Editor’s note: VMware’s Martin Casado and Bruce Davie team up to comment on the benefits of one aspect of software-defined networking: overlaying a physical network with a virtual net. The authors didn’t necessarily intend it that way, but this piece in large measure answers the questions raised by Padmasree Warrior, CTO of Cisco, in her Aug. 28 blog, Limitations of a Software-Only Approach to Data Center Networking.
With the recent launch of the VMware NSX network virtualization platform, there has been a surge of interest in network virtualization technologies. A common technique across many network virtualization solutions is the use of some sort of “overlay tunnel” approach, such as VMware’s VXLAN, Network Virtualization using Generic Routing Encapsulation (NVGRE, backed by Microsoft), or the IETF standard body’s Stateless Tunnel Transport (STT). Overlays provide a means to encapsulate traffic traversing virtual networks so that the physical network is only responsible for forwarding packets from edge to edge, using the outer header. (An earlier VMware post on overlay tunnels is here.)
One question that came up following the NSX launch was around the impact of overlay technologies on network visibility, so we’ll address that question here.
In our experience, a well-designed network virtualization solution can actually solve visibility issues by providing an unprecedented ability to monitor and troubleshoot virtual networks. We discuss below some of the monitoring and troubleshooting tools that can be (and have been) provided in an overlay-based network virtualization platform. These tools enable an operator to determine which problems are in the overlay versus the underlay, and to diagnose and rectify problems in either layer by viewing the underlay and the overlay in a unified manner.