LAN SDN technology hard core insider 7 from layer 2 to layer 2

In the previous issue 《 Distributed anycast gateway 》 in , We asked two questions ：

Virtual machines in the same network segment , How to cross virtual switches (OVS) signal communication ？

Virtual machines of different network segments , How to cross OVS Communication ？

Today we will uncover the mystery for you .

First , We know , Under the same host , Virtual machines in the same network segment can communicate directly , In the same two-tier domain , Virtual machine communication across hosts requires OVS Increase in the upward direction VLAN TAG, As shown in the figure ：

that , Do we configure the entire data center network as a two-tier network , And assign corresponding VLAN, You can realize any communication between virtual machines and host computers ？

Of course not .

Let's review 《 computer network 》 Ethernet communication mechanism mentioned in the course , For Ethernet , Every BUM message (Broadcast, Unknown-unicast, Multicast), Will flood the network , in other words , Each layer-2 node in the network will copy the message to all ports except the port that receives the message .

Some students may ask , Such mechanism , Has not experienced the test of history ？ Of course . In a small subnet , If the number of terminals does not exceed 200 individual , There is no problem . however , If the subnet size reaches 1000 More than , Each terminal sends 1 individual BUM message , It will cause transmission in the subnet every second 1,000,000 A message , in other words , In the subnet BUM Number of flood packets , It is proportional to the square of the number of terminals .

See here , Some students who have a solid grasp of Ethernet technology have found the problem . Yes , Gigabit Ethernet can only transmit at most per second 1,488,095 A data message , When the subnet is large , Most of the resources in the network will be BUM Message flooding consumption , This is unacceptable .

We can judge , Under the trend of large-scale virtualization in the data center , The square law increased flooding packets manufactured by the virtualized terminal under the Ethernet flooding mechanism , And linearly enhanced Ethernet switching capability , It has become the main contradiction of data center network .

Second tier technology is the main means to solve this contradiction .

Common second tier Technology , Yes Trill、NVGRE、FabricPath、SPB etc. . In the waves washing away the sand ,VXLAN Technology with its good compatibility and scalability has become the mainstream of the second tier Technology .

VXLAN Implementation of technology , Is to encapsulate Ethernet packets in UDP Inside , When Ethernet packets enter VXLAN Tunnel time ,VXLAN End of Tunnel (VTEP, Vxlan Tunnel End Point) Add an outer layer for Ethernet packets IP/UDP Head , On the other end VTEP Demolished , As shown in the figure below ：

Pictured ,VLAN 100 Two inside VM When communication ,OVS Play the role VTEP Role , Add a layer of Ethernet outside the Ethernet packet /IP/UDP Data packet head . Outer layer IP Source address of / The destination addresses are at both ends OVS Of IP.

VXLAN use UDP port 4789 As the destination port , The source port is through the header of the inner packet Hash calculated , Easy to realize load balancing .

original ,VXLAN It's not mysterious , adopt VXLAN The implementation of layer 2 Forwarding is also very simple .

perform VXLAN Layer 2 Forwarding VTEP, We call it the VXLAN Second level gateway , or VXLAN bridge .

Tomorrow, , We will introduce VXLAN The concept of three-layer routing , Introduce in detail the mechanism of virtual machine forwarding across network segments .