SlideShare a Scribd company logo

CV-Chapitre8 (2).pdf

O
oumaimaziat1

cloud

Engineering
1 of 20
Download to read offline
Academic year: 2023-2024 UNIVERSITE INTERNATIONALE DE RABAT
The conflicting goals for a data center network • What are in your opinion the challenges that are faced by data center networks? • Data center network designers face a challenge of balancing between two conflicting goals: • Universal Connectivity • Safe Isolated Communication Motivation 2
The conflicting goals for a data center network • Universal Connectivity: • Systems across the entire data center must be able to communicate with one another. • When they run, apps communicate with databases, the apps running on other servers, storage facilities, and, possibly, with computers on the global Internet. • Furthermore, to give a provider freedom to place VMs and containers on arbitrary physical servers, the network must guarantee universal connectivity. • A pair of apps must be able to communicate independent of the physical servers on which they run. Motivation 3
The conflicting goals for a data center network • Universal Connectivity: • The leaf-spine architecture we saw in chapter 4 guarantees universal connectivity: Motivation 4
The conflicting goals for a data center network • A cloud service with thousands of tenants makes separate physical networks for each tenant impractical. • How can a provider keep each tenant’s traffic isolated from other tenants’ traffic? • The answer lies in an approach known as network virtualization. • The basic idea is straightforward: build a network with universal connectivity, and then configure the network switches to act as if they control a set of independent networks. • That is, a provider imagines a set of independent networks, and configures each switch to keep traffic sent across one of the imagined networks separate from traffic on other imagined networks. Motivation 5
Overlay Networks • We use the term overlay network to refer to a virtual network that does not actually exist but which in effect has been created by configuring switches to restrict communication. • We use the term underlay network to refer to the underlying physical network that provides connections among entities in a virtual network. NetworkVirtualization 6
Overlay Networks • Conceptually, each virtual network links a tenant’s virtual machines and containers. • However, the two networks in the figure are fiction. In reality, each VM runs on a server in a rack, and racks are connected by spine switches. Suppose, for example, that VM 2 and VM 5 run on servers in separate racks. The network path between them includes two leaf switches and at least a spine switch. NetworkVirtualization 7
How to Implement Overlay Networks? • Cloud providers have used a variety of network virtualization technologies. One of the earliest technologies is known by the name Virtual Local Area Network (VLAN) • A traditional switch without VLANs forms a single network. A set of computers connect to ports on the switch, and all the computers can communicate. When a network administrator uses a VLAN switch, the administrator assigns each port on the switch a small integer known as the port’s VLAN Tag. • If a port has VLAN tag X, we say that the computer connected to the port is “on VLAN X.” VLAN technology makes the switch hardware behave like a set of smaller switches. NetworkVirtualization 8
VLANs NetworkVirtualization 9
Limits of VLANs • It may seem that VLAN technology suffices for a data center. Indeed, smaller data centers have used VLANs. However, two limits prevent the technology from handling large cloud data centers. • First, each VLAN tag consists of twelve bits, which limits the technology to 4096 VLANs. Over four thousand VLANs is sufficient for a single organization because each department can be assigned a separate VLAN number. • In a large data center, however, if each tenant is assigned a dozen VLAN tags, the data center is limited to 341 possible tenants. • Finally, the VLAN scheme assigns VLAN tags to ports on switches, not to VMs or containers. NetworkVirtualization 10
VXLAN as an evolution of VLAN • Engineers observed that IP packets could be used to extend VLAN technology to a scale sufficient for the largest data centers. They devised a technology known Virtual Extensible LAN (VXLAN). • Once it has been configured, VXLAN can provide the equivalent of more than sixteen million virtual networks — enough for even the largest cloud providers. • The VXLAN technology reverses the usual network paradigm. A conventional network uses Ethernet packets to carry IP packets. • VXLAN adds an interesting twist: once an Ethernet packet has been created, VXLAN places the entire Ethernet packet inside an IP packet for transfer. This IP packet is then used to forward packets from the overlay network in the underlay network. NetworkVirtualization 11
VXLAN as an evolution of VLAN NetworkVirtualization 12
