SlideShare une entreprise Scribd logo

OpenVNet - Introduction

Akira Yokokawa
Akira Yokokawa

It'd be honored to announce our product OpenVNet, which offers efficient and seamless network virtualization. This is an open source project under LGPL 3.0, hosted on GitHub (https://github.com/axsh/openvnet)

Technologie
1  sur  37
Télécharger pour lire hors ligne
OpenVNet Axsh co., Ltd. Wednesday, October 30, 13
What is OpenVNet? • • • • • • Spin-off project from Wakame-vdc 4 developers 1170 commits Written in Ruby 9619 LOCs (13033 LOCs with test codes) Started March 2013, now it is 7 month old Wednesday, October 30, 13
Why OpenVNet? • There are many products offering network virtualization but not free • Is there any product to freely try out network virtualization? • • Wakame-vdc offers network virtualization Extract virtual network functionality from Wakame-vdc to make an independent package Wednesday, October 30, 13
Advantages of OpenVNet Freely and easily create/destroy networks • e.g.) quickly preparing an isolated network for experiment Reduce the maintaining cost of the physical networks • • Users can create complex networks on top of OpenVNet Keep the physical networks simple No need expensive network switches • Wednesday, October 30, 13 Edge-overlay architecture enables creating complex multi-tenant networks
Advantages of OpenVNet Seamless network virtualization • • Virtualizing entire network is difficult • OpenVNet supports association with legacy network Why not to start network virtualization from smaller part? Wednesday, October 30, 13
Internal Architecture of OpenVNet Wednesday, October 30, 13
Network model of datacenter Internet DNAT / LB Datacenter network Physical/Virtual server clusters Wednesday, October 30, 13 SNAT DHCP DNS
Network model of datacenter Internet External network DNAT / LB WAN edge network Datacenter network SNAT DHCP DNS Datacenter physical network LAN edge network General servers Appliance servers Physical/Virtual server clusters Resources Wednesday, October 30, 13 Storage servers
Deployment of agent program Internet DNAT / LB agent agent agent Datacenter network agent agent SNAT DHCP DNS agent Physical/Virtual server clusters Wednesday, October 30, 13 Deploy agents for packet control
Message queue Internet DNAT / LB agent agent agent Datacenter Queue network agent agent SNAT DHCP DNS agent Physical/Virtual server clusters Wednesday, October 30, 13 Agents communicate to each other through message queue system
Components of OpenVNet vna (virtual network agent) • • Agent Configure OpenvSwitch (version 1.10.0) Include an OpenFlow controller implemented with Trema-edge vnmgr (virtual network manager) other components • • • Manage the datacenter network Provide database access back-ended by MySQL Command vna to do some specific actions e.g.) update flows vnapi (virtual network API) • WebAPI to talk to vnmgr • Command line interface to use vnapi vnctl (virtual network controller) Wednesday, October 30, 13
Components of OpenVNet Internet DB mysql vna vnmgr vnctl OpenFlow Switch (OpenvSwitch 1.10.0) http vnapi zeromq vna Datacenter Queue network vna vna vna OpenFlow Controller (Trema-edge) OpenFlow 1.3 Servers Wednesday, October 30, 13 vna vna
Deployment External network WAN edge network Datacenter physical network A dedicated line for management Packets for the service go through the public line management line public line eth0 LAN edge network General servers Appliance servers Storage servers Resources Wednesday, October 30, 13 Open vSwitch VM eth1 eth0 eth1 vna Open vSwitch vna VM
Packet forwarding in OpenVNet • MAC2MAC • OpenVNet original way of packet forwarding • Forward packet based on MAC address • GRE Tunnel • Over L3 routing • VNet edge • Perform VLAN ID translation • Associate with legacy network Wednesday, October 30, 13
MAC2MAC Suppose that both VM1 and VM2 exist on the same virtual network public line eth0 Open vSwitch eth1 eth0 eth1 vna Open vSwitch vna virtual network1 VM1 MAC = 00:00:00:00:01 IP = 10.102.0.10 Wednesday, October 30, 13 VM2 MAC = 00:00:00:00:02 IP = 10.102.0.11
MAC2MAC both vna know that VM1 and VM2 exist on virtual network1 public line eth0 Open vSwitch VM1 eth1 eth0 eth1 vna Open vSwitch vna virtual network1 VM2 VM1 = 00:00:00:00:01 VM2 = 00:00:00:00:02 Wednesday, October 30, 13
MAC2MAC VM1 sends ARP request public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 eth1 vna Open vSwitch vna src_ip = 10.102.0.10 dst_ip = 10.102.0.11 src_mac = 00:00:00:00:00:01 dst_mac = ff:ff:ff:ff:ff:ff VM2
MAC2MAC Open vSwitch broadcasts the packet public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 eth1 src_ip = 10.102.0.10 vna dst_ip = 10.102.0.11 src_mac = 00:00:00:00:00:01 dst_mac = ff:ff:ff:ff:ff:ff Open vSwitch vna VM2
