Conceptually, network virtualization is simple. Network virtualization decouples and isolates virtual networks from the underlying network hardware, like server virtualization decouples and isolates virtual machines from the underlying server hardware. Once virtualized, the physical network is used only for packet forwarding and treated as an IP backplane. Virtual networks are then programmatically created and operate completely decoupled from the underlying hardware, offering the same features and guarantees of a physical network; yet with the operational benefits and hardware independence of virtual machines.
Nicira Network Virtualization Platform (NVP)
A software solution, NVP creates an intelligent abstraction layer between end hosts and your existing network. Managed by a distributed controller system this intelligent edge transforms your physical network into a pool of network capacity and enables the programmatic creation of tens of thousands of isolated virtual networks to connect workloads in your cloud.
An Intelligent Edge
Open vSwitch (OVS), switch software designed for remote control, operates in server hypervisors to form a software abstraction layer between servers and the physical network.
OVS can be deployed in two ways at the edge of a Nicira virtualized network. First, a complete software solution that works with your existing XenServer, Xen, KVM or ESX hypervisors. Second, as a NVP Gateway — OVS in a virtual or physical appliance. An NVP Gateway is primarily deployed to integrate with physical servers and legacy VLANs or for connecting virtual networks to the Internet.
The Controller Cluster
The NVP Controller Cluster is a highly available distributed system that manages all the virtualized network components and connections. The Controller Cluster exposes a RESTful web services API and defines virtual networks. Capable of controlling and managing thousands of OVS edge devices, the controller does not sit in the data path.
NVP can be deployed non-disruptively on existing networks without changing hardware, or it can be used with next generation network fabric architectures from any vendor. In fact, many of our customers are moving to simple, low cost, high performance L3 fabrics built with on low cost / high performance network hardware.
NVP allows the programmatic creation of isolated virtual networks, each of which maintains its own address space, statistics counters, QoS, security configurations, and other higher-level network services.
Virtualizing the network “changes the laws of network physics”. Virtual networks allow workload mobility across subnets and availability zones while maintaining L2 adjacency, scalable multi-tenant isolation and the ability to repurpose physical infrastrucuture on demand. The time it takes to deploy secure applications in the cloud goes from weeks to minutes and the process goes from manual to automatic.
Decoupling virtual networks from the physical network dramatically reduces the complexity of the physical network. The physical network, like physical servers, becomes a shared pool of network capacity that can be consumed and repurposed on demand; a simple to manage, rack-once-wire-once, IP fabric that can be provided by any hardware vendor.