VMware vSphereVMware vCenterMicrosoftVMwareServer InfrastructureData Center
Article8 minute read

Introduction to Network Virtualization

This article gives an introduction to network virtualization concepts. It discusses the basic parts of virtual networks and the advantages and disadvantages.

In this article

Network virtualization (NV) is the software-based implementation of networking services. These services include Internet protocol (IP) routing, packet switching, traffic load balancing, and packet filtering. Before the existence of network virtualization, particular networking services were only available in dedicated hardware devices such as switches, routers, load balancers, and firewalls.

There are many benefits to the use of network virtualization. It allows multiple networks to exist together on a single physical network infrastructure. Conversely, virtual LANs (VLANs) segment a physical network into multiple logical networks, thus decoupling network topologies from its underlying physical infrastructure. Both these network virtualization capabilities demonstrate its efficient use of resources and how it increases network design and deployment flexibility. 

Network Functions Virtualization (NFV) replaces physical network devices with virtual services. These services perform the same functions as physical network devices. Virtual Machine Manager (VMM) can manage these services from the hypervisor.

 Virtual vs. physical networks

While virtual networks seem to be the best choice for upgrading existing networking infrastructure, we must not forget about the hardware needed along with other aspects of network virtualization. Let's discuss the advantages and disadvantages of a virtual network and its physical counterpart. 

Advantages of virtual networks:

  • Scalability: Virtual networks can be easily scaled up or down to meet changing needs without purchasing or installing new hardware.
  • Flexibility: Virtual networks are modified rapidly and efficiently to meet the needs of various applications and users.
  • Cost-effectiveness: Virtual networks are often less expensive to set up and maintain than physical networks, as they do not require the purchase of physical hardware.
  • Improved security: Virtual networks can be isolated from one another and have specific security policies and configurations applied.

Disadvantages of virtual networks:

  • Performance: Virtual networks can have performance limitations compared to physical networks, particularly in latency and bandwidth.
  • Dependence on underlying infrastructure: Virtual networks depend on the underlying physical infrastructure and hardware, so a problem with this infrastructure can affect the virtual network.
  • Complexity: Virtual networks can be more complex to manage and maintain than physical networks, as they require expertise in both virtualization and networking.

Advantages of physical networks:

  • Reliability: Physical networks are often more reliable than virtual networks, as they do not rely on the underlying infrastructure.
  • Better performance: Physical networks can offer better performance and lower latency than virtual networks.
  • Physical security: Physical networks can be physically secured to prevent unauthorized access.

Disadvantages of physical networks:

  • Cost: Physical networks can be more expensive to set up and maintain than virtual networks, as they require purchasing physical hardware.
  • Scalability: Physical networks can be challenging to scale up or down to meet changing needs, often requiring purchasing new hardware.
  • Maintenance: Physical networks require regular maintenance and upgrades, which can be time-consuming and expensive.

 VMware vSphere and Microsoft Hyper-V

We will review the essential networking components from two of the most common virtualization vendor platforms, VMware vSphere and Microsoft Hyper-V.
 

VMware basic virtual networking components

  • A virtual network interface card (vNIC) allows the virtual machine (VM) to gain access to a network. It is also known as a virtual network adapter. More than one vNIC can be attached to a VM, allowing the VM to access more than one network. These virtual adapters emulate the capabilities of their physical counterparts. They are assigned Media Access Control (MAC) addresses and have configurable speeds. Each vNIC must have an Internet Protocol (IP) configuration to communicate with other devices on the network.
  • The Port Group is the virtual container vNICs connect to assign specific OSI Layer 2 network rules to the group of vNICs. Port group configurations include VLAN assignment and behavior, MAC address security, traffic shaping, and NIC teaming and failover. One VM accesses multiple networks by having vNICs in numerous port groups. The port group is attached to a virtual switch (vSwitch).
  • The virtual switch (vSwitch) sends traffic between its attached port groups and other network ports, which may be physical or virtual layer two ports. The vSwitch allows communication between VMs within its attached port groups and those outside the vSwitch. Like the port group, the vSwitch can also be configured to secure network traffic, shape traffic, and have network port redundancy and failover.
  • Uplinks are the physical network adapter ports for the host machine of the hypervisor. Individual uplinks can be grouped to form certain types of redundancy or failover. Uplinks are put in groups to implement teaming protocols such as Link Aggregation Groups (LAGs).