MAC2MAC The other hosts receive the packet public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 eth1 src_ip = 10.102.0.10 vna dst_ip = 10.102.0.11 src_mac = 00:00:00:00:00:01 dst_mac = ff:ff:ff:ff:ff:ff Open vSwitch vna VM2
MAC2MAC Open vSwitch checks the src_mac, then it founds the packet is of virtual network1 public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 vna src_mac = 00:00:00:00:00:01 eth0 eth1 Open vSwitch vna VM2
MAC2MAC Remember src_mac in case of other packets whose destination is 00:00:00:00:00:01 public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 eth1 vna Open vSwitch vna dst_mac = 00:00:00:00:00:01 ⇛ output:eth0 VM2
MAC2MAC Forward a packet according to the network public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 eth1 vna Open vSwitch vna src_ip = 10.102.0.10 dst_ip = 10.102.0.11 src_mac = 00:00:00:00:00:01 dst_mac = ff:ff:ff:ff:ff:ff VM2
MAC2MAC ARP reply comes in the Open vSwitch public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 eth1 vna Open vSwitch vna src_ip = 10.102.0.11 dst_ip = 10.102.0.10 src_mac = 00:00:00:00:00:02 dst_mac = 00:00:00:00:00:01 VM2
MAC2MAC Open vSwitch knows that the packet should be forwarded to eth0 public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 vna dst_mac = 00:00:00:00:00:01 ⇛ output:eth0 src_ip = 10.102.0.11 dst_ip = 10.102.0.10 src_mac = 00:00:00:00:00:02 dst_mac = 00:00:00:00:00:01 eth0 eth1 Open vSwitch vna VM2
MAC2MAC The packet is forwarded from eth0 public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 src_ip = 10.102.0.11 dst_ip = 10.102.0.10 vna src_mac = 00:00:00:00:00:02 dst_mac = 00:00:00:00:00:01 eth0 eth1 Open vSwitch vna VM2
MAC2MAC The another host receives the ARP reply packet public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 src_ip = 10.102.0.11 dst_ip = 10.102.0.10 vna src_mac = 00:00:00:00:00:02 dst_mac = 00:00:00:00:00:01 eth0 eth1 Open vSwitch vna VM2
MAC2MAC Remember the source mac address public line eth0 Open vSwitch eth1 eth0 eth1 vna Open vSwitch vna src_mac = 00:00:00:00:00:02 ⇛ output:eth0 VM1 Wednesday, October 30, 13 VM2
MAC2MAC Output the packet to the specific VM public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 eth1 vna Open vSwitch vna src_ip = 10.102.0.11 dst_ip = 10.102.0.10 src_mac = 00:00:00:00:00:02 dst_mac = 00:00:00:00:00:01 VM2
GRE Tunnel Prepare GRE tunnels in case of L3 routing required Use MAC2MAC over GRE tunnels GRE tunnel L3 switch public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 vna Open vSwitch VM2 eth1 eth0 eth1 vna Open vSwitch vna VM3
Overall Any complex packet forwarding is done by Open vSwitch Just normal L2 and L3 switch are required No need to buy expensive network switches!! L3 switch public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 vna Open vSwitch VM2 eth1 eth0 eth1 vna Open vSwitch vna VM3
Advantages of OpenVNet Seamless network virtualization • • Virtualizing entire network is difficult • OpenVNet supports association with legacy network Why not to start network virtualization from smaller part? Wednesday, October 30, 13
VNet edge Perform VLAN ID translation • • • legacy line Associate the legacy machine to the virtual network ID 2 Edge server is responsible for VLAN ID translation Legacy machine is connected to the edge server over L2 network Legacy L2 switch eth0 Legacy machine public line eth2 eth0 Open vSwitch eth1 eth0 eth1 vna Open vSwitch vna VM1 Edge server Wednesday, October 30, 13 Network ID 2
VNet edge Send a packet from a legacy machine • legacy line Suppose the legacy machine is associated with VLAN ID 100 Legacy L2 switch eth0 Legacy machine public line eth2 eth0 Open vSwitch eth1 eth0 eth1 vna Open vSwitch vna VM1 Edge server Wednesday, October 30, 13
VNet edge Open vSwitch forwards the packet to the OF controller Translates VLAN ID 100 to network ID 2 legacy line Legacy L2 switch eth0 Legacy machine public line eth2 eth0 eth1 VLAN 100 vnet 2 Edge server Wednesday, October 30, 13 eth1 vna Open vSwitch eth0 Open vSwitch vna VM1
VNet edge After the translation, the packet is forwarded by MAC2MAC legacy line Legacy L2 switch eth0 Legacy machine public line eth2 eth0 eth1 VLAN 100 vnet 2 Edge server Wednesday, October 30, 13 eth1 vna Open vSwitch eth0 Open vSwitch vna VM1
VNet edge The legacy machine can participate in the virtual network legacy line Legacy L2 switch eth0 Legacy machine public line eth2 eth0 eth1 VLAN 100 vnet 2 Edge server Wednesday, October 30, 13 eth1 vna Open vSwitch eth0 Open vSwitch vna VM1
Conclusion • • Advantages of OpenVNet • • • Reduce the cost for maintaining the physical networks No need to buy expensive network switches Association with the legacy networks Github • https://github.com/axsh/openvnet Wednesday, October 30, 13