Virtual Machines Inside Servers • The use of VMs and containers complicates data center networking in two ways. • First, unlike a traditional network that assigns an IP address to each physical computer, a data center usually assigns a separate IP address to each virtual machine. Thus, when multiple VMs run on the same physical server, multiple addresses will be assigned to the server. • Second, if two VMs in the same server communicate, packets must be forwarded from one to the other (provided the forwarding rules permit such communication). • How can a hypervisor forward and isolate packets among the VMs it has created? NetworkVirtualization 13
Virtual Switches Inside Servers • How can a hypervisor forward packets among the VMs it has created? • The idea is straightforward: use a piece of software that acts like a conventional network switch. One example is Open vSwitch. • Use the physical network connection on the server to connect the virtual switch to the data center network. • Connect each VM to the virtual switch, and allow the VM to send and receive packets, just as if the VM connected to a real network switch. • More important, arrange for the virtual switch to use standard configuration software, and configure the virtual switch to follow the same rules for packet forwarding as other data center switches (e.g., prevent packets from a VM owned by one tenant from flowing to a VM owned by another). NetworkVirtualization 14
Sharing IP Addresses Inside Servers • Container technology allows an app to run in a separate environment, isolated and protected from other containers. • Does each container have its own IP address, or do containers all share the IP address of the host OS? • Container technology supports three possibilities: o A container can clone the host’s IP address. o A container can receive a new IP address. o A container can use address translation. NetworkVirtualization 15
Sharing IP Addresses Inside Servers • A container can clone the host’s IP address: o If a container uses the same IP address as the host OS, we say that the container has cloned the address. o Using the same address as the host OS means the container’s network use may conflict with the use by normal apps or other containers that have cloned the address. o For example, if two containers clone the host’s IP address and both attempt to run a web server on port 80, only the first to request the port will succeed. o Consequently, cloning is seldom used in a cloud data center. NetworkVirtualization 16
Sharing IP Addresses Inside Servers • A container can receive a new IP address: o Each container can be assigned a unique IP address, and the host operating system can use a virtual switch to provide connectivity, as described in the previous section. • A container can use address translation: o Address translation was invented and widely deployed before cloud computing arose. In fact, many individuals have used NAT technology either from a wireless router in their residence or a Wi-Fi hot spot, such as those in coffee shops and hotels. o Known by the acronym NAT (Network Address Translation), the technology allows multiple computers to share a single IP address. NetworkVirtualization 17
Sharing IP Addresses Inside Servers • A container can use address translation: o When used with containers, NAT software runs in the host operating system. When a container that uses NAT begins execution, the container requests an IP address, and the NAT software responds to the request by assigning an IP address from a set of reserved private IP addresses that cannot be used on the Internet. o How can a container with a private address communicate with computers on the Internet? o The NAT software handles communication by intercepting each outgoing packet and replacing the private IP address with the IP address of the host OS. NAT then sends the packet. When a re- ply comes back, NAT replaces the host’s address with the private address assigned to the container, and forwards the reply to the container. NetworkVirtualization 18
Sharing IP Addresses Inside Servers • A container can use address translation: NetworkVirtualization 19
Summary • Data center networks use virtualization technologies to give each tenant the illusion of having an isolated network. • We say that a virtual network forms an overlay and the physical network on which it has been built forms an underlay. • Several virtualization technologies have been used in data centers. Smaller data centers can use VLANs to isolate tenants. • For larger data centers with many tenants, an extended VLANs technology named VXLAN must be used. VXLAN uses IP packets, which means it builds an overlay using the IP protocol on top of the physical network. • Virtual switch technology and NAT are used to handle forwarding among addressable entities (VMs and containers) that run on a given server. Virtual Networks 20

