Overlay network

Last updated

An overlay network is a computer network that is layered on top of another (logical as opposed to physical) network. The concept of overlay networking is distinct from the traditional model of OSI layered networks, and almost always assumes that the underlay network is an IP network of some kind. [1]

Contents

Some examples of overlay networking technologies are, VXLAN, BGP VPNs, both Layer 2 and Layer 3, and IP over IP technologies, such as GRE or IPSEC Tunnels. IP over IP technologies, such as SD-WAN are a class of overlay network.

Structure

Figure 1: Physical to logical overlay networks Overlaynetworklayering.jpg
Figure 1: Physical to logical overlay networks

Nodes in an overlay network can be thought of as being connected by virtual or logical links, each of which corresponds to a path, perhaps through many physical links, in the underlying network. For example, distributed systems such as peer-to-peer networks are overlay networks because their nodes form networks over existing network connections. [2] [ citation needed ]

The Internet was originally built as an overlay upon the telephone network, while today (through the advent of VoIP), the telephone network is increasingly turning into an overlay network built on top of the Internet.[ citation needed ]

Attributes

Overlay networks have a certain set of attributes, including separation of logical addressing, security and quality of service. Other optional attributes include resiliency/recovery, encryption and bandwidth control.

Uses

Telecommunications Operators

Telecom Operators use overlay networks to provide services over their physical infrastructure. In the networks that connect physically diverse sites (Wide Area Networks, WANs), one common overlay network technology is BGP VPNs. These VPNs are provided in the form of a service to enterprises to connect their own sites and applications. The advantage of these kinds of overlay networks are that the telecom operator does not need to manage addressing or other enterprise specific network attributes.

Within data centers, it was more common to use VXLAN, however due to its complexity and the need to stitch Layer 2 VXLAN-based overlay networks to Layer 3 IP/BGP networks, it has become more common to use BGP within data centers to provide Layer 2 connectivity between Virtual Machines or Kubernetes Clusters.

Enterprise networks

Enterprise private networks were first overlaid on telecommunication networks such as Frame Relay and Asynchronous Transfer Mode packet switching infrastructures but migration from these (now legacy) infrastructures to IP-based MPLS networks and virtual private networks started (2001~2002) and is now completed, with very few remaining Frame Relay or ATM networks.

From an enterprise point of view, while an overlay VPN service configured by the operator might fulfill their basic connectivity requirements, they lack flexibility. For example, connecting services from competitive operators, or an enterprise service over an internet service and securing that service is impossible with standard VPN technologies, hence the proliferation of SD-WAN overlay networks that allow enterprises to connect sites and users regardless of the network access type they have.


Over the Internet

The Internet is the basis for more overlaid networks that can be constructed in order to permit routing of messages to destinations not specified by an IP address. For example, distributed hash tables can be used to route messages to a node having a specific logical address, whose IP address is not known in advance.

Quality of Service

Guaranteeing bandwidth through marking traffic has multiple solutions, including IntServ and DiffServ. IntServ requires per flow tracking and consequently causes scaling issues in routing platforms. It has not been widely deployed. DiffServ has been widely deployed in many operators as a method to differentiate traffic types. DiffServ itself provides no guarantee of throughput, it does allow the network operator to decide which traffic is higher priority, and hence will be forwarded first in congestion situations.

Overlay networks implement a much finer granularity of quality of service, allowing enterprise users to decide on an application and user/site basis which traffic should be prioritised.

Ease of Deployment

Overlay networks can be incrementally deployed on at end-user sites or hosts running the overlay protocol software, without cooperation from ISPs. The overlay has no control over how packets are routed in the underlying network between two overlay nodes, but it can control, for example, the sequence of overlay nodes a message traverses before reaching its destination.

For example, Akamai Technologies manages an overlay network which provides reliable, efficient content delivery (a kind of multicast).

Advantages

Resilience

The objective of resilience in telecommunications networks is to enable automated recovery during failure events in order to maintain a wanted service level or availability. As telecommunications networks are built in a layered fashion, resilience can be used in the physical, optical, IP or session/application layers. Each layer relies on the resilience features of the layer below it. Overlay IP networks in the form of SD-WAN services therefore rely on the physical, optical and underlying IP services they are transported over. Application layer overlays depend on the all the layers below them. The advantage of overlays are that they are more flexible/programmable than traditional network infrastructure, which outweighs the disadvantages of additional latency, complexity and bandwidth overheads.

