wug #002 - wakame-vdc updates and a virtual network

OpenVNetAxsh co., Ltd.

Wednesday, October 30, 13

What is OpenVNet?

• Spin-off project from Wakame-vdc

• 4 developers

• 1170 commits

• Written in Ruby

• 9619 LOCs (13033 LOCs with test codes)

• Started March 2013, now it is 7 month old

Wednesday, October 30, 13

Why OpenVNet?

• There are many products offering network virtualization but not free

• Is there any product to freely try out network virtualization?

• Wakame-vdc offers network virtualization

• Extract virtual network functionality from Wakame-vdc to make an independent package

Wednesday, October 30, 13

Advantages of OpenVNet

• Users can create complex networks on top of OpenVNet

• Keep the physical networks simple

Reduce the maintaining cost of the physical networks

• Edge-overlay architecture enables creating complex multi-tenant networks

No need expensive network switches

• e.g.) quickly preparing an isolated network for experiment

Freely and easily create/destroy networks

Wednesday, October 30, 13

Advantages of OpenVNet

• Virtualizing entire network is difficult

• Why not to start network virtualization from smaller part?

• OpenVNet supports association with legacy network

Seamless network virtualization

Wednesday, October 30, 13

Internal Architecture of OpenVNet

Wednesday, October 30, 13

Network model of datacenter

Internet

Datacenternetwork

Physical/Virtual server clusters

DNAT / LB

SNATDHCPDNS

Wednesday, October 30, 13

Network model of datacenter

Internet

Datacenternetwork

External network

WAN edge network

Datacenter physical network

LAN edge network

Physical/Virtual server clusters

General servers

Appliance servers

Storage servers

Resources

DNAT / LB

SNATDHCPDNS

Wednesday, October 30, 13

Deployment of agent program

Internet

Datacenternetwork

Physical/Virtual server clusters

DNAT / LB

SNATDHCPDNS

Deploy agents for packet control

agent agent agent

agent agent agent

Wednesday, October 30, 13

Message queue

Internet

Datacenternetwork

Physical/Virtual server clusters

DNAT / LB

SNATDHCPDNS

agent agent agent

agent agent agent

Queue

Agents communicate to each other through message queue system

Wednesday, October 30, 13

Components of OpenVNetvna (virtual network agent)

vnmgr (virtual network manager)

vnapi (virtual network API)

Agent

othercomponents

• Configure OpenvSwitch (version 1.10.0)

• Include an OpenFlow controller implemented with Trema-edge

• Manage the datacenter network

• Provide database access back-ended by MySQL

• Command vna to do some specific actions e.g.) update flows

• WebAPI to talk to vnmgr

vnctl (virtual network controller)

• Command line interface to use vnapi

Wednesday, October 30, 13

Components of OpenVNet

Internet

Datacenternetwork

Servers

vna vna vna

vna vna vna

Queue

vnmgr

vnapivnctl

DB

OpenFlowController

(Trema-edge)

vnaOpenFlow Switch

(OpenvSwitch 1.10.0)

OpenFlow 1.3

http

mysql

zeromq

Wednesday, October 30, 13

Deployment

External network

WAN edge network

Datacenter physical network

LAN edge network

General servers

Appliance servers

Storage servers

Resources

Open vSwitch

eth0 eth1

VM

vna Open vSwitch

eth0 eth1

VM

vna

public line

management line

A dedicated line for management

Packets for the service go through the public line

Wednesday, October 30, 13

Packet forwarding in OpenVNet

• MAC2MAC

• OpenVNet original way of packet forwarding

• Forward packet based on MAC address

• GRE Tunnel

• Over L3 routing

• VNet edge

• Perform VLAN ID translation

• Associate with legacy network

Wednesday, October 30, 13

MAC2MAC

Open vSwitch

eth0 eth1

vnaOpen

vSwitch

eth0 eth1

vna

public line

Suppose that both VM1 and VM2 exist on the same virtual network

VM2VM1

MAC = 00:00:00:00:01IP = 10.102.0.10

virtual network1

MAC = 00:00:00:00:02IP = 10.102.0.11

Wednesday, October 30, 13

MAC2MAC

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

virtual network1

VM1 = 00:00:00:00:01VM2 = 00:00:00:00:02

both vna know that VM1 and VM2 exist on virtual network1

Wednesday, October 30, 13

MAC2MAC

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

VM1 sends ARP request

src_ip = 10.102.0.10dst_ip = 10.102.0.11src_mac = 00:00:00:00:00:01dst_mac = ff:ff:ff:ff:ff:ff

Wednesday, October 30, 13

MAC2MAC

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

Open vSwitch broadcasts the packet

src_ip = 10.102.0.10dst_ip = 10.102.0.11src_mac = 00:00:00:00:00:01dst_mac = ff:ff:ff:ff:ff:ff

Wednesday, October 30, 13

MAC2MAC

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

The other hosts receive the packet

src_ip = 10.102.0.10dst_ip = 10.102.0.11src_mac = 00:00:00:00:00:01dst_mac = ff:ff:ff:ff:ff:ff

