background preloader

Networking

Facebook Twitter

LABs

Virtual Networking 101: Understanding VMware Networking. May 30, 2012By Petra Jorgenson On a basic, structural level, virtual networks in VMware aren’t that different from physical networks; vSphere is designed to mimic the functions of a physical network, so a lot of the network hardware you’ll find in the real world, you’ll find virtualized in VMware.

If you understand how physical networks operate, then understanding virtual networking shouldn’t be too difficult. Before jumping into an explanation of how VMware handles virtual networking, I’ll first provide a quick refresher of the basic equipment that makes up a physical network. If you already have a firm understanding of how networking works, then you can skip the following paragraph. To connect to a network, a computer must be network-capable, meaning that it must have a working network interface controller (NIC), also known as a network card or network adapter, installed.

Like its name indicates, the NIC enables the computer to interface with a network. Standard Switches About the Author. RFC 6020 - YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF) [Docs] [txt|pdf] [draft-ietf-netmod...] [Diff1] [Diff2] [Errata] PROPOSED STANDARD Errata Exist Internet Engineering Task Force (IETF) M. Bjorklund, Ed. Request for Comments: 6020 Tail-f Systems Category: Standards Track October 2010 ISSN: 2070-1721 Abstract YANG is a data modeling language used to model configuration and state data manipulated by the Network Configuration Protocol (NETCONF), NETCONF remote procedure calls, and NETCONF notifications.

Status of This Memo This is an Internet Standards Track document. RFC 6020 YANG October 2010 This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. RFC 6020 YANG October 2010 6.1. RFC 6020 YANG October 2010 7.6.3. RFC 6020 YANG October 2010 7.13.4. RFC 6020 YANG October 2010 9.3.5. RFC 6020 YANG October 2010 9.12.2. RFC 6020 YANG October 2010 1. 2. 3. RFC 6020 YANG October 2010 o data definition statement: A statement that defines new data nodes. 3.1. 4. Useful mininet setups | SDN Hub. Mininet is a network emulation platform that is very useful to test SDN applications that you build. It can support different types of topologies. Here we showcase three popular configurations that will be helpful for testing. 1. Single switch Following command spawns a single switch with 3 hosts attached to it. . $ sudo mn --arp --topo single,3 --mac --switch ovsk --controller remote In the above command, there are some important keywords worth paying attention to: –mac: Auto set MAC addresses–arp: Populate static ARP entries of each host in each other–switch: ovsk refers to kernel mode OVS–controller: remote controller can take IP address and port number as options You can now perform ping between hosts h1 and h2 using command h1 ping h2. 2.

Following command spawns two switches connected to each other with a link and has one host on each switch. . $ sudo mn --topo linear --switch ovsk --controller remote 3. Following command spawns a switch that has 3 servers and 1 client connected to it. An Update on Using GRE Tunnels with Open vSwitch · Scott's Weblog · The weblog of an IT pro specializing in virtualization, networking, open source, and cloud computing. 22 November 2013 In this post, I’m going to provide an update on using GRE tunnels with Open vSwitch (OVS) to include more than 2 hosts. I previously showed you how to use GRE tunnels with OVS to connect VMs on different hypervisor hosts, but in my testing I didn’t use this technique with more than two hypervisors.

A few readers posted comments to that article asking how to extend the solution to more than 2 hypervisors, but I hadn’t had the time to test anything more. Now, as a result of some related work I’ve been doing, I have an update on using this technique for more than two hosts. If you didn’t read the post on using GRE tunnels with OVS, go back and read that now.

Let’s say you have three hosts: HostA, with an IP address of 10.1.1.1 HostB, with an IP address of 10.1.1.2 HostC, with an IP address of 10.1.1.3 To connect entities (VMs, containers, etc.) on these hosts using GRE tunnels, you’d need to manually configure OVS on each of hosts: Here’s how to fix that. Is an open source network virtualization platform for the cloud. – Architecture Documentation. This chapter provides an overview of the OpenContrail System – an extensible platform for Software Defined Networking (SDN). All of the main concepts are briefly introduced in this chapter and described in more detail in the remainder of this document. OpenContrail is an extensible system that can be used for multiple networking use cases but there are two primary drivers of the architecture: The Private Cloud, the Virtual Private Cloud (VPC), and the Infrastructure as a Service (IaaS) use cases all involve a multi-tenant virtualized data centers.

