Distributed Overlay Virtual Ethernet

Last updated

Distributed Overlay Virtual Ethernet (DOVE) is a tunneling and virtualization technology for computer networks, created and backed by IBM. DOVE allows creation of network virtualization layers for deploying, controlling, and managing multiple independent and isolated network applications over a shared physical network infrastructure. [1]

Contents

Overview

The tunneling format is decoupled from the logical network view offered by DOVE, and defines only the way frames are encapsulated to be transferred by the underlying network infrastructure. As a notable difference from other network virtualization solutions (such as OTV), this allows DOVE not to be limited to providing OSI layer 2 emulation only (for example, passing Ethernet frames). [1]

Logical components of the DOVE architecture are DOVE controllers and DOVE switches (abbreviated as dSwitch). DOVE controllers perform management functions, and one part of the control plane functions across DOVE switches. DOVE switches perform the encapsulation of layer 2 frames into UDP packets using the Virtual Extensible LAN (VXLAN) frame format, and provide virtual interfaces for virtual machines to plug into, similarly to how physical Ethernet switches provide ports for network interface controller (NIC) connections. DOVE switches are running as part of virtual machine hypervisors. [1] [2] [3]

Advantages

Primary advantages of DOVE include the following: [4]

Implementations

As of November 2013, DOVE components are implemented as part of VMware's hypervisors, while implementations for the Linux KVM and Open vSwitch are planned. [5] [6]

DOVE extensions for VXLAN were merged into the Linux kernel mainline in kernel version 3.8, which was released on February 18, 2013. [7] [8] Appropriate extensions to related userspace configuration utilities were added into version 3.8.0 of the iproute2 utilities, which was released on February 21, 2013. [9]

See also

Related Research Articles

A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer. LAN is the abbreviation for local area network and in this context virtual refers to a physical object recreated and altered by additional logic. VLANs work by applying tags to network frames and handling these tags in networking systems – creating the appearance and functionality of network traffic that is physically on a single network but acts as if it is split between separate networks. In this way, VLANs can keep network applications separate despite being connected to the same physical network, and without requiring multiple sets of cabling and networking devices to be deployed.

A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running across a VPN may therefore benefit from the functionality, security, and management of the private network. It provides access to resources that may be inaccessible on the public network, and is typically used for telecommuting workers. Encryption is a common, although not an inherent, part of a VPN connection.

MPLS VPN is a family of methods for using multiprotocol label switching (MPLS) to create virtual private networks (VPNs). MPLS VPN is a flexible method to transport and route several types of network traffic using an MPLS backbone.

In computer networking, TUN and TAP are kernel virtual network devices. Being network devices supported entirely in software, they differ from ordinary network devices which are backed by physical network adapters.

VMware ESXi Enterprise-class, type-1 hypervisor for deploying and serving virtual computers

VMware ESXi is an enterprise-class, type-1 hypervisor developed by VMware for deploying and serving virtual computers. As a type-1 hypervisor, ESXi is not a software application that is installed on an operating system (OS); instead, it includes and integrates vital OS components, such as a kernel.

Kernel-based Virtual Machine Virtualization module in the Linux kernel

Kernel-based Virtual Machine (KVM) is a virtualization module in the Linux kernel that allows the kernel to function as a hypervisor. It was merged into the mainline Linux kernel in version 2.6.20, which was released on February 5, 2007. KVM requires a processor with hardware virtualization extensions, such as Intel VT or AMD-V. KVM has also been ported to other operating systems such as FreeBSD and illumos in the form of loadable kernel modules.

Infrastructure as a service (IaaS) are online services that provide high-level APIs used to dereference various low-level details of underlying network infrastructure like physical computing resources, location, data partitioning, scaling, security, backup etc. A hypervisor, such as Xen, Oracle VirtualBox, Oracle VM, KVM, VMware ESX/ESXi, or Hyper-V runs the virtual machines as guests. Pools of hypervisors within the cloud operational system can support large numbers of virtual machines and the ability to scale services up and down according to customers' varying requirements.

In computing, network virtualization is the process of combining hardware and software network resources and network functionality into a single, software-based administrative entity, a virtual network. Network virtualization involves platform virtualization, often combined with resource virtualization.

OpenFlow is a communications protocol that gives access to the forwarding plane of a network switch or router over the network.

cgroups is a Linux kernel feature that limits, accounts for, and isolates the resource usage of a collection of processes.

Hewlett Packard Enterprise and its predecessor entities have a long history of developing and selling networking products. Today it offers campus and small business networking products through its wholly owned company Aruba Networks which was acquired in 2015. Prior to this, HP Networking was the entity within HP offering networking products.