Recommended

OpenStack Quantum
OpenStack QuantumOpenStack Quantum
OpenStack Quantumopenstackindia
 
Container Networking Deep Dive
Container Networking Deep DiveContainer Networking Deep Dive
Container Networking Deep DiveOpen Networking Summit
 
CCS335 – CLOUD COMPUTING.pptx
CCS335 – CLOUD COMPUTING.pptxCCS335 – CLOUD COMPUTING.pptx
CCS335 – CLOUD COMPUTING.pptxNiviV4
 
Network virtualization seminar report
Network virtualization seminar reportNetwork virtualization seminar report
Network virtualization seminar reportSKS
 
MidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostMidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostOpenStack_Online
 
10 sdn-vir-6up
10 sdn-vir-6up10 sdn-vir-6up
10 sdn-vir-6upSachin Siddappa
 
Building a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerBuilding a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerJorge Juan Mendoza
 
Monitoring a virtual network infrastructure - An IaaS perspective
Monitoring a virtual network infrastructure - An IaaS perspectiveMonitoring a virtual network infrastructure - An IaaS perspective
Monitoring a virtual network infrastructure - An IaaS perspectiveAugusto Ciuffoletti
 

Recommended

OpenStack Quantum
OpenStack QuantumOpenStack Quantum
OpenStack Quantumopenstackindia
 
Container Networking Deep Dive
Container Networking Deep DiveContainer Networking Deep Dive
Container Networking Deep DiveOpen Networking Summit
 
CCS335 – CLOUD COMPUTING.pptx
CCS335 – CLOUD COMPUTING.pptxCCS335 – CLOUD COMPUTING.pptx
CCS335 – CLOUD COMPUTING.pptxNiviV4
 
Network virtualization seminar report
Network virtualization seminar reportNetwork virtualization seminar report
Network virtualization seminar reportSKS
 
MidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostMidoNet gives OpenStack Neutron a Boost
MidoNet gives OpenStack Neutron a BoostOpenStack_Online
 
10 sdn-vir-6up
10 sdn-vir-6up10 sdn-vir-6up
10 sdn-vir-6upSachin Siddappa
 
Building a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerBuilding a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerJorge Juan Mendoza
 
Monitoring a virtual network infrastructure - An IaaS perspective
Monitoring a virtual network infrastructure - An IaaS perspectiveMonitoring a virtual network infrastructure - An IaaS perspective
Monitoring a virtual network infrastructure - An IaaS perspectiveAugusto Ciuffoletti
 
Connecting Docker for Cloud IaaS (Speech at CSDN-Oct18
Connecting Docker for Cloud IaaS (Speech at CSDN-Oct18Connecting Docker for Cloud IaaS (Speech at CSDN-Oct18
Connecting Docker for Cloud IaaS (Speech at CSDN-Oct18DaoliCloud Ltd
 
CC.pptx
CC.pptxCC.pptx
CC.pptxRevathiparamanathan
 
CC.pptx
CC.pptxCC.pptx
CC.pptxRevathiparamanathan
 
Overlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingOverlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingLee Calcote
 
Network virtualization
Network virtualizationNetwork virtualization
Network virtualizationDamian Parniewicz
 
chapter-4-networking hjgjjgj did hfhhfhj
chapter-4-networking hjgjjgj did hfhhfhjchapter-4-networking hjgjjgj did hfhhfhj
chapter-4-networking hjgjjgj did hfhhfhjAmitDeshai
 
manual on networking cabling with pratical guide
manual on networking cabling with pratical guidemanual on networking cabling with pratical guide
manual on networking cabling with pratical guideNuhuSamaila
 
CCNA-lab-Manual.pdf
CCNA-lab-Manual.pdfCCNA-lab-Manual.pdf
CCNA-lab-Manual.pdfDrPreethiD1
 
CloudStack - LinuxFest NorthWest
CloudStack - LinuxFest NorthWestCloudStack - LinuxFest NorthWest
CloudStack - LinuxFest NorthWestke4qqq
 
Openstack Neutron Insights
Openstack Neutron InsightsOpenstack Neutron Insights
Openstack Neutron InsightsAtul Pandey
 
Efficient provisioning private network in a virtualized environment
Efficient provisioning private network in a virtualized environmentEfficient provisioning private network in a virtualized environment
Efficient provisioning private network in a virtualized environmentMyungho Jung
 
project_report_myungho
project_report_myunghoproject_report_myungho
project_report_myunghoMyungho Jung
 
Realistic Networking in generic multi-site Cloud Deployments
Realistic Networking in generic multi-site Cloud DeploymentsRealistic Networking in generic multi-site Cloud Deployments
Realistic Networking in generic multi-site Cloud DeploymentsEUBrasilCloudFORUM .
 
L3 more networking
L3 more networkingL3 more networking
L3 more networkinglistergc
 
AWS network services
AWS network servicesAWS network services
AWS network servicesNagesh Ramamoorthy
 
Docker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingDocker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingSreenivas Makam
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and AutomationAdam Johnson
 
Kubernetes on open stack
Kubernetes on open stackKubernetes on open stack
Kubernetes on open stackNaveen Joy
 
IPS NAT and VPN.pptx
IPS NAT and VPN.pptxIPS NAT and VPN.pptx
IPS NAT and VPN.pptxkarthikvcyber
 
Secure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailSecure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailPriti Desai
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 

