Network Virtualization
Previously, I covered VLAN and PVLANs as technologies that provide some isolation
between virtual machines and even abstract the connectivity from the physical
network to a limited degree. However, challenges include the scalability limits of
VLANs, the narrow scenarios for which PVLANs make sense, and the relative
complexity and overhead of configuration required on the network equipment where
VLANs are used and modified. Even with VLANs, there is not a true abstraction of the
virtual network and the physical fabric.
Look at every aspect of the virtual environment. Memory, processor, and storage have
all been virtualized effectively for a virtual machine but not the network. Our goal
when we talk about clouds is to pool all of our resources for greater scale and
flexibility, but physical networks can impede this seamless pooling. When a virtual
machine is attached to a virtual switch, it needs to match the IP scheme used on the
underlying network fabric to be able to communicate. A lot of time can be spent
modeling the network in SCVMM, and once configured, it makes the management of
the network much easier, but it also enables a far more powerful feature: network
virtualization.
Network Virtualization Overview
Network virtualization separates the address space seen by the virtual machines—the
customer address (CA) space—from that used to send the packets over the network—
the provider address (PA) space. This separation provides abstraction of the network
and complete isolation between virtual networks. This complete isolation of address
space enables tenants to bring their own IP schemes and subnets to a virtual
environment and enables overlapping of IP subnets among virtual networks.
Additionally, because of this abstraction, it’s possible for virtual machines to move
between locations without requiring changes to their IP configuration.
This is important in many scenarios. Hosting companies that want to host many
tenants benefit greatly from network virtualization, because each tenant is completely
isolated from every other tenant with complete IP flexibility. Think about a company
hosting Coke and Pepsi. It’s important to be able to keep them completely isolated!
Organizations that host different business units can also provide complete isolation
and, again, flexible IP schemes.
Even without the need for flexible IP schemes or complete isolation, a move to
network virtualization and software-defined networking (SDN) removes the
complexity of managing physical network infrastructure anytime a change is required
that is commonly needed when using existing technologies such as VLANs. Network
virtualization also removes the scalability challenges associated with VLANs. Mega-
scale public cloud services such as Azure leverage SDN to facilitate the networking in
their multitenant model. Additionally, as you will explore, SDN can add many layers of