openvnet - introduction
DESCRIPTION
It'd be honored to announce our product OpenVNet, which offers efficient and seamless network virtualization. This is an open source project under LGPL 3.0, hosted on GitHub (https://github.com/axsh/openvnet)TRANSCRIPT
OpenVNetAxsh co., Ltd.
Wednesday, October 30, 13
What is OpenVNet?
• Spin-off project from Wakame-vdc
• 4 developers
• 1170 commits
• Written in Ruby
• 9619 LOCs (13033 LOCs with test codes)
• Started March 2013, now it is 7 month old
Wednesday, October 30, 13
Why OpenVNet?
• There are many products offering network virtualization but not free
• Is there any product to freely try out network virtualization?
• Wakame-vdc offers network virtualization
• Extract virtual network functionality from Wakame-vdc to make an independent package
Wednesday, October 30, 13
Advantages of OpenVNet
• Users can create complex networks on top of OpenVNet
• Keep the physical networks simple
Reduce the maintaining cost of the physical networks
• Edge-overlay architecture enables creating complex multi-tenant networks
No need expensive network switches
• e.g.) quickly preparing an isolated network for experiment
Freely and easily create/destroy networks
Wednesday, October 30, 13
Advantages of OpenVNet
• Virtualizing entire network is difficult
• Why not to start network virtualization from smaller part?
• OpenVNet supports association with legacy network
Seamless network virtualization
Wednesday, October 30, 13
Internal Architecture of OpenVNet
Wednesday, October 30, 13
Network model of datacenter
Internet
Datacenternetwork
Physical/Virtual server clusters
DNAT / LB
SNATDHCPDNS
Wednesday, October 30, 13
Network model of datacenter
Internet
Datacenternetwork
External network
WAN edge network
Datacenter physical network
LAN edge network
Physical/Virtual server clusters
General servers
Appliance servers
Storage servers
Resources
DNAT / LB
SNATDHCPDNS
Wednesday, October 30, 13
Deployment of agent program
Internet
Datacenternetwork
Physical/Virtual server clusters
DNAT / LB
SNATDHCPDNS
Deploy agents for packet control
agent agent agent
agent agent agent
Wednesday, October 30, 13
Message queue
Internet
Datacenternetwork
Physical/Virtual server clusters
DNAT / LB
SNATDHCPDNS
agent agent agent
agent agent agent
Queue
Agents communicate to each other through message queue system
Wednesday, October 30, 13
Components of OpenVNetvna (virtual network agent)
vnmgr (virtual network manager)
vnapi (virtual network API)
Agent
othercomponents
• Configure OpenvSwitch (version 1.10.0)
• Include an OpenFlow controller implemented with Trema-edge
• Manage the datacenter network
• Provide database access back-ended by MySQL
• Command vna to do some specific actions e.g.) update flows
• WebAPI to talk to vnmgr
vnctl (virtual network controller)
• Command line interface to use vnapi
Wednesday, October 30, 13
Components of OpenVNet
Internet
Datacenternetwork
Servers
vna vna vna
vna vna vna
Queue
vnmgr
vnapivnctl
DB
OpenFlowController
(Trema-edge)
vnaOpenFlow Switch
(OpenvSwitch 1.10.0)
OpenFlow 1.3
http
mysql
zeromq
Wednesday, October 30, 13
Deployment
External network
WAN edge network
Datacenter physical network
LAN edge network
General servers
Appliance servers
Storage servers
Resources
Open vSwitch
eth0 eth1
VM
vna Open vSwitch
eth0 eth1
VM
vna
public line
management line
A dedicated line for management
Packets for the service go through the public line
Wednesday, October 30, 13
Packet forwarding in OpenVNet
• MAC2MAC
• OpenVNet original way of packet forwarding
• Forward packet based on MAC address
• GRE Tunnel
• Over L3 routing
• VNet edge
• Perform VLAN ID translation
• Associate with legacy network
Wednesday, October 30, 13
MAC2MAC
Open vSwitch
eth0 eth1
vnaOpen
vSwitch
eth0 eth1
vna
public line
Suppose that both VM1 and VM2 exist on the same virtual network
VM2VM1
MAC = 00:00:00:00:01IP = 10.102.0.10
virtual network1
MAC = 00:00:00:00:02IP = 10.102.0.11
Wednesday, October 30, 13
MAC2MAC
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
virtual network1
VM1 = 00:00:00:00:01VM2 = 00:00:00:00:02
both vna know that VM1 and VM2 exist on virtual network1
Wednesday, October 30, 13
MAC2MAC
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
VM1 sends ARP request
src_ip = 10.102.0.10dst_ip = 10.102.0.11src_mac = 00:00:00:00:00:01dst_mac = ff:ff:ff:ff:ff:ff
Wednesday, October 30, 13
MAC2MAC
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
Open vSwitch broadcasts the packet
src_ip = 10.102.0.10dst_ip = 10.102.0.11src_mac = 00:00:00:00:00:01dst_mac = ff:ff:ff:ff:ff:ff
Wednesday, October 30, 13
MAC2MAC