More Related Content

Similar to CV-Chapitre8 (2).pdf

Connecting Docker for Cloud IaaS (Speech at CSDN-Oct18
Connecting Docker for Cloud IaaS (Speech at CSDN-Oct18Connecting Docker for Cloud IaaS (Speech at CSDN-Oct18
Connecting Docker for Cloud IaaS (Speech at CSDN-Oct18DaoliCloud Ltd
 
Overlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingOverlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingLee Calcote
 
chapter-4-networking hjgjjgj did hfhhfhj
chapter-4-networking hjgjjgj did hfhhfhjchapter-4-networking hjgjjgj did hfhhfhj
chapter-4-networking hjgjjgj did hfhhfhjAmitDeshai
 
manual on networking cabling with pratical guide
manual on networking cabling with pratical guidemanual on networking cabling with pratical guide
manual on networking cabling with pratical guideNuhuSamaila
 
CCNA-lab-Manual.pdf
CCNA-lab-Manual.pdfCCNA-lab-Manual.pdf
CCNA-lab-Manual.pdfDrPreethiD1
 
CloudStack - LinuxFest NorthWest
CloudStack - LinuxFest NorthWestCloudStack - LinuxFest NorthWest
CloudStack - LinuxFest NorthWestke4qqq
 
Openstack Neutron Insights
Openstack Neutron InsightsOpenstack Neutron Insights
Openstack Neutron InsightsAtul Pandey
 
Efficient provisioning private network in a virtualized environment
Efficient provisioning private network in a virtualized environmentEfficient provisioning private network in a virtualized environment
Efficient provisioning private network in a virtualized environmentMyungho Jung
 
project_report_myungho
project_report_myunghoproject_report_myungho
project_report_myunghoMyungho Jung
 
Realistic Networking in generic multi-site Cloud Deployments
Realistic Networking in generic multi-site Cloud DeploymentsRealistic Networking in generic multi-site Cloud Deployments
Realistic Networking in generic multi-site Cloud DeploymentsEUBrasilCloudFORUM .
 
L3 more networking
L3 more networkingL3 more networking
L3 more networkinglistergc
 
Docker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingDocker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingSreenivas Makam
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and AutomationAdam Johnson
 
Kubernetes on open stack
Kubernetes on open stackKubernetes on open stack
Kubernetes on open stackNaveen Joy
 
IPS NAT and VPN.pptx
IPS NAT and VPN.pptxIPS NAT and VPN.pptx
IPS NAT and VPN.pptxkarthikvcyber
 
Secure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailSecure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailPriti Desai
 

Similar to CV-Chapitre8 (2).pdf (20)

Connecting Docker for Cloud IaaS (Speech at CSDN-Oct18
Connecting Docker for Cloud IaaS (Speech at CSDN-Oct18Connecting Docker for Cloud IaaS (Speech at CSDN-Oct18
Connecting Docker for Cloud IaaS (Speech at CSDN-Oct18
 
CC.pptx
CC.pptxCC.pptx
CC.pptx
 
CC.pptx
CC.pptxCC.pptx
CC.pptx
 
Overlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingOverlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container Networking
 
Network virtualization
Network virtualizationNetwork virtualization
Network virtualization
 
chapter-4-networking hjgjjgj did hfhhfhj
chapter-4-networking hjgjjgj did hfhhfhjchapter-4-networking hjgjjgj did hfhhfhj
chapter-4-networking hjgjjgj did hfhhfhj
 
manual on networking cabling with pratical guide
manual on networking cabling with pratical guidemanual on networking cabling with pratical guide
manual on networking cabling with pratical guide
 
CCNA-lab-Manual.pdf
CCNA-lab-Manual.pdfCCNA-lab-Manual.pdf
CCNA-lab-Manual.pdf
 
CloudStack - LinuxFest NorthWest
CloudStack - LinuxFest NorthWestCloudStack - LinuxFest NorthWest
CloudStack - LinuxFest NorthWest
 
Openstack Neutron Insights
Openstack Neutron InsightsOpenstack Neutron Insights
Openstack Neutron Insights
 
Efficient provisioning private network in a virtualized environment
Efficient provisioning private network in a virtualized environmentEfficient provisioning private network in a virtualized environment
Efficient provisioning private network in a virtualized environment
 
project_report_myungho
project_report_myunghoproject_report_myungho
project_report_myungho
 
Realistic Networking in generic multi-site Cloud Deployments
Realistic Networking in generic multi-site Cloud DeploymentsRealistic Networking in generic multi-site Cloud Deployments
Realistic Networking in generic multi-site Cloud Deployments
 
