Re: [DISCUSS] Linux native VXLAN support on KVM hypervisor
On Thu, May 2, 2013 at 7:34 PM, Justin Grudzien grudz...@gmail.com wrote: I will +1 this. I spoke with Cisco a few weeks ago and they certainly see VXLANS as being the future for cloud infrastructures. In addition to Linux support we should look at the Cisco 1000v and open vSwitch support a well. Cisco said they already have VMWare support today on the 1000v with KVM coming soon. I think we have 1000v support already in master for VMware --David
Re: [DISCUSS] Linux native VXLAN support on KVM hypervisor
On Wed, May 01, 2013 at 04:58:12PM -0400, Toshiaki Hatano wrote: Hi all, I’d like to add Linux native VXLAN support on KVM hypervisor. Currently, advanced zone with VLAN isolation can hold only 4k networks (= accounts) in a zone due to the VLAN ID limitation. 4k accounts per zone is not enough for IaaS provider like us. Furthermore, VPC will allow single account to consume multiple networks. Linux kernel 3.7 or later supports VXLAN as part of its ordinal networking function. VXLAN enable Layer 2 tunneling over UDP/IP with VLAN-like encapsulation and allow 16M isolated networks in the domain. So, by using linux native VXLAN support, we can extend network limits without introducing unnecessary complexity. (But in other words, it’s not as flexible as Open vSwitch. Only thing Linux native VXLAN provides is multipoint L2 tunneling.) Any thoughts about this? P.S. I’m currently working on this as my internship project. As proof of concept, I’ve modified “modifyvlan.sh” script which is actual VLAN create/delete manipulation script called from cloud-agent, to create and to use VXLAN interface instead of VLAN interface. Modified script is tested with CloudStack 4.0.1 and 3 KVM hypervisors based on CentOS 6.4 + 3.8.6 kernel. And it looks working. (But I’m still testing) P.S.2. FYI: OpenStack already started process [1] to support Linux native VXLAN. [1] https://review.openstack.org/#/c/26516/ Best Regards, -- Toshiaki Hatano I note that no one has replied to this thread yet, but I'll give you my general +1 on the idea. Can some of the network-centric folks on the dev list please speak up on the proposal? -chip
Re: [DISCUSS] Linux native VXLAN support on KVM hypervisor
+1 the more isolation methods, the better. On Thu, May 2, 2013 at 1:31 PM, Chip Childers chip.child...@sungard.comwrote: On Wed, May 01, 2013 at 04:58:12PM -0400, Toshiaki Hatano wrote: Hi all, I’d like to add Linux native VXLAN support on KVM hypervisor. Currently, advanced zone with VLAN isolation can hold only 4k networks (= accounts) in a zone due to the VLAN ID limitation. 4k accounts per zone is not enough for IaaS provider like us. Furthermore, VPC will allow single account to consume multiple networks. Linux kernel 3.7 or later supports VXLAN as part of its ordinal networking function. VXLAN enable Layer 2 tunneling over UDP/IP with VLAN-like encapsulation and allow 16M isolated networks in the domain. So, by using linux native VXLAN support, we can extend network limits without introducing unnecessary complexity. (But in other words, it’s not as flexible as Open vSwitch. Only thing Linux native VXLAN provides is multipoint L2 tunneling.) Any thoughts about this? P.S. I’m currently working on this as my internship project. As proof of concept, I’ve modified “modifyvlan.sh” script which is actual VLAN create/delete manipulation script called from cloud-agent, to create and to use VXLAN interface instead of VLAN interface. Modified script is tested with CloudStack 4.0.1 and 3 KVM hypervisors based on CentOS 6.4 + 3.8.6 kernel. And it looks working. (But I’m still testing) P.S.2. FYI: OpenStack already started process [1] to support Linux native VXLAN. [1] https://review.openstack.org/#/c/26516/ Best Regards, -- Toshiaki Hatano I note that no one has replied to this thread yet, but I'll give you my general +1 on the idea. Can some of the network-centric folks on the dev list please speak up on the proposal? -chip
Re: [DISCUSS] Linux native VXLAN support on KVM hypervisor
Agreed. This will give us four options for 4k isolation.
