Upload
abigail-thornton
View
219
Download
2
Embed Size (px)
Citation preview
NetCloud 2013
Non-Tunneling Edge-Overlay Modelusing OpenFlow for Cloud Datacenter Networks
Nagoya Institute of Technology, Japan
Ryota Kawashima and Hiroshi Matsuo
2
Outlines
Backgrounds
Edge-Overlay (Distributed Tunnels)
Proposed method
Evaluation
Conclusion
3
Backgrounds – Network Virtualization
Multi-tenant Datacenter Networks Each tenant uses virtual networks Each virtual network shares the physical network resources
Physical network10.0.0.0/8
VMVM
VM
VMVM
VM
VMVM
VM
Virtual network192.168.0.0/24
Virtual network172.16.2.0/16 Virtual network
10.0.0.0/8
Tenant 1
Tenant 2
Tenant 3
4
Backgrounds – VLAN limitations
Each virtual network has its own VLAN ID
A VLAN tag is inserted into Ethernet frames
Ethernet VLAN Payload FCS
Problems with VLAN
• The maximum number of VLANs is 4094
• Physical switches learn VMs' MAC addresses
VLAN ID (1~ 4094) is included
VM's frame
5
Backgrounds – Edge-Overlay
L2-in-L3 tunneling
VM VM
Virtual switch
Physical serverPhysical server
VLAN problems can be addressed• Over 16 million virtual networks can be supported• VMs' MAC addresses are hidden from physical switches
Existing network devices can be used• Virtual switches provide many high-level functions
Virtual switch
6
Tunneling protocols
Ethernet(Physical)
IP(Physical)
VXLANUDP FCSEthernet(Virtual)
Payload
VXLAN VM's frame
Ethernet(Physical)
IP(Physical)
NVGRE FCSEthernet(Virtual)
Payload
NVGRE VM's frame
Ethernet(Physical)
IP(Physical)
STTTCP-like FCSEthernet(Virtual)
Payload
STT VM's frame
24bit ID
24bit ID
64bit IDTCP-like headerNIC offloading (TSO)
7
Problems with Tunneling (1 / 2)
IP Fragmentation at the physical server
Payload
PayloadHeader
Payload Payload
PayloadHeader PayloadHeader
VM
PhysicalServer
Header Payload
PayloadHeader
Fragmentation
Fragmentation
8
Problems with Tunneling (2 / 2)
Compatibility with existing environment IP Multicasting should be supported (VXLAN) Load balancing (ECMP) is not supported (NVGRE) Firewalls, IDS, load balancer may discard the frames (STT) TSO cannot be used (VXLAN, NVGRE)
Practical problem Supported protocols differs between products (vendor lock-in)
9
Proposed Method
Yet another edge-overlay method Tunneling protocols are not used No IP fragmentation at the physical server layer OpenFlow-enabled virtual switches No VLAN limitations Compatibility with existing environment
10
Method1 - MAC Address Translation
MAC addresses within the frame are replaced SRC address : VM1's address => SV1's address DEST address : VM2's address => SV2's address
VM 1 VM 2VM1 => VM2
Physical Server (SV1) Physical Server (SV2)
SV1 => SV2 SV1 => VM2
VMs' MAC addresses are hidden from the physical switches
Virtual Switch Virtual Switch
11
Method2 – Host-based VLAN
VM VM VM
Tenant 1 Tenant 2
VID=10VID=10 VID=20
Server
Server
VM VM
Tenant 1 Tenant 2
VID=20VID=10
Virtual Network(VID10)
Virtual Network(VID20)
Traditional
VM VM VM
Tenant 1 Tenant 2
VID=10VID=20 VID=30
Server
Server
VM VM
Tenant 1 Tenant 2
VID=20VID=10
ProposalVID is globally unique VID is unique within a server
12
Feature Comparison
Proposal VXLAN NVGRE STT VLAN
Physical Network L2 L2 / L3 L2 / L3 L2 / L3 L2
MAC address hiding ✔ ✔ ✔ ✔ -
No. of virtual networks Unlimited 16 million 16 million 18 quintillion 4094
IP Multicasting - Required - - -
Load balancing (ECMP) ✔ ✔ - ✔ ✔
FW, IDS, LB Transparency ✔ ✔ ✔ - ✔
IP Fragmentation (Physical) - Occur Occur Occur -
TSO support ✔ - - ✔ ✔
13
Performance Evaluation
VM-to-VM communication
Virtualswitch
Physical server 1
VM1 (Sender)
Iperfclient
VM2 (Receiver)
Physical server 2
GbE switching hub
Virtualswitch
OpenFlowController
Iperfserver
GRE / VXLAN tunnel
14
Evaluation Result (UDP)
• The performance of proposed method was equal to "Optimal"
• IP fragmentation affected the no. of frames and performance
Fragmentation at the VM
Fragmentation by GRE encapsulationFragmentation by VXLAN encapsulation
The no. of frames = 3
The no. of frames = 5
15
Conclusion
Yet another Edge-overlay method No tunneling protocols No IP fragmentation at physical server layer Higher throughput than tunneling protocols L2 network
Future Work Further evaluation is necessary
• 10/40 GbE environment MPLS support