RDMA over Converged Ethernet (RoCE) is a network protocol that allows remote direct memory access (RDMA) over an Ethernet network. It does this by encapsulating an IB transport packet over Ethernet. There are two RoCE versions, RoCE v1 and RoCE v2. RoCE v1 is an Ethernet link layer protocol and hence allows communication between any two hosts in the same Ethernet broadcast domain. RoCE v2 is an internet layer protocol which means that RoCE v2 packets can be routed. Although the RoCE protocol benefits from the characteristics of a converged Ethernet network, the protocol can also be used on a traditional or non-converged Ethernet network.

Software-defined storage (SDS) is a marketing term for computer data storage software for policy-based provisioning and management of data storage independent of the underlying hardware. Software-defined storage typically includes a form of storage virtualization to separate the storage hardware from the software that manages it. The software enabling a software-defined storage environment may also provide policy management for features such as data deduplication, replication, thin provisioning, snapshots and backup.

Virtual Extensible LAN (VXLAN) is a network virtualization technology that attempts to address the scalability problems associated with large cloud computing deployments. It uses a VLAN-like encapsulation technique to encapsulate OSI layer 2 Ethernet frames within layer 4 UDP datagrams, using 4789 as the default IANA-assigned destination UDP port number. VXLAN endpoints, which terminate VXLAN tunnels and may be either virtual or physical switch ports, are known as VXLAN tunnel endpoints (VTEPs).

The Data Plane Development Kit (DPDK) is an open source software project managed by the Linux Foundation. It provides a set of data plane libraries and network interface controller polling-mode drivers for offloading TCP packet processing from the operating system kernel to processes running in user space. This offloading achieves higher computing efficiency and higher packet throughput than is possible using the interrupt-driven processing provided in the kernel.

Overlay transport virtualization (OTV) is a Cisco proprietary protocol for relaying layer 2 communications between layer 3 computer networks.

Open vSwitch

Open vSwitch, sometimes abbreviated as OVS, is an open-source implementation of a distributed virtual multilayer switch. The main purpose of Open vSwitch is to provide a switching stack for hardware virtualization environments, while supporting multiple protocols and standards used in computer networks.

Pica8, Inc. is a computer networking company headquartered in Palo Alto, California, United States. Pica8 is a vendor of open-standards-based operating systems on white box network switches delivering software-defined networking (SDN) solutions for datacenter and cloud computing environments and traditional L2/L3 solutions for large enterprise customers. The company's products include a Linux-based L2/L3 and OpenFlow-supporting network operating system, PICOS, which is shipped as standalone software that can be loaded onto a range of 1/10/40/100 Gigabit Ethernet switches based on commoditized switches purchased from original design manufacturers (ODMs).

Broadcast, unknown-unicast and multicast traffic Computer networking concept

Broadcast, unknown-unicast and multicast traffic is network traffic transmitted using one of three methods of sending data link layer network traffic to a destination of which the sender does not know the network address. This is achieved by sending the network traffic to multiple destinations on an Ethernet network. As a concept related to computer networking, it includes three types of Ethernet modes: broadcast, unicast and multicast Ethernet. BUM traffic refers to that kind of network traffic that will be forwarded to multiple destinations or that cannot be addressed to the intended destination only.

Ethernet VPN (EVPN) is a technology for carrying layer 2 Ethernet traffic as a virtual private network using wide area network protocols. EVPN technologies include Ethernet over MPLS and Ethernet over VXLAN.

References

  1. 1 2 3 Liane Lewin-Eytan; Katherine Barabash; Rami Cohen; Vinit Jain; Anna Levin (August 28, 2011). "Designing Modular Overlay Solutions for Network Virtualization" (PDF). IBM Research Division. Retrieved November 22, 2013.
  2. Renato Recio (2012). "Distributed Overlay Virtual Ethernet (DOVE) Networks" (PDF). IBM . Retrieved November 22, 2013.
  3. Shamus McGillicuddy (September 2012). "IBM DOVE: Big Blue enters the network virtualization battleground". techtarget.com. Retrieved November 22, 2013.
  4. Thomas Richter (October 21, 2013). "Software Defined Networking using VXLAN" (PDF). LinuxCon Edinburgh. IBM Research and Development, Linux Technology Center. Retrieved November 22, 2013.
  5. Jack Clark (March 27, 2013). "IBM unfurls SDN network manager". The Register . Retrieved November 22, 2013.
  6. "Open DOVE project proposal" (PDF). IBM System Networking. 2013. Retrieved November 22, 2013.
  7. "Linux kernel 3.8, Section 10. Networking". kernelnewbies.org. February 18, 2013. Retrieved July 14, 2014.
  8. "kernel/git/torvalds/linux.git: Add DOVE extensions for VXLAN". Linux kernel source tree. kernel.org. November 20, 2012. Retrieved November 23, 2013.
  9. Stephen Hemminger (February 21, 2013). "iproute2 3.8.0". LWN.net . Retrieved November 23, 2013.