Re: [DISCUSS] Linux native VXLAN support on KVM hypervisor
+1. In général you'd have to do much more than 'modifyvlan.sh'. You should take a look at the Nicira (and other) integrations. On 5/1/13 1:58 PM, Toshiaki Hatano toshiaki.hat...@verio.net wrote: Hi all, I¹d like to add Linux native VXLAN support on KVM hypervisor. Currently, advanced zone with VLAN isolation can hold only 4k networks (= accounts) in a zone due to the VLAN ID limitation. 4k accounts per zone is not enough for IaaS provider like us. Furthermore, VPC will allow single account to consume multiple networks. Linux kernel 3.7 or later supports VXLAN as part of its ordinal networking function. VXLAN enable Layer 2 tunneling over UDP/IP with VLAN-like encapsulation and allow 16M isolated networks in the domain. So, by using linux native VXLAN support, we can extend network limits without introducing unnecessary complexity. (But in other words, it¹s not as flexible as Open vSwitch. Only thing Linux native VXLAN provides is multipoint L2 tunneling.) Any thoughts about this? P.S. I¹m currently working on this as my internship project. As proof of concept, I¹ve modified ³modifyvlan.sh² script which is actual VLAN create/delete manipulation script called from cloud-agent, to create and to use VXLAN interface instead of VLAN interface. Modified script is tested with CloudStack 4.0.1 and 3 KVM hypervisors based on CentOS 6.4 + 3.8.6 kernel. And it looks working. (But I¹m still testing) P.S.2. FYI: OpenStack already started process [1] to support Linux native VXLAN. [1] https://review.openstack.org/#/c/26516/ Best Regards, -- Toshiaki Hatano Verio, an NTT Communications company E-mail: toshiaki.hat...@verio.net AIM: toshiaki.hat...@verio.net Phone: (801)437-7482 Office (801)960-6410 Cellular This email message is intended for the use of the person to whom it has been sent, and may contain information that is confidential or legally protected. If you are not the intended recipient or have received this message in error, you are not authorized to copy, distribute, or otherwise use this message or its attachments. Please notify the sender immediately by return e-mail and permanently delete this message and any attachments. Verio Inc. makes no warranty that this email is error or virus free. Thank you.
Re: [DISCUSS] Linux native VXLAN support on KVM hypervisor
I will +1 this. I spoke with Cisco a few weeks ago and they certainly see VXLANS as being the future for cloud infrastructures. In addition to Linux support we should look at the Cisco 1000v and open vSwitch support a well. Cisco said they already have VMWare support today on the 1000v with KVM coming soon. Justin Sent from my iPhone On May 2, 2013, at 3:31 PM, Chip Childers chip.child...@sungard.com wrote: On Wed, May 01, 2013 at 04:58:12PM -0400, Toshiaki Hatano wrote: Hi all, I’d like to add Linux native VXLAN support on KVM hypervisor. Currently, advanced zone with VLAN isolation can hold only 4k networks (= accounts) in a zone due to the VLAN ID limitation. 4k accounts per zone is not enough for IaaS provider like us. Furthermore, VPC will allow single account to consume multiple networks. Linux kernel 3.7 or later supports VXLAN as part of its ordinal networking function. VXLAN enable Layer 2 tunneling over UDP/IP with VLAN-like encapsulation and allow 16M isolated networks in the domain. So, by using linux native VXLAN support, we can extend network limits without introducing unnecessary complexity. (But in other words, it’s not as flexible as Open vSwitch. Only thing Linux native VXLAN provides is multipoint L2 tunneling.) Any thoughts about this? P.S. I’m currently working on this as my internship project. As proof of concept, I’ve modified “modifyvlan.sh” script which is actual VLAN create/delete manipulation script called from cloud-agent, to create and to use VXLAN interface instead of VLAN interface. Modified script is tested with CloudStack 4.0.1 and 3 KVM hypervisors based on CentOS 6.4 + 3.8.6 kernel. And it looks working. (But I’m still testing) P.S.2. FYI: OpenStack already started process [1] to support Linux native VXLAN. [1] https://review.openstack.org/#/c/26516/ Best Regards, -- Toshiaki Hatano I note that no one has replied to this thread yet, but I'll give you my general +1 on the idea. Can some of the network-centric folks on the dev list please speak up on the proposal? -chip
[DISCUSS] Linux native VXLAN support on KVM hypervisor
Hi all, I’d like to add Linux native VXLAN support on KVM hypervisor. Currently, advanced zone with VLAN isolation can hold only 4k networks (= accounts) in a zone due to the VLAN ID limitation. 4k accounts per zone is not enough for IaaS provider like us. Furthermore, VPC will allow single account to consume multiple networks. Linux kernel 3.7 or later supports VXLAN as part of its ordinal networking function. VXLAN enable Layer 2 tunneling over UDP/IP with VLAN-like encapsulation and allow 16M isolated networks in the domain. So, by using linux native VXLAN support, we can extend network limits without introducing unnecessary complexity. (But in other words, it’s not as flexible as Open vSwitch. Only thing Linux native VXLAN provides is multipoint L2 tunneling.) Any thoughts about this? P.S. I’m currently working on this as my internship project. As proof of concept, I’ve modified “modifyvlan.sh” script which is actual VLAN create/delete manipulation script called from cloud-agent, to create and to use VXLAN interface instead of VLAN interface. Modified script is tested with CloudStack 4.0.1 and 3 KVM hypervisors based on CentOS 6.4 + 3.8.6 kernel. And it looks working. (But I’m still testing) P.S.2. FYI: OpenStack already started process [1] to support Linux native VXLAN. [1] https://review.openstack.org/#/c/26516/ Best Regards, -- Toshiaki Hatano Verio, an NTT Communications company E-mail: toshiaki.hat...@verio.net AIM: toshiaki.hat...@verio.net Phone: (801)437-7482 Office (801)960-6410 Cellular This email message is intended for the use of the person to whom it has been sent, and may contain information that is confidential or legally protected. If you are not the intended recipient or have received this message in error, you are not authorized to copy, distribute, or otherwise use this message or its attachments. Please notify the sender immediately by return e-mail and permanently delete this message and any attachments. Verio Inc. makes no warranty that this email is error or virus free. Thank you.