Network Virtualization in Multi-tenant Datacenters Author: VMware, UC Berkeley and ICSI Publisher: 11th USENIX Symposium on Networked Systems Design and.

Slides:



Advertisements
Similar presentations
And many others…. Deliver networking as part of pooled, automated infrastructure Ensure multitenant isolation, scale and performance Expand.
Advertisements

PortLand: A Scalable Fault-Tolerant Layer 2 Data Center Network Fabric
IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.
Author : Martín Casado, Teemu Koponen, Scott Shenker, Amin Tootoonchian Publisher : Presenter : Pei-Hua Huang Date : 2013/10/02 Fabric: A Retrospective.
Xen , Linux Vserver , Planet Lab
Chapter 18. IP: Internet Protocol Addresses
SDN in Openstack - A real-life implementation Leo Wong.
Network Overlay Framework Draft-lasserre-nvo3-framework-01.
Must have static IP address pool and VLANs for Provider Address (PA) network – network on which NVGRE encapsulated packets are sent All subnets.
Internet In A Slice Andy Bavier CS461 Lecture.
Institute of Technology, Sligo Dept of Computing Semester 3, version Semester 3 Chapter 3 VLANs.
Chapter 9 Classification And Forwarding. Outline.
1 25\10\2010 Unit-V Connecting LANs Unit – 5 Connecting DevicesConnecting Devices Backbone NetworksBackbone Networks Virtual LANsVirtual LANs.
COMPUTER NETWORKS.
1 MASTERING (VIRTUAL) NETWORKS A Case Study of Virtualizing Internet Lab Avin Chen Borokhovich Michael Goldfeld Arik.
Network+ Guide to Networks 6 th Edition Chapter 10 Virtual Networks and Remote Access.
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—1-1 MPLS Concepts Introducing Basic MPLS Concepts.
Data Center Network Redesign using SDN
OpenFlow-Based Server Load Balancing GoneWild Author : Richard Wang, Dana Butnariu, Jennifer Rexford Publisher : Hot-ICE'11 Proceedings of the 11th USENIX.
LECTURE 9 CT1303 LAN. LAN DEVICES Network: Nodes: Service units: PC Interface processing Modules: it doesn’t generate data, but just it process it and.
G64INC Introduction to Network Communications Ho Sooi Hock Internet Protocol.
Lecture 2 TCP/IP Protocol Suite Reference: TCP/IP Protocol Suite, 4 th Edition (chapter 2) 1.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Fast forwarding table lookup exploiting GPU memory architecture Author : Youngjun Lee,Minseon Jeong,Sanghwan Lee,Eun-Jin Im Publisher : Information and.
Chapter 8: Virtual LAN (VLAN)
ECE 526 – Network Processing Systems Design Networking: protocols and packet format Chapter 3: D. E. Comer Fall 2008.
Cloud Scale Performance & Diagnosability Comprehensive SDN Core Infrastructure Enhancements vRSS Remote Live Monitoring NIC Teaming Hyper-V Network.
Overview of computer communication and Networking Communication VS transmission Computer Network Types of networks Network Needs Standards.
A Hybrid IP Lookup Architecture with Fast Updates Author : Layong Luo, Gaogang Xie, Yingke Xie, Laurent Mathy, Kavé Salamatian Conference: IEEE INFOCOM,
25-Oct-15Network Layer Connecting Devices Networks do not normally operate in isolation.They are connected to one another using connecting devices. The.
IP1 The Underlying Technologies. What is inside the Internet? Or What are the key underlying technologies that make it work so successfully? –Packet Switching.
MPLS Concepts Introducing Basic MPLS Concepts. Outline Overview What Are the Foundations of Traditional IP Routing? Basic MPLS Features Benefits of MPLS.
STORE AND FORWARD & CUT THROUGH FORWARD Switches can use different forwarding techniques— two of these are store-and-forward switching and cut-through.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Connecting Devices CORPORATE INSTITUTE OF SCIENCE & TECHNOLOGY, BHOPAL Department of Electronics and.
Run-time Adaptive on-chip Communication Scheme 林孟諭 Dept. of Electrical Engineering National Cheng Kung University Tainan, Taiwan, R.O.C.
Virtual Machines Created within the Virtualization layer, such as a hypervisor Shares the physical computer's CPU, hard disk, memory, and network interfaces.
W&L Page 1 CCNA CCNA Training 3.4 Describe the technological requirements for running IPv6 in conjunction with IPv4 Jose Luis Flores /
Research on TCAM-based OpenFlow Switch Author: Fei Long, Zhigang Sun, Ziwen Zhang, Hui Chen, Longgen Liao Conference: 2012 International Conference on.
The Goals Proposal Realizing broadcast/multicast in virtual networks
Memory-Efficient and Scalable Virtual Routers Using FPGA Department of Computer Science and Information Engineering, National Cheng Kung University, Tainan,
Early Detection of DDoS Attacks against SDN Controllers
Rehab AlFallaj.  Network:  Nodes: Service units: PC Interface processing Modules: it doesn’t generate data, but just it process it and do specific task.
OpenFlow MPLS and the Open Source Label Switched Router Department of Computer Science and Information Engineering, National Cheng Kung University, Tainan,
Shadow MACs: Scalable Label- switching for Commodity Ethernet Author: Kanak Agarwal, John Carter, Eric Rozner and Colin Dixon Publisher: HotSDN 2014 Presenter:
GFlow: Towards GPU-based High- Performance Table Matching in OpenFlow Switches Author : Kun Qiu, Zhe Chen, Yang Chen, Jin Zhao, Xin Wang Publisher : Information.
XRBLOCK IETF 85 Atlanta Network Virtualization Architecture Design and Control Plane Requirements draft-fw-nvo3-server2vcenter-01 draft-wu-nvo3-nve2nve.
Fabric: A Retrospective on Evolving SDN Presented by: Tarek Elgamal.
Atrium Router Project Proposal Subhas Mondal, Manoj Nair, Subhash Singh.
Mobile IP THE 12 TH MEETING. Mobile IP  Incorporation of mobile users in the network.  Cellular system (e.g., GSM) started with mobility in mind. 
Network Virtualization Ben Pfaff Nicira Networks, Inc.
Shaopeng, Ho Architect of Chinac Group
SDN challenges Deployment challenges
Heitor Moraes, Marcos Vieira, Italo Cunha, Dorgival Guedes
Scaling the Network: The Internet Protocol
Virtual LANs.
Network+ Guide to Networks 6th Edition
Network Virtualization
2018/11/19 Source Routing with Protocol-oblivious Forwarding to Enable Efficient e-Health Data Transfer Author: Shengru Li, Daoyun Hu, Wenjian Fang and.
2018/12/10 Energy Efficient SDN Commodity Switch based Practical Flow Forwarding Method Author: Amer AlGhadhban and Basem Shihada Publisher: 2016 IEEE/IFIP.
2019/1/1 High Performance Intrusion Detection Using HTTP-Based Payload Aggregation 2017 IEEE 42nd Conference on Local Computer Networks (LCN) Author: Felix.
Virtual TCAM for Data Center Switches
Cloud-Enabling Technology
Scaling the Network: The Internet Protocol
2019/5/2 Using Path Label Routing in Wide Area Software-Defined Networks with OpenFlow ICNP = International Conference on Network Protocols Presenter:Hung-Yen.
2019/5/13 A Weighted ECMP Load Balancing Scheme for Data Centers Using P4 Switches Presenter:Hung-Yen Wang Authors:Peng Wang, George Trimponias, Hong Xu,
Reference Router on NetFPGA 1G
OpenSec:Policy-Based Security Using Software-Defined Networking
2019/10/9 A Weighted ECMP Load Balancing Scheme for Data Centers Using P4 Switches Presenter:Hung-Yen Wang Authors:Jin-Li Ye, Yu-Huang Chu, Chien Chen.
Elmo Muhammad Shahbaz Lalith Suresh, Jennifer Rexford, Nick Feamster,
Presentation transcript:

