Marco Caberletti (Istituto Nazionale Fisica Nucleare (IT))
The extensive use of virtualization technologies in cloud environments has created the need for a new network access layer residing on hosts and connecting the various Virtual Machines (VMs). In fact, massive deployment of virtualized environments imposes requirements on networking for which traditional models are not well suited. For example, hundreds of users issuing cloud requests for which full access (i.e., including root privileges) to VMs are requested, typically requires the definition of network separation at layer 2 through the use of virtual LANs (VLANs). However, in large computing centers, due for example to the number of installed network switches, to their characteristics, or to their heterogeneity, the dynamic (or even static) definition of many VLANs is often impractical or simply not possible. In this paper, we present a solution to the problem of creating dynamic virtual networks based on the use of the Generic Routing Protocol (GRE). GRE is used to encapsulate VM traffic so that the configuration of the physical network switches doesn't have to change. In particular, we describe how this solution can be used to tackle problems such as dynamic network isolation and mobility of VMs across hosts or even sites. We will then show how this solution has been integrated in the WNoDeS framework (http://web.infn.it/wnodes) and tested in the WNoDeS installation at the INFN Tier-1, presenting performance metrics and an analysis of the scalability of the system.