Application Layer Resilience Approaches

Resilient Overlay Networks (RON) are architectures that allow distributed Internet applications to detect and recover from disconnection or interference. Current wide area routing protocols that take at least several minutes to recover from are improved upon with this application layer overlay. The RON nodes monitor the Internet paths among themselves and will determine whether or not to reroute packets directly over the internet or over other RON nodes thus optimizing application specific metrics. [3]

The Resilient Overlay Network has a relatively simple conceptual design. RON nodes are deployed at various locations on the Internet. These nodes form an application layer overlay that cooperate in routing packets. Each of the RON nodes monitor the quality of the Internet paths between each other and uses this information to accurately and automatically select paths from each packet, thus reducing the amount of time required to recover from poor quality of service. [3]

Multicast

Overlay multicast is also known as End System or Peer-to-Peer Multicast. High bandwidth multi-source multicast among widely distributed nodes is a critical capability for a wide range of applications, including audio and video conferencing, multi-party games and content distribution. Throughout the last decade, a number of research projects have explored the use of multicast as an efficient and scalable mechanism to support such group communication applications. Multicast decouples the size of the receiver set from the amount of state kept at any single node and potentially avoids redundant communication in the network.

The limited deployment of IP Multicast, a best effort network layer multicast protocol, has led to considerable interest in alternate approaches that are implemented at the application layer, using only end-systems. In an overlay or end-system multicast approach, participating peers organize themselves into an overlay topology for data delivery. Each edge in this topology corresponds to a unicast path between two end-systems or peers in the underlying internet. All multicast-related functionality is implemented at the peers instead of at routers, and the goal of the multicast protocol is to construct and maintain an efficient overlay for data transmission.

Disadvantages

List of overlay network protocols

Overlay network protocols based on TCP/IP include:

Overlay network protocols based on UDP/IP include:

See also

Related Research Articles

<span class="mw-page-title-main">Multicast</span> Computer networking technique for transmission from one sender to multiple receivers

In computer networking, multicast is group communication where data transmission is addressed to a group of destination computers simultaneously. Multicast can be one-to-many or many-to-many distribution. Multicast should not be confused with physical layer point-to-multipoint communication.

Multiprotocol Label Switching (MPLS) is a routing technique in telecommunications networks that directs data from one node to the next based on labels rather than network addresses. Whereas network addresses identify endpoints, the labels identify established paths between endpoints. MPLS can encapsulate packets of various network protocols, hence the multiprotocol component of the name. MPLS supports a range of access technologies, including T1/E1, ATM, Frame Relay, and DSL.

Quality of service (QoS) is the description or measurement of the overall performance of a service, such as a telephony or computer network, or a cloud computing service, particularly the performance seen by the users of the network. To quantitatively measure quality of service, several related aspects of the network service are often considered, such as packet loss, bit rate, throughput, transmission delay, availability, jitter, etc.

<span class="mw-page-title-main">Router (computing)</span> Device that forwards data packets between computer networks

A router is a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions between networks and on the global Internet. Data sent through a network, such as a web page or email, is in the form of data packets. A packet is typically forwarded from one router to another router through the networks that constitute an internetwork until it reaches its destination node.

<span class="mw-page-title-main">Border Gateway Protocol</span> Protocol for communicating routing information on the Internet

Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet. BGP is classified as a path-vector routing protocol, and it makes routing decisions based on paths, network policies, or rule-sets configured by a network administrator.

Open Shortest Path First (OSPF) is a routing protocol for Internet Protocol (IP) networks. It uses a link state routing (LSR) algorithm and falls into the group of interior gateway protocols (IGPs), operating within a single autonomous system (AS).

A virtual private network (VPN) is a mechanism for creating a secure connection between a computing device and a computer network, or between two networks, using an insecure communication medium such as the public Internet.

<span class="mw-page-title-main">Anycast</span> Network addressing and routing methodology

Anycast is a network addressing and routing methodology in which a single IP address is shared by devices in multiple locations. Routers direct packets addressed to this destination to the location nearest the sender, using their normal decision-making algorithms, typically the lowest number of BGP network hops. Anycast routing is widely used by content delivery networks such as web and name servers, to bring their content closer to end users.

The Resource Reservation Protocol (RSVP) is a transport layer protocol designed to reserve resources across a network using the integrated services model. RSVP operates over an IPv4 or IPv6 and provides receiver-initiated setup of resource reservations for multicast or unicast data flows. It does not transport application data but is similar to a control protocol, like Internet Control Message Protocol (ICMP) or Internet Group Management Protocol (IGMP). RSVP is described in RFC 2205.

Virtual Private LAN Service (VPLS) is a way to provide Ethernet-based multipoint to multipoint communication over IP or MPLS networks. It allows geographically dispersed sites to share an Ethernet broadcast domain by connecting sites through pseudowires. The term sites includes multiplicities of both servers and clients. The technologies that can be used as pseudo-wire can be Ethernet over MPLS, L2TPv3 or even GRE. There are two IETF standards-track RFCs describing VPLS establishment.