Wednesday, October 30, 13

MAC2MAC

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

Open vSwitch checks the src_mac, then it founds the packet is of virtual network1

src_mac = 00:00:00:00:00:01

Wednesday, October 30, 13

MAC2MAC

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

Remember src_mac in case of other packets whose destination is 00:00:00:00:00:01

dst_mac = 00:00:00:00:00:01⇛ output:eth0

Wednesday, October 30, 13

MAC2MAC

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

Forward a packet according to the network

src_ip = 10.102.0.10dst_ip = 10.102.0.11src_mac = 00:00:00:00:00:01dst_mac = ff:ff:ff:ff:ff:ff

Wednesday, October 30, 13

MAC2MAC

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

ARP reply comes in the Open vSwitch

src_ip = 10.102.0.11dst_ip = 10.102.0.10src_mac = 00:00:00:00:00:02dst_mac = 00:00:00:00:00:01

Wednesday, October 30, 13

MAC2MAC

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

Open vSwitch knows that the packet should be forwarded to eth0

src_ip = 10.102.0.11dst_ip = 10.102.0.10src_mac = 00:00:00:00:00:02dst_mac = 00:00:00:00:00:01

dst_mac = 00:00:00:00:00:01⇛ output:eth0

Wednesday, October 30, 13

MAC2MAC

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

The packet is forwarded from eth0

src_ip = 10.102.0.11dst_ip = 10.102.0.10src_mac = 00:00:00:00:00:02dst_mac = 00:00:00:00:00:01

Wednesday, October 30, 13

MAC2MAC

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

The another host receives the ARP reply packet

src_ip = 10.102.0.11dst_ip = 10.102.0.10src_mac = 00:00:00:00:00:02dst_mac = 00:00:00:00:00:01

Wednesday, October 30, 13

MAC2MAC

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

Remember the source mac address

src_mac = 00:00:00:00:00:02⇛ output:eth0

Wednesday, October 30, 13

MAC2MAC

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

Output the packet to the specific VM

src_ip = 10.102.0.11dst_ip = 10.102.0.10src_mac = 00:00:00:00:00:02dst_mac = 00:00:00:00:00:01

Wednesday, October 30, 13

GRE Tunnel

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

Open vSwitch

eth0 eth1

VM3

vna

L3 switch

Prepare GRE tunnels in case of L3 routing required

Use MAC2MAC over GRE tunnels

GRE tunnel

Wednesday, October 30, 13

Overall

Open vSwitch

eth0 eth1

VM1

vnaOpen

vSwitch

eth0 eth1

VM2

vna

public line

Open vSwitch

eth0 eth1

VM3

vna

L3 switch

Any complex packet forwarding is done by Open vSwitch

Just normal L2 and L3 switch are required

No need to buy expensive network switches!!

Wednesday, October 30, 13

Advantages of OpenVNet

• Virtualizing entire network is difficult

• Why not to start network virtualization from smaller part?

• OpenVNet supports association with legacy network

Seamless network virtualization

Wednesday, October 30, 13

VNet edge

Open vSwitch

eth0 eth1

vna

public line

Open vSwitch

eth0 eth1

vna

eth2

Edge server

Legacy L2 switch

legacy line

eth0

Legacy machine

Perform VLAN ID translation

VM1

Network ID 2

• Associate the legacy machine to the virtual network ID 2

• Edge server is responsible for VLAN ID translation

• Legacy machine is connected to the edge server over L2 network

Wednesday, October 30, 13

VNet edge

Open vSwitch

eth0 eth1

VM1

vna

public line

Open vSwitch

eth0 eth1

vna

eth2

Edge server

Legacy L2 switch

legacy line

eth0

Legacy machine

Send a packet from a legacy machine• Suppose the legacy machine is associated with VLAN ID 100

Wednesday, October 30, 13

VNet edge

Open vSwitch

eth0 eth1

VM1

vna

public line

Open vSwitch

eth0 eth1

vna

eth2

Edge server

Legacy L2 switch

legacy line

eth0

Legacy machine

Open vSwitch forwards the packet to the OF controller

Translates VLAN ID 100 to network ID 2

VLAN vnet100 2

Wednesday, October 30, 13

VNet edge

Open vSwitch

eth0 eth1

VM1

vna

public line

Open vSwitch

eth0 eth1

vna

eth2

Edge server

Legacy L2 switch

legacy line

eth0

Legacy machine

After the translation, the packet is forwarded by MAC2MAC

VLAN vnet100 2

Wednesday, October 30, 13

VNet edge

Open vSwitch

eth0 eth1

VM1

vna

public line

Open vSwitch

eth0 eth1

vna

eth2

Edge server

Legacy L2 switch

legacy line

eth0

Legacy machine

VLAN vnet100 2

The legacy machine can participate in the virtual network

Wednesday, October 30, 13

Conclusion

• Advantages of OpenVNet

• Reduce the cost for maintaining the physical networks

• No need to buy expensive network switches

• Association with the legacy networks

• Github

• https://github.com/axsh/openvnet

Wednesday, October 30, 13