Unit IV

Virtual Networks and virtual Storage

Presented by:

Rajeshwari Patil

Assistant Professor

NMIT
Conflicting Goals For A Data Center Network
 Data center network designers face a challenge of balancing between two
conflicting goals:

Universal Connectivity:

o Systems across the entire data center must be able to communicate with each
other.

o Apps need to interact with databases, other apps, storage, and possibly
external networks (e.g., the Internet).

o The network should allow VMs and containers to be placed on any physical
server, with seamless communication.

o The leaf-spine architecture ensures universal connectivity by providing multiple

physical paths between servers.
Safe, Isolated Communication:

o Customers in a multi-tenant data center need assurance that their

systems and communication are isolated from other tenants.

o Customers ideally want a separate network that connects only their own
VMs and containers to ensure privacy and security.
Virtual networks, Overlays and Underlays
 Network Virtualization is used to keep each tenant’s traffic isolated in a cloud service with
multiple tenants.

 The provider builds a network with universal connectivity and configures network switches to
create independent, isolated networks for each tenant.

 These isolated networks are virtual, meaning they are logically separated, not physically.

 Virtual Networks are configured to restrict traffic so that only specific VMs and containers
can receive certain packets, effectively creating isolated communication paths.

 Overlay Network refers to a virtual network created by configuring switches to restrict

communication, even though it does not physically exist.

 Underlay Network is the physical network that supports and connects the virtual networks,
providing the real infrastructure for communication.
Virtual Local Area Networks(VLAN’s)

 VLAN (Virtual Local Area Network) is one of the earliest network virtualization technologies,
used in data centers to create isolated networks.

 VLANs are part of the Ethernet standard, with Ethernet switches supporting VLAN
functionality.

 A traditional switch forms a single network, but with VLANs, each switch port is assigned a
VLAN tag, which logically groups connected computers into isolated networks.

 Computers in the same VLAN can communicate, while broadcast packets are only sent to
computers in the same VLAN.

 Multiple switches can be configured with consistent VLAN tags, allowing packets to retain
their VLAN tags when passing between switches.
Limitations of VLANs:

o VLANs use 12-bit tags, limiting the number of VLANs to 4096, which may
not suffice for large data centers.

o Large data centers could only support a limited number of tenants, as each
tenant may require multiple VLAN tags.

o VLANs assign tags to switch ports, not directly to VMs or containers.

o The Spanning Tree Protocol (STP) used with VLANs does not scale well for
large data centers.
Scaling VLANs To a Data Center with VXLAN

VXLAN (Virtual Extensible LAN) is a technology that extends VLANs to scale large
data centers, supporting over 16 million virtual networks.

IP Addresses: Data center switches use IP addresses to forward packets,

including those destined for the Internet.

VXLAN requires each switch to have VXLAN software and special routing
protocols to determine the locations of computers within the data center.

Multicast Technology: VXLAN uses multicast to efficiently deliver packets. Instead

of sending multiple copies of a packet across the data center, it sends a single
copy that is then distributed to all recipients.
Encapsulation: VXLAN uses a unique form of encapsulation:

o Ethernet packets carry Internet packets in conventional networks.

o VXLAN places the entire Ethernet packet inside an Internet packet, which is
then placed inside an "outer" Ethernet packet for transfer.

This multi-layer encapsulation enables VXLAN to scale VLANs effectively

across large data centers.
A virtual Network Switch within a Server
The use of VMs and containers complicates data center networking in two ways.

o Data centers assign a separate IP address to each virtual machine (VM), even
if multiple VMs run on the same physical server.

o Communication between VMs on the same server requires packet forwarding.

Solution: Virtual Network Switch:

o A virtual network switch (e.g., Open vSwitch) is used to forward packets

between VMs.

o The virtual switch acts like a conventional physical network switch, using the
server’s physical network connection to link to the data center network.
Each VM is connected to the virtual switch, allowing it to send and receive packets
just like a physical machine connected to a real switch.

The virtual switch follows the same configuration rules as physical switches,
ensuring proper packet forwarding (e.g., preventing communication between VMs
owned by different tenants).
Network Address Translator(NAT)
Does each container have its own IP address, or do containers all share the IP
address of the host OS?

Three Possibilities for Container IP Addressing:

o A container can clone the host’s IP address

o A container can receive a new IP address

o A container can use address translation

Cloning the Host’s IP Address:

o Container uses the same IP as the host.

o Risks:

Potential conflicts if multiple containers or apps attempt to use the same port
(e.g., port 80).

o Rarely used in cloud environments.

Assigning a New IP Address:

o Each container gets a unique IP address.

o A virtual switch in the host OS connects containers to the network.

Using Address Translation (NAT):

o Containers receive private IPs from a reserved range.

o NAT software in the host OS translates private IPs to the host's public IP for
communication with the internet.

o Process:

Outgoing packets: NAT replaces container’s private IP with host’s public IP.