The next-generation network (NGN) is a body of key architectural changes in telecommunication core and access networks. The general idea behind the NGN is that one network transports all information and services by encapsulating these into IP packets, similar to those used on the Internet. NGNs are commonly built around the Internet Protocol, and therefore the term all IP is also sometimes used to describe the transformation of formerly telephone-centric networks toward NGN.

anoNet is a decentralized friend-to-friend network built using VPNs and software BGP routers. anoNet works by making it difficult to learn the identities of others on the network allowing them to anonymously host IPv4 and IPv6 services.

IP multicast is a method of sending Internet Protocol (IP) datagrams to a group of interested receivers in a single transmission. It is the IP-specific form of multicast and is used for streaming media and other network applications. It uses specially reserved multicast address blocks in IPv4 and IPv6.

<span class="mw-page-title-main">Computer network</span> Network that allows computers to share resources and communicate with each other

A computer network is a set of computers sharing resources located on or provided by network nodes. Computers use common communication protocols over digital interconnections to communicate with each other. These interconnections are made up of telecommunication network technologies based on physically wired, optical, and wireless radio-frequency methods that may be arranged in a variety of network topologies.

A routing protocol specifies how routers communicate with each other to distribute information that enables them to select paths between nodes on a computer network. Routers perform the traffic directing functions on the Internet; data packets are forwarded through the networks of the internet from router to router until they reach their destination computer. Routing algorithms determine the specific choice of route. Each router has a prior knowledge only of networks attached to it directly. A routing protocol shares this information first among immediate neighbors, and then throughout the network. This way, routers gain knowledge of the topology of the network. The ability of routing protocols to dynamically adjust to changing conditions such as disabled connections and components and route data around obstructions is what gives the Internet its fault tolerance and high availability.

In computing, Microsoft's Windows Vista and Windows Server 2008 introduced in 2007/2008 a new networking stack named Next Generation TCP/IP stack, to improve on the previous stack in several ways. The stack includes native implementation of IPv6, as well as a complete overhaul of IPv4. The new TCP/IP stack uses a new method to store configuration settings that enables more dynamic control and does not require a computer restart after a change in settings. The new stack, implemented as a dual-stack model, depends on a strong host-model and features an infrastructure to enable more modular components that one can dynamically insert and remove.

Juniper M series is a line of multiservice edge routers designed and manufactured by Juniper Networks, for enterprise and service provider networks. It spans over M7i, M10i, M40e, M120, and M320 platforms with 5 Gbit/s up to 160 Gbit/s of full-duplex throughput. The M40 router was the first product by Juniper Networks, which was released in 1998. The M-series routers run on JUNOS Operating System.

Distributed Overlay Virtual Ethernet (DOVE) is a tunneling and virtualization technology for computer networks, created and backed by IBM. DOVE allows creation of network virtualization layers for deploying, controlling, and managing multiple independent and isolated network applications over a shared physical network infrastructure.

<span class="mw-page-title-main">Broadcast, unknown-unicast and multicast traffic</span> Computer networking concept

Broadcast, unknown-unicast and multicast traffic is network traffic transmitted using one of three methods of sending data link layer network traffic to a destination of which the sender does not know the network address. This is achieved by sending the network traffic to multiple destinations on an Ethernet network. As a concept related to computer networking, it includes three types of Ethernet modes: broadcast, unicast and multicast Ethernet. BUM traffic refers to that kind of network traffic that will be forwarded to multiple destinations or that cannot be addressed to the intended destination only.

Deterministic Networking (DetNet) is an effort by the IETF DetNet Working Group to study implementation of deterministic data paths for real-time applications with extremely low data loss rates, packet delay variation (jitter), and bounded latency, such as audio and video streaming, industrial automation, and vehicle control.

References

  1. Sasu Tarkoma (2010). Overlay Networks: Toward Information Networking . CRC Press. p.  3. ISBN   9781439813737.
  2. Peterson, Larry; Davie, Bruce (2012). "Chapter 9: Applications". Computer Networks: A Systems Approach. Elsevier. Retrieved 19 December 2022.
  3. 1 2 David Andersen, Hari Balakrishnan, Frans Kaashoek, Robert Morris (December 2001). "Resilient overlay networks". Proceedings of the eighteenth ACM symposium on Operating systems principles. Vol. 35. pp. 131–45. doi:10.1145/502034.502048. ISBN   978-1581133899. S2CID   221317942.{{cite book}}: CS1 maint: multiple names: authors list (link)
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.