In each of these use cases multiple tenants in a data center share the same physical resources (physical servers, physical storage, physical network). Each tenant is assigned its own logical resources (virtual machines, virtual storage, virtual networks). The OpenContrail System consists of two main components: the OpenContrail Controller and the OpenContrail vRouter. Virtual Networks (VNs) are a key concept in the OpenContrail System. Ethernet VPN (EVPN) and Provider Backbone Bridging-EVPN: Next Generation Solutions for MPLS-based Ethernet Services. Ethernet VPN (EVPN) and Provider Backbone Bridging EVPN (PBB-EVPN) are next generation solutions that provide Ethernet multipoint services over MPLS networks.

EVPN is different compared to existing Virtual Private LAN Service (VPLS) offerings due to its use of control-plane based MAC learning over the core. EVPN has been designed from the ground up to handle sophisticated access redundancy scenarios, per-flow load balancing, and operational simplicity. PBB-EVPN inherits all of the benefits of EVPN, while combining PBB (IEEE 802.1ah) and EVPN functions in a single node. This allows PBB-EVPN to simplify control-plane operation in the core, provide faster convergence and enhance scalability, when compared to EVPN. EVPN and PBB-EVPN applications include Data Center Interconnect (DCI) and carrier Ethernet E-LAN services. EVPN and PBB-EVPN Overview Figure 1. Addressing DCI Requirements Recently Data Center Interconnect (DCI) has become a leading application for Ethernet multipoint L2VPNs.

Generic Routing Encapsulation. Example uses[edit] In conjunction with PPTP to create VPNs.In conjunction with IPsec VPNs to allow passing of routing information between connected networks.In mobility protocols.In A8/A10 interfaces to encapsulate IP data to/from Packet Control Function (PCF).Linux and BSD can establish ad-hoc IP over GRE tunnels which are interoperable with Cisco equipment.Distributed denial of service (DDoS) protected appliance to an unprotected endpoint.

Example protocol stack[edit] Based on the principles of protocol layering in OSI, protocol encapsulation, not specifically GRE, breaks the layering order. It may be viewed as a separator between two different protocol stacks, one acting as a carrier for another. IP as a delivery protocol[edit] GRE packets that are encapsulated within IP use IP protocol type 47.[1] [edit] Standard GRE Packet Header[edit] Checksum bit.

Key bit. Sequence number bit. Reserved0 Reserved bits; set to 0. Version GRE Version number; set to 0. Protocol Type Checksum Reserved1 Key [edit] s. Draft-fang-l3vpn-virtual-ce-03 - BGP IP MPLS VPN Virtual CE. [Docs] [txt|pdf] [Tracker] [Email] [Diff1] [Diff2] [Nits] Versions: 00 01 02 03 INTERNET-DRAFT Luyuan Fang Intended Status: Standards track Microsoft Expires: January 4, 2015 John Evans David Ward Rex Fernando Cisco Ning So Vinci Systems Nabil Bitar Verizon Maria Napierala AT&T July 4, 2014 Abstract This document describes the architecture and solutions of using virtual Customer Edge (vCE) of BGP IP MPLS VPN.

The solution is aimed at providing efficient service delivery capability through CE virtualization, and is especially beneficial in virtual Private Cloud (vPC) environments when extending IP MPLS VPN into tenant virtual Data Center containers. This document includes: BGP IP MPLS VPN virtual CE architecture; Control plane and forwarding options; Data Center orchestration processes; integration with existing WAN enterprise VPNs; management capability requirements; and security considerations. The solution is generally applicable to any BGP IP VPN deployment. L. Fang et al. L. L. 1. RFC 7432 - BGP MPLS-Based Ethernet VPN. [Docs] [txt|pdf] [draft-ietf-l2vpn-...] [Diff1] [Diff2] [IPR] PROPOSED STANDARD Internet Engineering Task Force (IETF) A. Sajassi, Ed. Request for Comments: 7432 Cisco Category: Standards Track R.