Recommandé

Secure LXC Networking
Secure LXC NetworkingSecure LXC Networking
Secure LXC NetworkingMarian Marinov
 
Mininet demo
Mininet demoMininet demo
Mininet demoMomina Masood
 
Virtualisation-11
Virtualisation-11Virtualisation-11
Virtualisation-11Navaneethan Naveen
 
UNDOCUMENTED Vyatta vRouter: IPv4 over IPv6 Tunneling
UNDOCUMENTED Vyatta vRouter: IPv4 over IPv6 TunnelingUNDOCUMENTED Vyatta vRouter: IPv4 over IPv6 Tunneling
UNDOCUMENTED Vyatta vRouter: IPv4 over IPv6 TunnelingNaoto MATSUMOTO
 
IPv4 over IPv6 Tunneling with IPSec [DRAFT]
IPv4 over IPv6 Tunneling with IPSec [DRAFT]IPv4 over IPv6 Tunneling with IPSec [DRAFT]
IPv4 over IPv6 Tunneling with IPSec [DRAFT]Naoto MATSUMOTO
 
MidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostMidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostOpenStack_Online
 
仮想ネットワークを実現するOpenVNet
仮想ネットワークを実現するOpenVNet仮想ネットワークを実現するOpenVNet
仮想ネットワークを実現するOpenVNetAkira Yokokawa
 
Openflow実験
Openflow実験Openflow実験
Openflow実験Yahoo!デベロッパーネットワーク
 

Recommandé

Secure LXC Networking
Secure LXC NetworkingSecure LXC Networking
Secure LXC NetworkingMarian Marinov
 
Mininet demo
Mininet demoMininet demo
Mininet demoMomina Masood
 
Virtualisation-11
Virtualisation-11Virtualisation-11
Virtualisation-11Navaneethan Naveen
 