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
The other hosts receive the packet
src_ip = 10.102.0.10dst_ip = 10.102.0.11src_mac = 00:00:00:00:00:01dst_mac = ff:ff:ff:ff:ff:ff
Wednesday, October 30, 13
MAC2MAC
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
Open vSwitch checks the src_mac, then it founds the packet is of virtual network1
src_mac = 00:00:00:00:00:01
Wednesday, October 30, 13
MAC2MAC
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
Remember src_mac in case of other packets whose destination is 00:00:00:00:00:01
dst_mac = 00:00:00:00:00:01⇛ output:eth0
Wednesday, October 30, 13
MAC2MAC
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
Forward a packet according to the network
src_ip = 10.102.0.10dst_ip = 10.102.0.11src_mac = 00:00:00:00:00:01dst_mac = ff:ff:ff:ff:ff:ff
Wednesday, October 30, 13
MAC2MAC
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
ARP reply comes in the Open vSwitch
src_ip = 10.102.0.11dst_ip = 10.102.0.10src_mac = 00:00:00:00:00:02dst_mac = 00:00:00:00:00:01
Wednesday, October 30, 13
MAC2MAC
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
Open vSwitch knows that the packet should be forwarded to eth0
src_ip = 10.102.0.11dst_ip = 10.102.0.10src_mac = 00:00:00:00:00:02dst_mac = 00:00:00:00:00:01
dst_mac = 00:00:00:00:00:01⇛ output:eth0
Wednesday, October 30, 13
MAC2MAC
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
The packet is forwarded from eth0
src_ip = 10.102.0.11dst_ip = 10.102.0.10src_mac = 00:00:00:00:00:02dst_mac = 00:00:00:00:00:01
Wednesday, October 30, 13
MAC2MAC
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
The another host receives the ARP reply packet
src_ip = 10.102.0.11dst_ip = 10.102.0.10src_mac = 00:00:00:00:00:02dst_mac = 00:00:00:00:00:01
Wednesday, October 30, 13
MAC2MAC
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
Remember the source mac address
src_mac = 00:00:00:00:00:02⇛ output:eth0
Wednesday, October 30, 13
MAC2MAC
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
Output the packet to the specific VM
src_ip = 10.102.0.11dst_ip = 10.102.0.10src_mac = 00:00:00:00:00:02dst_mac = 00:00:00:00:00:01
Wednesday, October 30, 13
GRE Tunnel
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
Open vSwitch
eth0 eth1
VM3
vna
L3 switch
Prepare GRE tunnels in case of L3 routing required
Use MAC2MAC over GRE tunnels
GRE tunnel
Wednesday, October 30, 13
Overall
Open vSwitch
eth0 eth1
VM1
vnaOpen
vSwitch
eth0 eth1
VM2
vna
public line
Open vSwitch
eth0 eth1
VM3
vna
L3 switch
Any complex packet forwarding is done by Open vSwitch
Just normal L2 and L3 switch are required
No need to buy expensive network switches!!
Wednesday, October 30, 13
Advantages of OpenVNet
• Virtualizing entire network is difficult
• Why not to start network virtualization from smaller part?
• OpenVNet supports association with legacy network
Seamless network virtualization
Wednesday, October 30, 13
VNet edge
Open vSwitch
eth0 eth1
vna
public line
Open vSwitch
eth0 eth1
vna
eth2
Edge server
Legacy L2 switch
legacy line
eth0
Legacy machine
Perform VLAN ID translation
VM1
Network ID 2
• Associate the legacy machine to the virtual network ID 2
• Edge server is responsible for VLAN ID translation
• Legacy machine is connected to the edge server over L2 network
Wednesday, October 30, 13
VNet edge
Open vSwitch
eth0 eth1
VM1
vna
public line
Open vSwitch
eth0 eth1
vna
eth2
Edge server
Legacy L2 switch
legacy line
eth0
Legacy machine
Send a packet from a legacy machine• Suppose the legacy machine is associated with VLAN ID 100
Wednesday, October 30, 13
VNet edge
Open vSwitch
eth0 eth1
VM1
vna
public line
Open vSwitch
eth0 eth1
vna
eth2
Edge server
Legacy L2 switch
legacy line
eth0
Legacy machine
Open vSwitch forwards the packet to the OF controller
Translates VLAN ID 100 to network ID 2
VLAN vnet100 2
Wednesday, October 30, 13
VNet edge
Open vSwitch
eth0 eth1
VM1
vna
public line
Open vSwitch
eth0 eth1
vna
eth2
Edge server
Legacy L2 switch
legacy line
eth0
Legacy machine
After the translation, the packet is forwarded by MAC2MAC
VLAN vnet100 2
Wednesday, October 30, 13
VNet edge
Open vSwitch
eth0 eth1
VM1
vna
public line
Open vSwitch
eth0 eth1
vna
eth2
Edge server
Legacy L2 switch
legacy line
eth0
Legacy machine
VLAN vnet100 2
The legacy machine can participate in the virtual network
Wednesday, October 30, 13
Conclusion
• Advantages of OpenVNet
• Reduce the cost for maintaining the physical networks
• No need to buy expensive network switches
• Association with the legacy networks
• Github
• https://github.com/axsh/openvnet
Wednesday, October 30, 13