L3 more networking
L3 more networkingL3 more networking
L3 more networking
 
AWS network services
AWS network servicesAWS network services
AWS network services
 
Docker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingDocker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental Networking
 
OpenStack Networking and Automation
OpenStack Networking and AutomationOpenStack Networking and Automation
OpenStack Networking and Automation
 
Kubernetes on open stack
Kubernetes on open stackKubernetes on open stack
Kubernetes on open stack
 
IPS NAT and VPN.pptx
IPS NAT and VPN.pptxIPS NAT and VPN.pptx
IPS NAT and VPN.pptx
 
Secure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailSecure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrail
 

Recently uploaded

Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSRajkumarAkumalla
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduitsrknatarajan
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).pptssuser5c9d4b1
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college projectTonystark477637
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Call Girls in Nagpur High Profile
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 

Recently uploaded (20)

Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduits
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 

CV-Chapitre8 (2).pdf

  • 1. Academic year: 2023-2024 UNIVERSITE INTERNATIONALE DE RABAT
  • 2. The conflicting goals for a data center network • What are in your opinion the challenges that are faced by data center networks? • Data center network designers face a challenge of balancing between two conflicting goals: • Universal Connectivity • Safe Isolated Communication Motivation 2
  • 3. The conflicting goals for a data center network • Universal Connectivity: • Systems across the entire data center must be able to communicate with one another. • When they run, apps communicate with databases, the apps running on other servers, storage facilities, and, possibly, with computers on the global Internet. • Furthermore, to give a provider freedom to place VMs and containers on arbitrary physical servers, the network must guarantee universal connectivity. • A pair of apps must be able to communicate independent of the physical servers on which they run. Motivation 3
  • 4. The conflicting goals for a data center network • Universal Connectivity: • The leaf-spine architecture we saw in chapter 4 guarantees universal connectivity: Motivation 4
  • 5. The conflicting goals for a data center network • A cloud service with thousands of tenants makes separate physical networks for each tenant impractical. • How can a provider keep each tenant’s traffic isolated from other tenants’ traffic? • The answer lies in an approach known as network virtualization. • The basic idea is straightforward: build a network with universal connectivity, and then configure the network switches to act as if they control a set of independent networks. • That is, a provider imagines a set of independent networks, and configures each switch to keep traffic sent across one of the imagined networks separate from traffic on other imagined networks. Motivation 5
  • 6. Overlay Networks • We use the term overlay network to refer to a virtual network that does not actually exist but which in effect has been created by configuring switches to restrict communication. • We use the term underlay network to refer to the underlying physical network that provides connections among entities in a virtual network. NetworkVirtualization 6
  • 7. Overlay Networks • Conceptually, each virtual network links a tenant’s virtual machines and containers. • However, the two networks in the figure are fiction. In reality, each VM runs on a server in a rack, and racks are connected by spine switches. Suppose, for example, that VM 2 and VM 5 run on servers in separate racks. The network path between them includes two leaf switches and at least a spine switch. NetworkVirtualization 7
  • 8. How to Implement Overlay Networks? • Cloud providers have used a variety of network virtualization technologies. One of the earliest technologies is known by the name Virtual Local Area Network (VLAN) • A traditional switch without VLANs forms a single network. A set of computers connect to ports on the switch, and all the computers can communicate. When a network administrator uses a VLAN switch, the administrator assigns each port on the switch a small integer known as the port’s VLAN Tag. • If a port has VLAN tag X, we say that the computer connected to the port is “on VLAN X.” VLAN technology makes the switch hardware behave like a set of smaller switches. NetworkVirtualization 8
  • 10. Limits of VLANs • It may seem that VLAN technology suffices for a data center. Indeed, smaller data centers have used VLANs. However, two limits prevent the technology from handling large cloud data centers. • First, each VLAN tag consists of twelve bits, which limits the technology to 4096 VLANs. Over four thousand VLANs is sufficient for a single organization because each department can be assigned a separate VLAN number. • In a large data center, however, if each tenant is assigned a dozen VLAN tags, the data center is limited to 341 possible tenants. • Finally, the VLAN scheme assigns VLAN tags to ports on switches, not to VMs or containers. NetworkVirtualization 10