UNDOCUMENTED Vyatta vRouter: IPv4 over IPv6 Tunneling
UNDOCUMENTED Vyatta vRouter: IPv4 over IPv6 TunnelingUNDOCUMENTED Vyatta vRouter: IPv4 over IPv6 Tunneling
UNDOCUMENTED Vyatta vRouter: IPv4 over IPv6 TunnelingNaoto MATSUMOTO
 
IPv4 over IPv6 Tunneling with IPSec [DRAFT]
IPv4 over IPv6 Tunneling with IPSec [DRAFT]IPv4 over IPv6 Tunneling with IPSec [DRAFT]
IPv4 over IPv6 Tunneling with IPSec [DRAFT]Naoto MATSUMOTO
 
MidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostMidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostOpenStack_Online
 
仮想ネットワークを実現するOpenVNet
仮想ネットワークを実現するOpenVNet仮想ネットワークを実現するOpenVNet
仮想ネットワークを実現するOpenVNetAkira Yokokawa
 
Openflow実験
Openflow実験Openflow実験
Openflow実験Yahoo!デベロッパーネットワーク
 
VXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced ZoneVXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced ZoneYoshikazu Nojima
 
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...Vietnam Open Infrastructure User Group
 
Docker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined NetworksDocker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined NetworksAdrien Blind
 
OVS-NFV Tutorial
OVS-NFV TutorialOVS-NFV Tutorial
OVS-NFV TutorialOpen Networking Perú (Opennetsoft)
 
10 sdn-vir-6up
10 sdn-vir-6up10 sdn-vir-6up
10 sdn-vir-6upSachin Siddappa
 
PLNOG 13: Alexis Dacquay: Architectures for Universal Data Centre Networks, t...
PLNOG 13: Alexis Dacquay: Architectures for Universal Data Centre Networks, t...PLNOG 13: Alexis Dacquay: Architectures for Universal Data Centre Networks, t...
PLNOG 13: Alexis Dacquay: Architectures for Universal Data Centre Networks, t...PROIDEA
 
Meetup docker using software defined networks
Meetup docker using software defined networksMeetup docker using software defined networks
Meetup docker using software defined networksOCTO Technology
 
OpenStack sdn
OpenStack sdnOpenStack sdn
OpenStack sdnAdrián Norte Fernández
 
Applying OpenStack at iNET use case
Applying OpenStack at iNET use caseApplying OpenStack at iNET use case
Applying OpenStack at iNET use caseVietnam Open Infrastructure User Group
 
The Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchThe Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchTe-Yen Liu
 
Securing & Enforcing Network Policy and Encryption with Weave Net
Securing & Enforcing Network Policy and Encryption with Weave NetSecuring & Enforcing Network Policy and Encryption with Weave Net
Securing & Enforcing Network Policy and Encryption with Weave NetLuke Marsden
 
Openstack openswitch basics
Openstack openswitch basicsOpenstack openswitch basics
Openstack openswitch basicsnshah061
 
DCCN 2016 - Tutorial 1 - Communication with LAN/WLAN
DCCN 2016 - Tutorial 1 - Communication with LAN/WLANDCCN 2016 - Tutorial 1 - Communication with LAN/WLAN
DCCN 2016 - Tutorial 1 - Communication with LAN/WLANrudndccn
 
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SI
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SIDeep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SI
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SIDocker, Inc.
 
OpenNebulaConf2015 2.05 OpenNebula at the Leibniz Supercomputing Centre - Mat...
OpenNebulaConf2015 2.05 OpenNebula at the Leibniz Supercomputing Centre - Mat...OpenNebulaConf2015 2.05 OpenNebula at the Leibniz Supercomputing Centre - Mat...
OpenNebulaConf2015 2.05 OpenNebula at the Leibniz Supercomputing Centre - Mat...OpenNebula Project
 
Demystifying openvswitch
Demystifying openvswitchDemystifying openvswitch
Demystifying openvswitchPrasad Mukhedkar
 
