworld 2016: vSphere 6.x Host Resource Deep Dive
 
VMworld 2016: Troubleshooting 101 for Horizon
VMworld 2016: Troubleshooting 101 for HorizonVMworld 2016: Troubleshooting 101 for Horizon
VMworld 2016: Troubleshooting 101 for Horizon
 
VMworld 2016: Enforcing a vSphere Cluster Design with PowerCLI Automation
VMworld 2016: Enforcing a vSphere Cluster Design with PowerCLI AutomationVMworld 2016: Enforcing a vSphere Cluster Design with PowerCLI Automation
VMworld 2016: Enforcing a vSphere Cluster Design with PowerCLI Automation
 
VMworld 2016: What's New with Horizon 7
VMworld 2016: What's New with Horizon 7VMworld 2016: What's New with Horizon 7
VMworld 2016: What's New with Horizon 7
 
VMworld 2016: Virtual Volumes Technical Deep Dive
VMworld 2016: Virtual Volumes Technical Deep DiveVMworld 2016: Virtual Volumes Technical Deep Dive
VMworld 2016: Virtual Volumes Technical Deep Dive
 
VMworld 2016: Advances in Remote Display Protocol Technology with VMware Blas...
VMworld 2016: Advances in Remote Display Protocol Technology with VMware Blas...VMworld 2016: Advances in Remote Display Protocol Technology with VMware Blas...
VMworld 2016: Advances in Remote Display Protocol Technology with VMware Blas...
 
VMworld 2016: The KISS of vRealize Operations!
VMworld 2016: The KISS of vRealize Operations! VMworld 2016: The KISS of vRealize Operations!
VMworld 2016: The KISS of vRealize Operations!
 
VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...
VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...
VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...
 
VMworld 2016: Ask the vCenter Server Exerts Panel
VMworld 2016: Ask the vCenter Server Exerts PanelVMworld 2016: Ask the vCenter Server Exerts Panel
VMworld 2016: Ask the vCenter Server Exerts Panel
 
VMworld 2016: Virtualize Active Directory, the Right Way!
VMworld 2016: Virtualize Active Directory, the Right Way! VMworld 2016: Virtualize Active Directory, the Right Way!
VMworld 2016: Virtualize Active Directory, the Right Way!
 
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...
 
VMworld 2015: Troubleshooting for vSphere 6
VMworld 2015: Troubleshooting for vSphere 6VMworld 2015: Troubleshooting for vSphere 6
VMworld 2015: Troubleshooting for vSphere 6
 
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
 
VMworld 2015: Advanced SQL Server on vSphere
VMworld 2015: Advanced SQL Server on vSphereVMworld 2015: Advanced SQL Server on vSphere
VMworld 2015: Advanced SQL Server on vSphere
 
VMworld 2015: Virtualize Active Directory, the Right Way!
VMworld 2015: Virtualize Active Directory, the Right Way!VMworld 2015: Virtualize Active Directory, the Right Way!
VMworld 2015: Virtualize Active Directory, the Right Way!
 
VMworld 2015: Site Recovery Manager and Policy Based DR Deep Dive with Engine...
VMworld 2015: Site Recovery Manager and Policy Based DR Deep Dive with Engine...VMworld 2015: Site Recovery Manager and Policy Based DR Deep Dive with Engine...
VMworld 2015: Site Recovery Manager and Policy Based DR Deep Dive with Engine...
 
VMworld 2015: Building a Business Case for Virtual SAN
VMworld 2015: Building a Business Case for Virtual SANVMworld 2015: Building a Business Case for Virtual SAN
VMworld 2015: Building a Business Case for Virtual SAN
 
VMworld 2015: Explaining Advanced Virtual Volumes Configurations
VMworld 2015: Explaining Advanced Virtual Volumes ConfigurationsVMworld 2015: Explaining Advanced Virtual Volumes Configurations
VMworld 2015: Explaining Advanced Virtual Volumes Configurations
 
VMworld 2015: Virtual Volumes Technical Deep Dive
VMworld 2015: Virtual Volumes Technical Deep DiveVMworld 2015: Virtual Volumes Technical Deep Dive
VMworld 2015: Virtual Volumes Technical Deep Dive
 
VMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's BackboneVMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's Backbone
 

