Assaf Muller

👥 1 conference
🎤 1 talk
📅 Years active: 2014 to 2014

Biography

Associate Software Engineer at Red Hat, Tel-Aviv Israel, working on networking virtualization in oVirt and OpenStack Neutron.

Formally Cisco certified CCNA, CCNP instructor at the IITC.

Graduated with a BA in Computer Science on a Business Entrepreneurship scholarship from the IDC.

— biography from FOSDEM 2014
https://archive.fosdem.org/2014/schedule/speaker/assaf_muller/

Conferences

1 known conferences

👥 FOSDEM 2014 📅 01 Feb 2014

🎤 Tunnels as a Connectivity and Segregation Solution for Virtualized Networks
02 Feb 2014 show details

Join me for an architectural, developer oriented overview of (GRE and VXLAN) tunnels in OpenStack Networking.

In the virtualization environment virtual machines are hosted on hypervisors. These VMs then obtain network connectivity via software switches run in the same hypervisors. Data centers that provide infrastructure as a service have (hopefully) multiple customers (Or 'tenants'). As you can imagine we don't want tenants' VMs interacting with one another.

VLANs are a natural approach to achieve tenant segregation. However, how do we maintain scalability with a growing number of hypervisors and VMs, when the administrator has to constantly configure the hardware switches manually? Is there another way?

We all use VPNs to connect to our office resources remotely, or to connect two office sites into one seamless network. VPNs are essentially encrypted tunnels, but what are tunnels?

Tunnels allow us to wrap packets inside more packets. In our context - VM traffic in exterior IP packets. That way, to the intermediate networking hardware, it looks like traffic between the hypervisors. Since the hypervisors should already be able to talk to each other, this makes VM connectivity a breeze!

Let's explore how tunnels are used in the cloud as a means to achieve an overlay network. What is an overlay network? How does traffic flow between virtual machines on the same hypervisor, and on different hypervisors? What are the similarities between a layer 2 learning switch and tunnel logic in OpenStack? How does Open vSwitch fit in? Is there a cost to using tunnels?

This talk will be useful to developers interested in learning about new networking concepts - Minimal background knowledge will be assumed.

A look at hypervisor and VM networking topology in the data center
Multi-tenancy and tenant segregation using VLANs
The disadvantage of VLANs (Manual administrator configuration of switches)
Traditional tunnel usages and how tunnel encapsulation works
Tunnels in OpenStack
How are tunnels formed and when
How does traffic flow look like between virtual machines on the same hypervisor and on different hypervisors
How are these flows achieved?
Open vSwitch flows – How does one read a flow table and how is it processed
Logical similarities between tunnels in OpenStack and the operation of a layer 2 learning switch
Tunnels as a means of segregation