Virtual IoT Meetup: Connecting Sensor Networks
Virtual IoT Meetup: Connecting Sensor NetworksVirtual IoT Meetup: Connecting Sensor Networks
Virtual IoT Meetup: Connecting Sensor NetworksMatthias Kovatsch
 
Thebasicintroductionofopenvswitch
ThebasicintroductionofopenvswitchThebasicintroductionofopenvswitch
ThebasicintroductionofopenvswitchRamses Ramirez
 
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...VMworld
 
Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101Mochamad Taufik Romdony
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 

Contenu connexe

Similaire à OpenVNet - Introduction

VXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced ZoneVXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced ZoneYoshikazu Nojima
 
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...Vietnam Open Infrastructure User Group
 
Docker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined NetworksDocker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined NetworksAdrien Blind
 
PLNOG 13: Alexis Dacquay: Architectures for Universal Data Centre Networks, t...
PLNOG 13: Alexis Dacquay: Architectures for Universal Data Centre Networks, t...PLNOG 13: Alexis Dacquay: Architectures for Universal Data Centre Networks, t...
PLNOG 13: Alexis Dacquay: Architectures for Universal Data Centre Networks, t...PROIDEA
 
Meetup docker using software defined networks
Meetup docker using software defined networksMeetup docker using software defined networks
Meetup docker using software defined networksOCTO Technology
 
The Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchThe Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchTe-Yen Liu
 
Securing & Enforcing Network Policy and Encryption with Weave Net
Securing & Enforcing Network Policy and Encryption with Weave NetSecuring & Enforcing Network Policy and Encryption with Weave Net
Securing & Enforcing Network Policy and Encryption with Weave NetLuke Marsden
 
Openstack openswitch basics
Openstack openswitch basicsOpenstack openswitch basics
Openstack openswitch basicsnshah061
 
DCCN 2016 - Tutorial 1 - Communication with LAN/WLAN
DCCN 2016 - Tutorial 1 - Communication with LAN/WLANDCCN 2016 - Tutorial 1 - Communication with LAN/WLAN
DCCN 2016 - Tutorial 1 - Communication with LAN/WLANrudndccn
 
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SI
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SIDeep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SI
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SIDocker, Inc.
 
OpenNebulaConf2015 2.05 OpenNebula at the Leibniz Supercomputing Centre - Mat...
OpenNebulaConf2015 2.05 OpenNebula at the Leibniz Supercomputing Centre - Mat...OpenNebulaConf2015 2.05 OpenNebula at the Leibniz Supercomputing Centre - Mat...
OpenNebulaConf2015 2.05 OpenNebula at the Leibniz Supercomputing Centre - Mat...OpenNebula Project
 
Virtual IoT Meetup: Connecting Sensor Networks
Virtual IoT Meetup: Connecting Sensor NetworksVirtual IoT Meetup: Connecting Sensor Networks
Virtual IoT Meetup: Connecting Sensor NetworksMatthias Kovatsch
 
Thebasicintroductionofopenvswitch
ThebasicintroductionofopenvswitchThebasicintroductionofopenvswitch
ThebasicintroductionofopenvswitchRamses Ramirez
 
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...VMworld
 

Similaire à OpenVNet - Introduction (20)

VXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced ZoneVXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced Zone
 
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
 
Docker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined NetworksDocker networking basics & coupling with Software Defined Networks
Docker networking basics & coupling with Software Defined Networks
 
OVS-NFV Tutorial
OVS-NFV TutorialOVS-NFV Tutorial
OVS-NFV Tutorial
 
10 sdn-vir-6up
10 sdn-vir-6up10 sdn-vir-6up
10 sdn-vir-6up
 
PLNOG 13: Alexis Dacquay: Architectures for Universal Data Centre Networks, t...
PLNOG 13: Alexis Dacquay: Architectures for Universal Data Centre Networks, t...PLNOG 13: Alexis Dacquay: Architectures for Universal Data Centre Networks, t...
PLNOG 13: Alexis Dacquay: Architectures for Universal Data Centre Networks, t...
 