Último

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 

Último (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

VMworld 2013: Advanced VMware NSX Architecture

  • 1. Advanced VMware NSX Architecture Bruce Davie, VMware NET5716 #NET5716
  • 2. 2 Agenda  Network Virtualization Refresher  NSX Architecture  Scale  Integrating Physical Workloads in Virtual Networks  Distributed Services  Connecting with WAN services  Summary & Future Directions
  • 3. 3 Objective  Provide a deep dive into the architecture of NSX, with a focus on: • How the architecture is designed for scale – in the control, management and data planes • How physical devices and wide area services can be incorporated in virtual networks • Where the platform is heading in the future  Reinforce the value proposition of network virtualization
  • 4. 4 Compute Virtualization Abstraction Layer Why we need network virtualization Physical Infrastructure • Provisioning is slow • Placement is limited • Mobility is limited • Hardware dependent • Operationally intensive Networking undoes much of the goodness of server virtualization
  • 5. 5 The Solution – Virtualize the Network Physical Infrastructure Compute Virtualization Abstraction Layer • Programmatic provisioning • Place any workload anywhere • Move any workload anywhere • Decoupled from hardware • Operationally efficient Network Virtualization Abstraction Layer Software Defined Data Center • Provisioning is slow • Placement is limited • Mobility is limited • Hardware dependent • Operationally intensive SOFTWARE-DEFINED DATACENTER SERVICES VDC
  • 6. 6 What is Network Virtualization? Physical Compute & Memory Server Hypervisor Requirement: x86 Virtual Machine Virtual Machine Virtual Machine Application Application Application x86 Environment Physical Network Network Virtualization Platform Requirement: IP Transport Virtual Network Virtual Network Virtual Network Workload Workload Workload L2, L3, L4-7 Network Services Decoupled
  • 7. 7 The Starting Point for Network Virtualization: Virtual Switch Hypervisor vSwitch Hypervisor vSwitch Physical Network
  • 8. 8 VLAN L2 L3 Virtual Network L2 NSX Gateway NSX – The Network Virtualization Platform Physical Network vSphere Host vSphere Host KVM Xen Server NSX vSwitch NSX vSwitch Open vSwitch Open vSwitch Hardware Software Controller Cluster VLAN VTEP API HW Partner VM VM “NSX API” CMP
  • 9. 9 NSX Controller NSX Controller NSX Controller NSX Controller NSX Controller NSX Controller scale out  All nodes active  Workload sliced among nodes  Live software upgrades Node 5 Node 4 WebService API Persistent Storage Logical Network Transport Network Node 1 Node 2 Node 3 Controller Cluster OpenStack CEE Day 2013
  • 10. 10 Tunnels are like cables Physical STT HypervisorHypervisor WORLD VXLAN VXLAN Virtual Network Cable Cable Cable Copper Cable Controller Third party hardware
  • 11. 11 Why Not a Single Tunnel Format?  STT was designed to optimize performance for hypervisor- hypervisor traffic • Leveraging commodity NIC behavior so that tunneling has negligible performance impact • Unfortunately, it’s hard for switches to implement & can raise issues with firewalls  VXLAN is the de facto industry standard for network virtualization • Ideal for multi-vendor situations (e.g. vswitch-physical switch communication) • Will start to see NIC support for high performance in the next year  Extensibility of the header likely needed • STT has 64-bit “context” vs 24-bit VNI  Tunnel format decoupled from control plane  Tunnel format != virtualization architecture
  • 12. 12 Visibility & Virtual Networks  Historically challenging to troubleshoot connectivity between VMs • Is the problem in vswitch or physical network? • What’s the path through the physical network? • Is there a (misconfigured) middlebox in the path?  Network virtualization gives us tools to handle this: • Decomposition: separate the physical from the virtual • Global view: see all the logical network state (port stats, drops, etc.) and tunnel health from the controller API • Synthetic traffic: insert packets at vswitch as if the VM generated them
