http://tools.ietf.org/html/draft-sridharan-virtualization-nvgre-01
Note that VLANs can still be used on the physical fabric for the PA and would just be
part of the standard packet, completely invisible to the network virtualization traffic.
The packet structure for NVGRE encapsulation is as follows:
PA Ethernet MAC source and destination addresses
PA IP source and destination addresses
VSID, where the isolation is enforced by NVGRE Tenant Network ID (TNI)
VM Ethernet MAC source and destination addresses
CA IP source and destination addresses
Original IP payloadThere is a potential downside to using NVGRE that I at least want to make you aware
of. Because the original packet is being wrapped inside the NVGRE packet, any kind of
NIC offloading, such as IPsec processing in the network adapter, will break, because
the offloads won’t understand the new packet format if it is not NVGRE aware. The
good news is that many of the major hardware manufacturers have added support for
NVGRE to all of their network equipment, which will once again enable offloading
even when NVGRE is used. Additionally, even without offloading, typically no
significant performance degradation occurs until high-bandwidth (over 5Gbps)
scenarios are reached.
WHAT HAPPENED TO IP REWRITE?
If you looked at network virtualization for Windows Server 2012 early on, you
would have seen two types of network virtualization technologies: NVGRE and IP
rewrite. IP rewrite was originally introduced at the same time as NVGRE because
there was a concern that the NVGRE encapsulation would introduce too much
overhead. IP rewrite worked by rewriting the IP information of the packet as it
was sent over the wire to use the PA space instead of the CA space. This meant
that a regular packet was being sent over the network instead of an encapsulated
packet, and therefore all existing offloads continued to function. When the packet
reached the destination Hyper-V host, the IP address was rewritten again back to
the CA space. There had to be a PA for every CA used, which was a lot of IP
addresses from the PA space. The reality was that customers found the different
technologies confusing. In addition, after testing, it was found that even without
NVGRE-optimized hardware, the performance penalty expected from NVGRE did
not materialize until workloads started approaching 5Gbps for a single VM, which
would be a fairly isolated, extreme instance in most environments. Only at this
time did NVGRE support in the networking equipment to enable offloads become
a factor. For this reason, IP rewrite was deprecated in Windows Server 2012 and
has been removed in SCVMM 2012 R2 and above.