Meetup docker using software defined networks
Meetup docker using software defined networksMeetup docker using software defined networks
Meetup docker using software defined networks
 
OpenStack sdn
OpenStack sdnOpenStack sdn
OpenStack sdn
 
Applying OpenStack at iNET use case
Applying OpenStack at iNET use caseApplying OpenStack at iNET use case
Applying OpenStack at iNET use case
 
The Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchThe Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitch
 
Securing & Enforcing Network Policy and Encryption with Weave Net
Securing & Enforcing Network Policy and Encryption with Weave NetSecuring & Enforcing Network Policy and Encryption with Weave Net
Securing & Enforcing Network Policy and Encryption with Weave Net
 
Openstack openswitch basics
Openstack openswitch basicsOpenstack openswitch basics
Openstack openswitch basics
 
DCCN 2016 - Tutorial 1 - Communication with LAN/WLAN
DCCN 2016 - Tutorial 1 - Communication with LAN/WLANDCCN 2016 - Tutorial 1 - Communication with LAN/WLAN
DCCN 2016 - Tutorial 1 - Communication with LAN/WLAN
 
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SI
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SIDeep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SI
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SI
 
OpenNebulaConf2015 2.05 OpenNebula at the Leibniz Supercomputing Centre - Mat...
OpenNebulaConf2015 2.05 OpenNebula at the Leibniz Supercomputing Centre - Mat...OpenNebulaConf2015 2.05 OpenNebula at the Leibniz Supercomputing Centre - Mat...
OpenNebulaConf2015 2.05 OpenNebula at the Leibniz Supercomputing Centre - Mat...
 
Demystifying openvswitch
Demystifying openvswitchDemystifying openvswitch
Demystifying openvswitch
 
Virtual IoT Meetup: Connecting Sensor Networks
Virtual IoT Meetup: Connecting Sensor NetworksVirtual IoT Meetup: Connecting Sensor Networks
Virtual IoT Meetup: Connecting Sensor Networks
 
Thebasicintroductionofopenvswitch
ThebasicintroductionofopenvswitchThebasicintroductionofopenvswitch
Thebasicintroductionofopenvswitch
 
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...
 
Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101
 

Dernier

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 

Dernier (20)

