Essential Guide

How VMware NSX network virtualization could change networking -- or not

A comprehensive collection of articles, videos and more, hand-picked by our editors

Vendors link hardware switches with VMware NSX network virtualization

Every major network hardware vendor minus Cisco announced integration of their physical switches with the VMware NSX network virtualization platform.

SAN FRANCISCO -- A large number of networking vendors announced physical switch integration with VMware's NSX network virtualization platform at VMworld this week, allowing customers to build virtual networks overlays between bare-metal and virtual servers. Cisco was notably absent from the group.

Dell, Hewlett-Packard (HP), Arista Networks, Cumulus Networks, Brocade and Juniper Networks announced support for VXLAN tunnel termination on their top-of-rack switches. All of them, with the exception of HP, also announced support for NSX VXLAN termination endpoint (VTEP) software on their switches, allowing the NSX controller to provision connectivity through them.

Why no Cisco in the VMware NSX release?

Why Cisco didn't make a similar announcement is still a mystery -- and the absence has caused many to question Cisco's next steps in network virtualization.

"Cisco has been a longtime partner of VMware," said Martin Casado, chief architect of networking at VMware and founder of Nicira. "It's the first networking company we had tight integration with. That relationship is just a little bit different, but at this point I can't comment on the work we're doing together."

"At this point [Cisco] wants to let VMware roll out there and do their thing," said Eric Hanselman, research director with New York-based 451 Research. "Cisco in the fall is going to start hitting with a lot of products around ONE [Cisco Open Network Environment], and I suspect they want VMware to make a splash, and then post-VMworld, [Cisco] will do something that sucks the wind out of those announcements."

Top-of-rack switch integration brings physical servers into the NSX overlay

Most data centers still have large numbers of servers that they haven't virtualized, and some of those servers will always remain bare-metal because the applications that run on them demand too many resources to share a server with other workloads. Integrating those bare-metal servers into a virtual network is problematic.

NSX creates an overlay by provisioning network services and functionality on the virtual switches residing on hypervisors. It does not have an equivalent software construct on bare-metal servers, which limits a data center operator's ability to orchestrate applications and services across physical and virtual environments.

"The addition of physical switch integration within NSX is quite interesting to a number of network designs inside of Rackspace, and we're likely to be early adopters." said Brad McConnell, principal architect at Rackspace, a Windcrest, Texas-based hosting and cloud service provider. "A hybrid cloud approach, where some services are hosted on bare metal and others are hosted above a hypervisor, works as a common solution for us, but tunneling to servers that don't have a hypervisor and software switch layer was impractical. With physical switches now supporting VXLAN, and the ability to manage them through the same APIs [application programming interfaces] we [use for] tunnels in the cloud, integration of these disparate environments should feel much more cohesive."

But the top-of-rack integration is about more than adding VXLAN tunnel termination to the switch, Casado said. The VTEP integration allows NSX to set up tunnel endpoints and share reachability information at Layer 2 so physical networks can join the overlay and be provisioned through NSX.

"It's also about adding the interface we need to control the tunnels and to set the forwarding tables. It does not require multicast, so there is control plane integration," he said. "We have set up tunnel endpoints, and we say, 'Here are the tunnels you need to connect to.' And we need a map of which packets go into which tunnels. We have to provide them that level of information. When we do Layer 3, we'll have to populate the Layer 3 tables, as well. So we populate tunnel endpoints and the forwarding table."

Essentially, VTEP is a Layer 2 gateway that prevents the broadcast flooding of IP addresses between virtual and physical networks to identify next hope devices, said Robert Grasby, senior product marketing manager at Sunnyvale, Calif.-based Juniper. "The [VTEP} registers into NSX and shares its MAC tables. All that is done programmatically, as opposed to the flooding and learning approach, so you improve efficiency on the network," he said.

NSX integration and VXLAN tunnel termination varies among vendors

Dell and HP each announced their support for NSX on new top-of-rack switches: the Dell S6000 and the HP 5930. Cumulus Networks announced NSX integration on its Linux-based network operating system, which is designed to run on white-box switches. Juniper announced NSX integration across a large chunk of its portfolio.

"Juniper is announcing a range of Layer 2 gateways across our access portfolio, core and aggregation portfolio and edge routing portfolio," Grasby said. "That gives us the ability to support any customer's deployment scenario with NSX. It gives us the ability to connect a legacy or physical data center into a virtual data center. On the edge router, we can allow multiple virtual networks to run in a single data center."

Juniper is also adding VXLAN routing to the programmable ASICs on its EX9200 and MX routers, Grasby said. This will allow vMotion over WAN links for disaster recovery and cloud interconnects.

Let us know what you think about the story; email: Shamus McGillicuddy, news director.

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Essential Guide

How VMware NSX network virtualization could change networking -- or not

GUIDE SECTIONS

  1. News
  2. NSX opinions
  3. Video

2 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchNetworking

SearchEnterpriseWAN

SearchCloudProvider

SearchUnifiedCommunications

SearchSecurity

SearchDataCenter

Close