Network Virtualization in Multi-tenant Datacenters Author: VMware, UC Berkeley and ICSI Publisher: 11th USENIX Symposium on Networked Systems Design and Implementation (NSDI 14) Presenter: Yi-Tsung Huang Date: 2015/09/30 Department of Computer Science and Information Engineering National Cheng Kung University, Taiwan R.O.C.

Introduction multi-tenant datacenter (MTD) the networking layer would support similar properties as the compute layer, in which arbitrary network topologies and addressing architectures could be overlayed onto the same physical network. Network virtualization allows for the creation of virtual networks, each with independent service models, topologies, and addressing architectures, over the same physical network. National Cheng Kung University CSIE Computer & Internet Architecture Lab 2

Introduction In this paper we present NVP, a network virtualization platform that has been deployed in dozens of production environments over the last few years and has hosted tens of thousands of virtual networks and virtual machines. National Cheng Kung University CSIE Computer & Internet Architecture Lab 3

System Design-Abstraction The network hypervisor is a software layer interposed between the provider’s physical forwarding infrastructure and the tenant control planes. National Cheng Kung University CSIE Computer & Internet Architecture Lab 4

System Design-Abstraction Control abstraction must allow tenants to define a set of logical network elements(logical datapaths) that they can configure as they would physical network elements. National Cheng Kung University CSIE Computer & Internet Architecture Lab 5

System Design-Abstraction Packet abstraction must enable packets sent by endpoints in the MTD to be given the same switching, routing and filtering service they would have in the tenant’s home network. National Cheng Kung University CSIE Computer & Internet Architecture Lab 6

System Design -Virtualization Architecture In our NVP design, we implement the logical datapaths in the software virtual switches on each host, leveraging a set of tunnels between every pair of host-hypervisors. National Cheng Kung University CSIE Computer & Internet Architecture Lab 7

System Design -Virtualization Architecture For packet replication, NVP constructs a simple multicast overlay using additional physical forwarding elements called service nodes. Some tenants want to interconnect their logical network with their existing physical one. This is done via gateway appliances. National Cheng Kung University CSIE Computer & Internet Architecture Lab 8

System Design -Virtualization Architecture National Cheng Kung University CSIE Computer & Internet Architecture Lab 9