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 

OpenVNet - Introduction

  • 2. What is OpenVNet? • • • • • • Spin-off project from Wakame-vdc 4 developers 1170 commits Written in Ruby 9619 LOCs (13033 LOCs with test codes) Started March 2013, now it is 7 month old Wednesday, October 30, 13
  • 3. Why OpenVNet? • There are many products offering network virtualization but not free • Is there any product to freely try out network virtualization? • • Wakame-vdc offers network virtualization Extract virtual network functionality from Wakame-vdc to make an independent package Wednesday, October 30, 13
  • 4. Advantages of OpenVNet Freely and easily create/destroy networks • e.g.) quickly preparing an isolated network for experiment Reduce the maintaining cost of the physical networks • • Users can create complex networks on top of OpenVNet Keep the physical networks simple No need expensive network switches • Wednesday, October 30, 13 Edge-overlay architecture enables creating complex multi-tenant networks
  • 5. Advantages of OpenVNet Seamless network virtualization • • Virtualizing entire network is difficult • OpenVNet supports association with legacy network Why not to start network virtualization from smaller part? Wednesday, October 30, 13
  • 7. Network model of datacenter Internet DNAT / LB Datacenter network Physical/Virtual server clusters Wednesday, October 30, 13 SNAT DHCP DNS
  • 8. Network model of datacenter Internet External network DNAT / LB WAN edge network Datacenter network SNAT DHCP DNS Datacenter physical network LAN edge network General servers Appliance servers Physical/Virtual server clusters Resources Wednesday, October 30, 13 Storage servers
  • 9. Deployment of agent program Internet DNAT / LB agent agent agent Datacenter network agent agent SNAT DHCP DNS agent Physical/Virtual server clusters Wednesday, October 30, 13 Deploy agents for packet control
  • 10. Message queue Internet DNAT / LB agent agent agent Datacenter Queue network agent agent SNAT DHCP DNS agent Physical/Virtual server clusters Wednesday, October 30, 13 Agents communicate to each other through message queue system
  • 11. Components of OpenVNet vna (virtual network agent) • • Agent Configure OpenvSwitch (version 1.10.0) Include an OpenFlow controller implemented with Trema-edge vnmgr (virtual network manager) other components • • • Manage the datacenter network Provide database access back-ended by MySQL Command vna to do some specific actions e.g.) update flows vnapi (virtual network API) • WebAPI to talk to vnmgr • Command line interface to use vnapi vnctl (virtual network controller) Wednesday, October 30, 13
  • 13. Deployment External network WAN edge network Datacenter physical network A dedicated line for management Packets for the service go through the public line management line public line eth0 LAN edge network General servers Appliance servers Storage servers Resources Wednesday, October 30, 13 Open vSwitch VM eth1 eth0 eth1 vna Open vSwitch vna VM
  • 14. Packet forwarding in OpenVNet • MAC2MAC • OpenVNet original way of packet forwarding • Forward packet based on MAC address • GRE Tunnel • Over L3 routing • VNet edge • Perform VLAN ID translation • Associate with legacy network Wednesday, October 30, 13
  • 15. MAC2MAC Suppose that both VM1 and VM2 exist on the same virtual network public line eth0 Open vSwitch eth1 eth0 eth1 vna Open vSwitch vna virtual network1 VM1 MAC = 00:00:00:00:01 IP = 10.102.0.10 Wednesday, October 30, 13 VM2 MAC = 00:00:00:00:02 IP = 10.102.0.11
  • 16. MAC2MAC both vna know that VM1 and VM2 exist on virtual network1 public line eth0 Open vSwitch VM1 eth1 eth0 eth1 vna Open vSwitch vna virtual network1 VM2 VM1 = 00:00:00:00:01 VM2 = 00:00:00:00:02 Wednesday, October 30, 13
  • 17. MAC2MAC VM1 sends ARP request public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 eth1 vna Open vSwitch vna src_ip = 10.102.0.10 dst_ip = 10.102.0.11 src_mac = 00:00:00:00:00:01 dst_mac = ff:ff:ff:ff:ff:ff VM2
  • 18. MAC2MAC Open vSwitch broadcasts the packet public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 eth1 src_ip = 10.102.0.10 vna dst_ip = 10.102.0.11 src_mac = 00:00:00:00:00:01 dst_mac = ff:ff:ff:ff:ff:ff Open vSwitch vna VM2
  • 19. MAC2MAC The other hosts receive the packet public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 eth1 src_ip = 10.102.0.10 vna dst_ip = 10.102.0.11 src_mac = 00:00:00:00:00:01 dst_mac = ff:ff:ff:ff:ff:ff Open vSwitch vna VM2