  • 11. VXLAN as an evolution of VLAN • Engineers observed that IP packets could be used to extend VLAN technology to a scale sufficient for the largest data centers. They devised a technology known Virtual Extensible LAN (VXLAN). • Once it has been configured, VXLAN can provide the equivalent of more than sixteen million virtual networks — enough for even the largest cloud providers. • The VXLAN technology reverses the usual network paradigm. A conventional network uses Ethernet packets to carry IP packets. • VXLAN adds an interesting twist: once an Ethernet packet has been created, VXLAN places the entire Ethernet packet inside an IP packet for transfer. This IP packet is then used to forward packets from the overlay network in the underlay network. NetworkVirtualization 11
  • 12. VXLAN as an evolution of VLAN NetworkVirtualization 12
  • 13. Virtual Machines Inside Servers • The use of VMs and containers complicates data center networking in two ways. • First, unlike a traditional network that assigns an IP address to each physical computer, a data center usually assigns a separate IP address to each virtual machine. Thus, when multiple VMs run on the same physical server, multiple addresses will be assigned to the server. • Second, if two VMs in the same server communicate, packets must be forwarded from one to the other (provided the forwarding rules permit such communication). • How can a hypervisor forward and isolate packets among the VMs it has created? NetworkVirtualization 13
  • 14. Virtual Switches Inside Servers • How can a hypervisor forward packets among the VMs it has created? • The idea is straightforward: use a piece of software that acts like a conventional network switch. One example is Open vSwitch. • Use the physical network connection on the server to connect the virtual switch to the data center network. • Connect each VM to the virtual switch, and allow the VM to send and receive packets, just as if the VM connected to a real network switch. • More important, arrange for the virtual switch to use standard configuration software, and configure the virtual switch to follow the same rules for packet forwarding as other data center switches (e.g., prevent packets from a VM owned by one tenant from flowing to a VM owned by another). NetworkVirtualization 14
  • 15. Sharing IP Addresses Inside Servers • Container technology allows an app to run in a separate environment, isolated and protected from other containers. • Does each container have its own IP address, or do containers all share the IP address of the host OS? • Container technology supports three possibilities: o A container can clone the host’s IP address. o A container can receive a new IP address. o A container can use address translation. NetworkVirtualization 15
  • 16. Sharing IP Addresses Inside Servers • A container can clone the host’s IP address: o If a container uses the same IP address as the host OS, we say that the container has cloned the address. o Using the same address as the host OS means the container’s network use may conflict with the use by normal apps or other containers that have cloned the address. o For example, if two containers clone the host’s IP address and both attempt to run a web server on port 80, only the first to request the port will succeed. o Consequently, cloning is seldom used in a cloud data center. NetworkVirtualization 16
  • 17. Sharing IP Addresses Inside Servers • A container can receive a new IP address: o Each container can be assigned a unique IP address, and the host operating system can use a virtual switch to provide connectivity, as described in the previous section. • A container can use address translation: o Address translation was invented and widely deployed before cloud computing arose. In fact, many individuals have used NAT technology either from a wireless router in their residence or a Wi-Fi hot spot, such as those in coffee shops and hotels. o Known by the acronym NAT (Network Address Translation), the technology allows multiple computers to share a single IP address. NetworkVirtualization 17
  • 18. Sharing IP Addresses Inside Servers • A container can use address translation: o When used with containers, NAT software runs in the host operating system. When a container that uses NAT begins execution, the container requests an IP address, and the NAT software responds to the request by assigning an IP address from a set of reserved private IP addresses that cannot be used on the Internet. o How can a container with a private address communicate with computers on the Internet? o The NAT software handles communication by intercepting each outgoing packet and replacing the private IP address with the IP address of the host OS. NAT then sends the packet. When a re- ply comes back, NAT replaces the host’s address with the private address assigned to the container, and forwards the reply to the container. NetworkVirtualization 18
  • 19. Sharing IP Addresses Inside Servers • A container can use address translation: NetworkVirtualization 19
  • 20. Summary • Data center networks use virtualization technologies to give each tenant the illusion of having an isolated network. • We say that a virtual network forms an overlay and the physical network on which it has been built forms an underlay. • Several virtualization technologies have been used in data centers. Smaller data centers can use VLANs to isolate tenants. • For larger data centers with many tenants, an extended VLANs technology named VXLAN must be used. VXLAN uses IP packets, which means it builds an overlay using the IP protocol on top of the physical network. • Virtual switch technology and NAT are used to handle forwarding among addressable entities (VMs and containers) that run on a given server. Virtual Networks 20