Incoming packets: NAT maps host’s IP back to the container’s private IP.
Managing Virtualization and Mobility in Datacenter
Conventional Network Management

o Stable network and device connections.

o Configuring switches involves setting rules for packet processing.

o Post-configuration, the network operates reliably unless equipment fails.

o Failures handled by routing software via rule updates to reroute packets.

Challenges in Cloud Data Center Management

Complex Interconnections Among Switches:

o Requires configuration of switches for global Internet and data center

destinations.

o Equal-cost multi-path (ECMP) setups for load balancing add complexity.

Multiple Levels of Virtualization:

o VXLAN configuration demands:

 IP addresses and forwarding setup.

 Correct IP multicast configuration.

o Routing protocols need to propagate address data across the network.

Arbitrary Placement & Migration of Addressable Entities:

o Virtual entities (VMs, containers) can be placed on any physical server.

o IP addresses for a tenant might spread across the data center.

o Systems must handle VM migration dynamically, ensuring network connectivity

updates.
Automated Network Configuration and Operation

Challenges in networking

o Configuring thousands of switches in complex interconnections.

o Updating forwarding rules dynamically when VMs move.

Solutions was to automate network configuration and operation

Spanning Tree Protocol (STP)

o Problem: Cycles in leaf-spine architectures cause broadcast storms,

endlessly forwarding packets.

o Solution:

STP detects cycles in the network.

Sets rules to prevent packet cycling, ensuring stable broadcast behavior.

Standard Routing Protocols

o Examples:

OSPF (Open Shortest Path First): Calculates shortest paths within the data
center.

BGP (Border Gateway Protocol): Manages routing to global Internet

destinations.

o Functionality:

Propagates routing information automatically.

Installs forwarding rules for optimal packet routing.

Detects failures (switch/link) and dynamically reroutes packets to maintain

network reliability.
Software Defining Network(SDN) for automated N/W
Management
 Software-Defined Networking (SDN) is a groundbreaking technology that simplifies network
management, especially in large-scale, dynamic environments like data centers.

 It allows administrators to automate network operations, manage complexity, and adapt to

changes efficiently.

 At its core, SDN separates the control plane (decision-making about traffic flow) from the
data plane (actual packet forwarding). This separation gives administrators centralized control
over the entire network through software.

 Key Feature:

o High-level policies define network behavior

o software manages low-level details.

Working of SDN
 Centralized SDN Controller:
Runs on a dedicated computer with:
o Operating System: Typically Linux.
o SDN Controller App: Manages switches.
o Management Apps: Implements policies for packet forwarding.

 Logical Connections to Switches

Bidirectional communication between the controller and switches.
Controller Responsibilities:
o Configure switches with forwarding rules.
o Monitor switch status and links to other switches.
o Handle exceptions (e.g., unhandled packets, attacks).

 Dynamic Responses
Detect and adapt to events such as link failures or recoveries.
Enable updates to forwarding rules when VMs migrate.
 Advantages of SDN

o Automation: Reduces reliance on manual configurations, saving time and minimizing

human error.

o Scalability: Can manage large data centers with thousands of switches and devices.

o Flexibility: SDN can adapt to dynamic changes, such as VM migrations, by updating

forwarding rules automatically.

o Improved Monitoring and Security:

Switches report failures or suspicious activities (e.g., packets from an attack) to the
controller.

Administrators can respond quickly to anomalies.

o Cost Efficiency: Centralized control eliminates the need for expensive, proprietary
hardware.
The OpenFlow Protocol in SDN

 OpenFlow is a key standard for communication between SDN controllers and switches.

 Defines the structure and semantics of messages exchanged between the controller and
switches.

 How OpenFlow Controls Packet Forwarding?

Controller and Switch Interaction

o The SDN controller installs forwarding rules in switches.

o Rules specify:

 Packet Type (based on header fields).

 Output Port for forwarding.

Packet Processing in Switches

o When a packet arrives:

Switch hardware compares the packet header against installed rules.

Matches a rule and forwards the packet to the specified port.

Evolution of SDN: From Static Rules to Programmable
Networks
First-Generation SDN

Static Forwarding Rules:

o Rules match packet headers to output ports.

o Packets that do not match any rule are sent to the controller.

Controller's Role for Exceptions:

o Examines policies and determines actions (e.g., forwarding or dropping).

o Installs new rules in switches for future similar packets.

Limitations:

o High overhead due to frequent controller involvement in handling exceptions.

Second-Generation SDN: Programmable Networks

Programmable Switches:

o Includes a computer program in each switch to reduce controller

dependency.

P4 Language:

o A specialized programming language designed for flexible and efficient

switch programming.

o Allows dynamic and tailored packet processing directly at the switch

level.
Virtual Storage
Persistent Storage: Files and Disks
Persistent Storage: Retains data even when power is removed. It is Used in both
conventional computers and data centers with similar designs.