The mapping between port groups and uplinks happens at the vSwitch level. Suppose no mapping exists for the port group to send network traffic to an uplink or a network outside the hypervisor. In that case, virtual machines on the same port group within a hypervisor can only communicate with each other and not with an external network. 

 Virtual switch architecture 

 Virtual Switch Architecture 

Distributed port group and virtual distributed switches              

Port groups and vSwitches, in their simplest form, exist as one entity per hypervisor. A multi-hypervisor environment manager, such as VMware's virtual center (vCenter), allows for the distribution of port groups and vSwitches among hypervisors. A distributed port group enables VMs to be in the same port group but on different hypervisors. A distributed port group connects to a virtual distributed switch (vDS). These distributed virtual devices allow for more effortless scalability and consistent rules.

Diagram Description automatically generated
Distributed Port Group and Virtual Distributed Switches   

   

  

Microsoft's Hyper-V hypervisor has the option of three virtual switch types and two virtual network adapter types. Hyper-V Manager or the Hyper-V module for Windows PowerShell can configure these options.

Hyper-V virtual switch types:

  • An external virtual switch binds to a physical network adapter to connect to a wired, physical network.
  • The internal virtual switch has connectivity only to VMs running on the host with this virtual switch and between the VMs and the host itself.
  • A private virtual switch is the same as the internal virtual switch except that the connection between the VMs on the switch and the host does not exist.

Hyper-V virtual network adapter types:

  • Hyper-V specific network adapter is designed for Hyper-V and must include the driver in Hyper-V integration services. This adapter offers faster network speeds. The exception to its use is if you need to boot to the network or are running a guest operating system that the driver does not support.
  • A legacy network adapter is mainly used for booting to a network and for generation 1 VMs.

 Networking using Nutanix

File:Nutanix-Logo-Charcoal-Gray-Digital.svg - Wikipedia

Regarding networking in a Nutanix environment, several fundamental concepts must be understood. In this section, we will explore these concepts to help you get started with networking using Nutanix.

Virtual switches

In Nutanix, virtual switches are crucial in connecting virtual machines (VMs) within a cluster. These switches operate at the hypervisor level and connect VMs on different hosts. Nutanix supports both standard virtual switches and distributed virtual switches.

VLANs

Virtual LANs (VLANs) are supported in Nutanix, allowing you to separate network traffic within your infrastructure logically. VLANs help isolate different types of traffic, improve security, and optimize network performance. With Nutanix, you can configure VLANs to segment your network and control the data flow.

IP Address Management

Nutanix provides IP address management (IPAM) capabilities to manage IP addresses for your virtual machines. You can assign IP addresses manually or use DHCP to assign addresses automatically. Nutanix simplifies IP address management, ensuring your VMs have network configurations.

Network security with Nutanix Flow

Nutanix Flow is a network security solution that offers microsegmentation and security policies for your VMs. With Nutanix Flow, you can define rules to control network traffic between VMs, apply firewall policies, and monitor network activity. This helps in enhancing the security of your infrastructure and protecting your applications.

Load balancing

Nutanix supports load balancing to distribute network traffic across multiple VMs or services. Load balancing helps optimize resource utilization and improves application performance. With Nutanix, you can configure load balancing to ensure that network traffic is evenly distributed, preventing any single VM or service from becoming overwhelmed.

Network virtualization

Nutanix allows you to create virtual networks within your infrastructure, decoupling the network from the underlying physical hardware. This provides flexibility, scalability, and easier management of your network infrastructure. Network virtualization in Nutanix enables you to create and manage virtual networks, define network policies, and control network traffic between VMs and external networks.

Network monitoring with Prism

Nutanix Prism, the management interface for Nutanix clusters, provides network monitoring capabilities. With Prism, you can monitor network performance, track bandwidth usage, and troubleshoot network issues. This helps ensure your network infrastructure's smooth operation and allows you to address any network-related concerns proactively.

These fundamental concepts provide a solid foundation for understanding networking in a Nutanix environment. As you gain more experience and delve deeper into Nutanix networking, you can explore advanced topics such as network overlays, software-defined networking (SDN), and integration with external networking solutions.

Remember, networking is a critical aspect of any infrastructure, and Nutanix offers robust features and capabilities to help you build and manage your network effectively.

 Conclusion

Network virtualization has many advantages and use cases but relies on an underlying hardware-based infrastructure. Many factors, including complexity, maintenance, and cost, determine the decision to use virtualized network services. More advanced virtual network devices like virtual routers and firewalls will also require more powerful underlying hardware. Determining the best solution requires experience in both virtualization and networking. 

Technologies