RFC 7432 BGP MPLS-Based Ethernet VPN February 2015 Copyright Notice Copyright (c) 2015 IETF Trust and the persons identified as the document authors. RFC 7432 BGP MPLS-Based Ethernet VPN February 2015 8.3. RFC 7432 BGP MPLS-Based Ethernet VPN February 2015 19. 1. Virtual Private LAN Service (VPLS), as defined in [RFC4664], [RFC4761], and [RFC4762], is a proven and widely deployed technology. 2.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 3. RFC 7432 BGP MPLS-Based Ethernet VPN February 2015 EVI: An EVPN instance spanning the Provider Edge (PE) devices participating in that EVPN. RFC 7432 BGP MPLS-Based Ethernet VPN February 2015 4. 5. 6. 6.1.

Network Virtualization Overlays (nvo3) - Documents. Virtual overlay networks: Tunneling protocols enable multi-tenancy. Virtual overlay networks have taken center stage as data center managers seek networking solutions that better... support VM provisioning, enable scalability and improve automation. A virtual overlay network -- one form of network virtualization -- uses tunneling protocols to form paths between software-based network agents in hypervisors running on servers. Virtual overlay network software separates the virtual network from the underlying physical network hardware, enabling provisioning of virtual networks and accompanying services between servers in the data center.

This means that virtual networks can be spun up on demand to support specific virtual workloads, for example. How overlay networks work These overlay networks create virtual network containers that are logically isolated from one another even though they share the same underlying physical network. From a technical point of view, network overlays encapsulate one packet inside of another packet. RFC 7209 - Requirements for Ethernet VPN (EVPN) [Docs] [txt|pdf] [draft-ietf-l2vpn-...] [Diff1] [Diff2] INFORMATIONAL Internet Engineering Task Force (IETF) A. Sajassi Request for Comments: 7209 Cisco Category: Informational R.

Aggarwal ISSN: 2070-1721 Arktan J. Uttaro AT&T N. Bitar Verizon W. Henderickx Alcatel-Lucent A. RFC 7209 Requirements for Ethernet VPN May 2014 Copyright Notice Copyright (c) 2014 IETF Trust and the persons identified as the document authors. RFC 7209 Requirements for Ethernet VPN May 2014 1. Virtual Private LAN Service (VPLS), as defined in [RFC4664], [RFC4761], and [RFC4762], is a proven and widely deployed technology. RFC 7209 Requirements for Ethernet VPN May 2014 The focus of this document is on defining the requirements for a new solution, namely, Ethernet VPN (EVPN), which addresses the above issues. 2. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 3. 4.

EVPN Overview. An Ethernet VPN (EVPN) enables you to connect a group of dispersed customer sites using a Layer 2 virtual bridge. As with other types of VPNs, an EVPN is comprised of customer edge (CE) devices (host, router, or switch) connected to provider edge (PE) devices. The PE devices can include an MPLS edge switch (MES) that acts at the edge of the MPLS infrastructure. Either an MX Series 3D Universal Edge Router or a standalone EX9200 switch (Junos release 14.2) can be configured to act as an MES.

You can deploy multiple EVPNs within the service provider’s network, each providing network connectivity to customers while ensuring that the traffic sharing that network remains private. Figure 1 illustrates a typical EVPN deployment. Figure 1: EVPN Connecting Data Center 1 and Data Center 2 The MESs are interconnected within the service provider’s network using label-switched paths (LSPs). The MESs attach an MPLS label to each MAC address learned from the CE devices. List of router and firewall distributions. Route Selection in Cisco Routers. Introduction One of the intriguing aspects of Cisco routers, especially for those new to routing, is how the router chooses which route is the best among those presented by routing protocols, manual configuration, and various other means.

While route selection is much simpler than you might imagine, to understand it completely requires some knowledge about the way Cisco routers work. Prerequisites Requirements There are no specific prerequisites for this document. Components Used This document is not restricted to specific software and hardware versions. Conventions For more information on document conventions, see the Cisco Technical Tips Conventions. Processes Involved There are three processes involved in building and maintaining the routing table in a Cisco router: Let's examine the interaction between the routing protocols and the routing table to understand how the routing table is built.

Building the Routing Table The main considerations while building the routing table are: Backup Routes. NETCONF YANG tutorial.