There are two Forms of Persistent Storage

Persistent Storage Devices:

o 1960s: Electromechanical disks with magnetized surfaces.

o Modern Era: Solid State Drives (SSDs) with no moving parts for higher
reliability and speed.
Persistent Storage Abstractions:

o Operating System Abstractions:

Named Files:

Store arbitrary data types (e.g., text, images, videos).

Vary in size.

Hierarchical Directories (Folders):

Organize files into logical groups for ease of access and management.
Disk Device Operations: Block-Oriented Interface
Disks operate using a block-oriented interface, handling data in fixed-sized blocks.

Common block sizes:

o Traditional: 512 bytes.
o Modern: 4096 bytes (enhanced performance).

How Disk Operations Work

Writing Data
Input Required:
o Block of Data to store.
o Block Number indicating the disk location.
Entire block is replaced with new data (no partial updates).
Reading Data

Input Required:

o Block Number to specify the data location.

Disk retrieves and returns the entire block.

Key Constraints

o Transfers only complete blocks per operation.

o Processes one block per request at a time.

The File Interface Abstraction

A file system is a software module enabling users and applications to manage files.

Provides an abstraction over the block-oriented disk interface for ease of use.

File System Features

Core Operations

o Open, Close, Read, Write: Standard operations for file manipulation.

Additional Operations

o Rename files or move them in directories.

o Modify file ownership and permissions.

o Access metadata (e.g., creation and modification timestamps).

Key Differences: File System vs. Disk Interface

Disk Interface:

o Block-oriented (fixed-size block operations).

File System:

o Byte-oriented (arbitrary byte position and size for transfers).

Challenges for Data Centers

o Variations in file system designs (e.g., file naming, ownership, protections)

complicate file storage system implementation in large-scale environments.
Local and Remote Storage
Local Storage (Directly Attached Storage - DAS)

o Definition: Storage devices directly connected to a computer via an I/O bus.

o Types: Electromechanical disks and solid-state disks.

o Key Feature: Interaction with the processor occurs through the I/O bus.

Remote Storage

o Definition: Persistent storage accessible over a computer network.

o Architecture:

Disk connects to a storage server.

The server connects to the network and manages communication.

o Key Feature: Not directly attached to the computer.

Two Types of Remote Storage Systems
 The first remote systems appeared in the 1980s, shortly after Local Area Networks (LANs)
became available and almost two decades before cloud data centers were in vented.

 Two paradigms introduced:

o Byte-Oriented Remote File Access

o Block-Oriented Remote Disk Access

 Byte-Oriented Remote File Access:

o Purpose: Solve file-sharing challenges as organizations transitioned to individual

workstations.

o Architecture:

A storage server equipped with a disk and a file system.

 User’s workstation interacts via open-close-read-write commands.

NFS (Network File System):

o One of the first systems for remote file access, invented by Sun Microsystems.

o Transparent integration of remote files into the local file system.

 Block-Oriented Remote Disk Access:

o Purpose: Support diskless workstations (no local storage).

o Process:

Workstation sends read/write requests for specific disk blocks over the network.

Storage server performs the operation and responds with data or error codes.

o Features: Operates at the disk block level, enabling low-level data management.
Network Attached Storage(NAS) Technology
 Three implementations of storage servers have been used:
o Host-based
o Server-based
o Specialized hardware

 Host-Based Storage Servers

o Description:
Standard computer with network access and local storage.
Uses file-sharing software to handle network requests.
o Advantages:
Low cost, no specialized hardware required.
o Disadvantages:
Limited performance and scalability.
Server-Based Storage Servers

o Description:

Dedicated, high-speed server hardware.

Includes multiple cores, large memory for caching, and high-speed I/O buses.

o Advantages:

Handles many requests per second.

Supports multiple local disks for greater scalability.

Specialized Hardware (Network Attached Storage - NAS)

o Description:

Purpose-built, ruggedized systems for cloud data centers.

Optimized for high performance and durability.

o Key Features:

RAID Arrays:

Parallel, redundant disks ensure data durability.

Supports hot swapping for uninterrupted operation during disk

replacement.

Suitable for high-demand, continuous operation.

Storage Area Network(SAN)
SAN: A block-oriented remote storage system providing a remote disk interface.

Designed for high performance and durability in data centers, similar to NAS but
with distinct features.

Key Features of SAN

o Optimized Components:

Specialized, ruggedized hardware and software.

Ensures durability and reliability for continuous operations.

o Dedicated Storage Network:

Separate from the main data center network.

Keeps storage traffic isolated, improving performance.

Motivations for a Separate Storage Network

Traffic Patterns:

o Web Traffic (North-South): Flows between clients and servers.

o Storage Traffic (East-West): Flows between servers and storage systems.