  • 13. 13 Hardware VTEPs  Benefits: • Fine-grained access: can pull a single physical port into the virtual world • Connect bare metal workloads with higher performance/throughput  Same operational model (provisioning, monitoring) as virtual networks Consistent provisioning and operations for entire Data Center, regardless of workloads, over a simple IP fabric
  • 14. 14 API (OVSDB) Tunnels (VXLAN) Physical Workloads VM Controller Cluster Hypervisor vSwitch Hypervisor vSwitch Hypervisor vSwitch Hypervisor vSwitchVM VM Logical network (VNI) Connecting the Physical to the Virtual DB VM MACS PHYMACS IP Underlay (no mulitcast required)
  • 15. 15 Demo Topology KVM Server 1 VM100 192.168.1.110 VM101 192.168.1.111 VM102 192.168.1.112 KVM Server 2 VM200 192.168.1.120 Arista 7150 Hardware VTEP Bare-metal Server 192.168.1.200 Ethernet vswitch Ethernet in VXLAN 10.10.100.200 NSX Manager NSX Controller
  • 16. 16
  • 17. 17 Hardware VTEP Summary  Consistent treatment of physical and virtual workloads • Virtual networks created by API calls to controller, as usual • API extended to treat <physical port, VLAN> pair like virtual port  Controller and VTEP share state via database protocol • No multicast requirement for underlay network • State sharing avoids need to flood to learn MACs • OVSDB: same protocol used for Open vSwitch configuration • draft-pfaff-ovsdb-proto-02.txt (submitted for RFC publication) • New schema specific to this usage (vtep.ovsdbschema)  Adds more options on the performance/functionality spectrum for gateways
  • 18. 18 Distributed Services  NSX architecture allows many services to be implemented in a fully distributed way • Examples include firewalls (statefull/stateless), logical routing, load balancing  Benefits: • Scale: no central bottleneck – apply as many vswitches to the task as there are hypervisors in the logical network • Optimal forwarding through the data center – no hairpinning • Ensure all packets get appropriate services applied (cf. centralized firewall)
  • 19. 19 Example: Distributed L3 Forwarding Logical View Hypervisor1 Hypervisor2 Hypervisor3 Hypervisor4 Open vSwitch Open vSwitch Open vSwitch Open vSwitch APP VM WEB VM Physical View L Switch L Switch L Router Web App World
  • 20. 20 Distributed L3 Forwarding (post ARP) Logical View L Switch L Switch L Router Web App World Hypervisor3 Open vSwitch APP VM WEB VM Life of a packet Hypervisor1 SRC Src MAC = Web Dst MAC = Router Src IP = Web Dst IP = App Hypervisor1 Open vSwitch SRC Src MAC = Router Dst MAC = App Src IP = Web Dst IP = App Tunnel
  • 21. 21 IP/MPLS CORE Hypervisor Hypervisor Hypervisor NSX Gateway Open vSwitch Open vSwitch Open vSwitch PE To Customer Sites Connecting Virtualized Data Centers to the WAN SP offers a “Cloud + VPN” service
  • 22. 22 Option A: Map Logical Networks to VLANs NSX Gateway VRF VRF VRF Logical Networks map to VLANs; Each VLAN maps to a VRF (customer- specific routing table) PETo Customer Sites MPLS Core
  • 23. 23 Option B: Map Logical Networks to MPLS Labels NSX Gateway Logical Network Prefixes advertised in MP-BGP with MPLS labels ASBRTo Customer Sites MPLS Core Treat interface like inter-AS (RFC 4364) MPLS Labelled Packets mapped to/from logical networks Forms the basis for federation of data centers
  • 24. 24 What’s next for Network Virtualization?  Changing the operational model of networking • Snapshot, rollback, what-if testing, etc.  Federation/Multi-DC use cases  Physical/Virtual Integration • More network control for physical end-points • Underlay visibility/troubleshooting  Advanced L4-L7 services  Higher level policies drive networking  Application of formal methods (e.g. Header Space Analysis)  And many more…
  • 25. 25 Summary & The Road Ahead  Network virtualization – extending benefits of server virtualization to the whole DC • It’s all about agility • And scale (but benefits appear even at modest scale)  Network virtualization brings the benefits of a programmatic operational model: • Provision complex applications & topologies in software  increased automation • Decoupled from hardware • Evolve new capabilities at software speeds  Arguably the biggest shift in networking in a generation
  • 26. 26 Other VMware Activities Related to This Session  HOL: HOL-SDC-1303 VMware NSX Network Virtualization Platform  Breakout NET5796 Virtualization and Cloud Concepts for Network Administrators
  • 28.
  • 29. Advanced VMware NSX Architecture Bruce Davie, VMware NET5716 #NET5716