  • 20. MAC2MAC Open vSwitch checks the src_mac, then it founds the packet is of virtual network1 public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 vna src_mac = 00:00:00:00:00:01 eth0 eth1 Open vSwitch vna VM2
  • 21. MAC2MAC Remember src_mac in case of other packets whose destination is 00:00:00:00:00:01 public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 eth1 vna Open vSwitch vna dst_mac = 00:00:00:00:00:01 ⇛ output:eth0 VM2
  • 22. MAC2MAC Forward a packet according to the network public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 eth1 vna Open vSwitch vna src_ip = 10.102.0.10 dst_ip = 10.102.0.11 src_mac = 00:00:00:00:00:01 dst_mac = ff:ff:ff:ff:ff:ff VM2
  • 23. MAC2MAC ARP reply comes in the Open vSwitch public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 eth1 vna Open vSwitch vna src_ip = 10.102.0.11 dst_ip = 10.102.0.10 src_mac = 00:00:00:00:00:02 dst_mac = 00:00:00:00:00:01 VM2
  • 24. MAC2MAC Open vSwitch knows that the packet should be forwarded to eth0 public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 vna dst_mac = 00:00:00:00:00:01 ⇛ output:eth0 src_ip = 10.102.0.11 dst_ip = 10.102.0.10 src_mac = 00:00:00:00:00:02 dst_mac = 00:00:00:00:00:01 eth0 eth1 Open vSwitch vna VM2
  • 25. MAC2MAC The packet is forwarded from eth0 public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 src_ip = 10.102.0.11 dst_ip = 10.102.0.10 vna src_mac = 00:00:00:00:00:02 dst_mac = 00:00:00:00:00:01 eth0 eth1 Open vSwitch vna VM2
  • 26. MAC2MAC The another host receives the ARP reply packet public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 src_ip = 10.102.0.11 dst_ip = 10.102.0.10 vna src_mac = 00:00:00:00:00:02 dst_mac = 00:00:00:00:00:01 eth0 eth1 Open vSwitch vna VM2
  • 27. MAC2MAC Remember the source mac address public line eth0 Open vSwitch eth1 eth0 eth1 vna Open vSwitch vna src_mac = 00:00:00:00:00:02 ⇛ output:eth0 VM1 Wednesday, October 30, 13 VM2
  • 28. MAC2MAC Output the packet to the specific VM public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 eth1 vna Open vSwitch vna src_ip = 10.102.0.11 dst_ip = 10.102.0.10 src_mac = 00:00:00:00:00:02 dst_mac = 00:00:00:00:00:01 VM2
  • 29. GRE Tunnel Prepare GRE tunnels in case of L3 routing required Use MAC2MAC over GRE tunnels GRE tunnel L3 switch public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 vna Open vSwitch VM2 eth1 eth0 eth1 vna Open vSwitch vna VM3
  • 30. Overall Any complex packet forwarding is done by Open vSwitch Just normal L2 and L3 switch are required No need to buy expensive network switches!! L3 switch public line eth0 Open vSwitch VM1 Wednesday, October 30, 13 eth1 eth0 vna Open vSwitch VM2 eth1 eth0 eth1 vna Open vSwitch vna VM3
  • 31. Advantages of OpenVNet Seamless network virtualization • • Virtualizing entire network is difficult • OpenVNet supports association with legacy network Why not to start network virtualization from smaller part? Wednesday, October 30, 13
  • 32. VNet edge Perform VLAN ID translation • • • legacy line Associate the legacy machine to the virtual network ID 2 Edge server is responsible for VLAN ID translation Legacy machine is connected to the edge server over L2 network Legacy L2 switch eth0 Legacy machine public line eth2 eth0 Open vSwitch eth1 eth0 eth1 vna Open vSwitch vna VM1 Edge server Wednesday, October 30, 13 Network ID 2
  • 33. VNet edge Send a packet from a legacy machine • legacy line Suppose the legacy machine is associated with VLAN ID 100 Legacy L2 switch eth0 Legacy machine public line eth2 eth0 Open vSwitch eth1 eth0 eth1 vna Open vSwitch vna VM1 Edge server Wednesday, October 30, 13
  • 34. VNet edge Open vSwitch forwards the packet to the OF controller Translates VLAN ID 100 to network ID 2 legacy line Legacy L2 switch eth0 Legacy machine public line eth2 eth0 eth1 VLAN 100 vnet 2 Edge server Wednesday, October 30, 13 eth1 vna Open vSwitch eth0 Open vSwitch vna VM1
  • 35. VNet edge After the translation, the packet is forwarded by MAC2MAC legacy line Legacy L2 switch eth0 Legacy machine public line eth2 eth0 eth1 VLAN 100 vnet 2 Edge server Wednesday, October 30, 13 eth1 vna Open vSwitch eth0 Open vSwitch vna VM1
  • 36. VNet edge The legacy machine can participate in the virtual network legacy line Legacy L2 switch eth0 Legacy machine public line eth2 eth0 eth1 VLAN 100 vnet 2 Edge server Wednesday, October 30, 13 eth1 vna Open vSwitch eth0 Open vSwitch vna VM1
  • 37. Conclusion • • Advantages of OpenVNet • • • Reduce the cost for maintaining the physical networks No need to buy expensive network switches Association with the legacy networks Github • https://github.com/axsh/openvnet Wednesday, October 30, 13