Capacity Concerns:

o Hierarchical network designs face limitations in scaling for storage traffic.

o Fixed-capacity network technologies may not meet growing demands.

Latency Reduction:

o Avoids routing storage traffic through higher levels of the network hierarchy,
reducing delays.
Mapping Virtual Disks to Physical Disks

 SAN servers store data blocks for clients using local disks.

 They provide clients with virtual disks, abstracting the underlying physical storage.

 Virtual Disk Creation

 Request:

o Software sends a request to create a virtual disk with a unique ID and a specified size (in
blocks).

 Virtual Disk Map:

o The server creates a map associating virtual block numbers (e.g., 0, 1, 2) with physical disk
blocks.

o Blocks may be on a single physical disk or spread across multiple physical disks.
Read/Write Operations

o Request Handling:

Client sends requests to read/write virtual blocks (e.g., block 0, block 1).

The SAN server uses the client's unique ID to locate the virtual disk map.

o Block Mapping:

Translates virtual block numbers into physical disk and block locations.

Executes the operation on the mapped physical block.

o Client Transparency:

Clients perceive a single, continuous disk, unaware of the underlying physical

block distribution.
Hyper-Converged Infrastructure
 Early SANs Used specialized, expensive networks.

 Modern SANs Leverage leaf-spine architectures and affordable, high-capacity Ethernet

hardware. Redesigned to operate over conventional data center networks.

 Converged Network:

o A single network carrying multiple types of traffic (e.g., web, storage, application).

 Hyper-Converged Infrastructure (HCI):

o Data center networks designed to carry all types of traffic, including SAN storage traffic.

o Simplifies infrastructure by unifying storage, compute, and networking on a shared

network.
Comparison of SAN and NAS Technology
NAS Overview
NAS enables apps to share files over a network.
Provides a transparent file system interface, blending remote directories into the
local file hierarchy.
Supports standard file operations (open-read-write-close).

Advantages of NAS
Container Integration:
o Programmers can specify external mount points in container images.
o Users can connect these points to local or remote directories during
container creation.
 Efficient File Handling:

o Only file data passes over the network.

o NAS server maintains metadata (e.g., directories, inodes) for efficiency.

Disadvantages of NAS

OS Dependency:

o NAS systems are tied to specific operating systems.

o Limited compatibility with other OS file systems.

User ID & Permissions Consistency:

o All connected systems must agree on file ownership and access permissions
to avoid conflicts.
SAN Technology:

 Advantages

o OS Independence: Compatible with any operating system (e.g., Windows, Linux).

o Efficiency: Uses integer-based block identifiers for fast mapping between virtual and
physical blocks.

o Ideal for VMs: Works well with virtual machines requiring independent storage.

 Disadvantages

o Limited File Sharing: Each entity has its own virtual disk, making file sharing difficult.

o Not Suitable for Containers: Containers cannot directly use a block-oriented interface.

o Metadata Overhead: File systems residing on entities must transfer metadata over the
network to the SAN server, adding overhead.
Object Storage

Object Store (Key-Value Store):Alternative to Block Storage (SAN) and File

Storage (NAS).

Designed for storing and sharing arbitrary data across any OS and application.

Key Characteristics of Object Stores

Stores Arbitrary Objects:

o Supports any type of digital object.

o Organizes data into buckets, similar to file folders.

 Universal Accessibility and Scalability:

o Provides a general-purpose interface (e.g., RESTful API using HTTP).

o Scales for simultaneous access by apps, including containers and VMs.

OS Independence:

o Does not rely on specific operating systems or file systems.

o Accessible to apps on any OS.

Use Case Comparison

o SAN: Best for VMs requiring block storage.

o NAS: Ideal for shared file systems but OS-dependent.

o Object Store: Universal, scalable, and flexible for diverse apps.

Compare SAN, NAS, and Object Store
Feature SAN (Block Storage) NAS (File Storage) Object Store

Key-value store (object-based

Storage Paradigm Block-oriented (virtual disk interface) Byte-oriented (file system interface)
interface)

Compatibility OS-independent OS-dependent OS-independent

Integrated with local file system

Access Virtual disk seen as local storage Access via RESTful APIs (HTTP)
(transparent)

Sharing Capability Limited file sharing Designed for file sharing Ideal for sharing arbitrary objects

Performance High for single entities (e.g., VMs) High for shared files Scalable for simultaneous access

Ideal Use Case Virtual machines needing block storage Sharing files among apps or users Arbitrary data storage for any app

Resides on client, transferred over

Metadata Management Maintained on NAS server Managed independently by object store
network

Scalability Moderate Moderate Highly scalable

Network Attached Storage (NAS), e.g.,

Examples Storage Area Network (SAN) Amazon S3, Google Cloud Storage
NFS