System Design-Design Challenges Datapath design and acceleration Declarative programming Scaling the computation National Cheng Kung University CSIE Computer & Internet Architecture Lab 10

Virtualization Support at the Edge -Implementing the Logical Datapath NVP uses Open vSwitch (OVS) in all transport nodes to forward packets. OVS is remotely configurable by the NVP controller cluster via two protocols OpenFlow OVSDB management protocol Each logical datapath consists of a series (pipeline) of logical flow tables, each with its own globally- unique identifier. National Cheng Kung University CSIE Computer & Internet Architecture Lab 11

Virtualization Support at the Edge -Implementing the Logical Datapath National Cheng Kung University CSIE Computer & Internet Architecture Lab 12

Virtualization Support at the Edge -Forwarding Performance To achieve efficient flow lookups on x86, OVS exploits traffic locality. To re-enable hardware offloading for encapsulated traffic with existing NICs, NVP uses an encapsulation method called STT. STT places a standard, but fake, TCP header after the physical IP header. National Cheng Kung University CSIE Computer & Internet Architecture Lab 13

Virtualization Support at the Edge -Fast Failovers NVP deployments have multiple service nodes to ensure that any one service node failure does not disrupt logical broadcast and multicast traffic. NVP deployments typically involve multiple gateway nodes for each bridged physical network. NVP must ensure that no loops between the logical and physical networks are possible. National Cheng Kung University CSIE Computer & Internet Architecture Lab 14

Forwarding State Computation National Cheng Kung University CSIE Computer & Internet Architecture Lab 15

Forwarding State Computation National Cheng Kung University CSIE Computer & Internet Architecture Lab 16 we implemented a domain-specific, declarative language called nlog for computing the network forwarding state. The logic is written in a declarative manner that specifies a function mapping the controller input to output.

Forwarding State Computation nlog declarations are Datalog queries: a single declaration is a join over a number of tables that produces immutable tuples for a head table. National Cheng Kung University CSIE Computer & Internet Architecture Lab 17

Controller Cluster -Scaling and Availability of Computation Two-layer distributed controller Logical controllers: Compute flows and tunnels for logical datapaths Physical controllers: Communicate with hypervisors, gateways, and service nodes National Cheng Kung University CSIE Computer & Internet Architecture Lab 18

Controller Cluster -Scaling and Availability of Computation To provide failover within the cluster, NVP provisions hot standbys at both the logical and physical controller layers by exploiting the sharding mechanism. One controller, acting as a sharding coordinator, ensures that every shard is assigned one master controller and one or more other controllers acting as hot standbys. National Cheng Kung University CSIE Computer & Internet Architecture Lab 19

Controller Cluster -Distributed Services NVP is built on the Onix controller platform and thus has access to the elementary distributed services Onix provides. National Cheng Kung University CSIE Computer & Internet Architecture Lab 20

Controller Cluster -Distributed Services Leader election Each controller must know which shard it manages, and must also know when to take over responsibility of slices managed by a controller that has disconnected. Label allocation A network packet encapsulated in a tunnel must carry a label that denotes the logical egress port to which the packet is destined, so the receiving hypervisor can properly process it. National Cheng Kung University CSIE Computer & Internet Architecture Lab 21

Controller Cluster -API for Service Providers To support integrating with a service provider’s existing cloud management system, NVP exposes an HTTP-based REST API in which network elements, physical or logical, are presented as objects. National Cheng Kung University CSIE Computer & Internet Architecture Lab 22

Evaluation-Controller Cluster The configuration in the following tests has 3,000 simulated hypervisors, each with 21 vNICs. There are 7000 logical datapaths, each coupled with a logical control plane modeling a logical switch. The test control cluster has three nodes. Each controller is a bare-metal Intel Xeon 2.4GHz server with 12 cores, 96GB of memory, and 400GB hard disk. National Cheng Kung University CSIE Computer & Internet Architecture Lab 23

Evaluation-Controller Cluster Cold start test simulates bringing the entire system back online after a major datacenter disaster in which all servers crash and all volatile memory is lost. Restore test simulates a milder scenario where the whole control cluster crashes and loses all volatile state but the dataplane remains intact. National Cheng Kung University CSIE Computer & Internet Architecture Lab 24

Evaluation-Controller Cluster Failover test simulates a failure of a single controller within a cluster. Steady state we start with a converged idle system. We then add 10 logical ports to existing switches through API calls, wait for connectivity correctness on these new ports, and then delete them. National Cheng Kung University CSIE Computer & Internet Architecture Lab 25

Evaluation-Controller Cluster National Cheng Kung University CSIE Computer & Internet Architecture Lab 26

Evaluation-Controller Cluster National Cheng Kung University CSIE Computer & Internet Architecture Lab 27

Evaluation-Controller Cluster National Cheng Kung University CSIE Computer & Internet Architecture Lab 28

Evaluation-Controller Cluster National Cheng Kung University CSIE Computer & Internet Architecture Lab 29

Evaluation-Transport Nodes National Cheng Kung University CSIE Computer & Internet Architecture Lab 30

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.