The open source world has delivered an alternative to the Cisco Nexus 1000v in the Open vSwitch -- a software switch that is optimized for multi-tenant public cloud computing environments. The Open vSwitch gives network administrators visibility and granular control of traffic running between and within virtual machines (VMs) in almost every environment – but doesn't yet work with VMware or Microsoft Hyper-V technology.
The Open vSwitch Project – which is backed by network control software startup Nicira Networks – provides downloadable coding for the open source virtual switch, which is licensed under Apache 2. It currently supports Xen, XenServer, KVM and VirtualBox but can be ported to other virtualization environments.
Like the Nexus 1000v – which is used in vSphere – the Open vSwitch addresses every networking pro's concern with virtualization: the inability to control data flows and provide other core network services between VMs. Open vSwitch works with network controller software to provide distributed virtual switching. That means the switch and controller software can institute cluster-level network configurations across many servers, eliminating the need to separately configure the network for each VM and physical machine. The switch also enables VLAN trunking; visibility via NetFlow, sFlow and RSPAN; and use of the OpenFlow protocol for management.
Proponents of the Open vSwitch – including Citrix, which will support the switch in the next version of XenServer -- say it goes further than Cisco's Nexus 1000v by enabling the kind of granular routing and management necessary for multi-tenancy networks in the cloud. Multi-tenancy networks segment virtualized instances of the network to house client data or applications in silos without ever letting the resources intermingle.
"With Open vSwitch we can extend the VLANs of the real infrastructure into the virtual, and customers can each have their own VLANs," said John Galgay, president and COO of Telivo Managed Services, a cloud integrator. Telivo uses Xen and KVM for its virtualization, so it couldn't make use of the proprietary Cisco Nexus 1000v.
OpenFlow protocol and Open vSwitch for remote management
The tight traffic control enabled by the Open vSwitch is largely the result of the OpenFlow switching protocol. OpenFlow gives network controller software access to the data path of a switch or router over the network. Network administrators can use this technology to control the data plane remotely on a PC, allowing them to make granular routing and switching decisions and implement intricate network policies.
These remote management capabilities on the Open vSwitch allow multi-tenant cloud computing integrators and providers to give customers the ability to manage their own virtual networks, applications and policy via a PC on an ongoing basis.
"VMware or XenServer had networking functions that were more the equivalent of bridging than they were like switching," said Citrix CTO Simon Crosby. With the Open vSwitch, users can "bend virtual wires" to make their own traffic flow and policy decisions, he added.
Network control software and the open source virtual switch
The Open vSwitch will be heavily dependent on integration with network controller software, which basically monitors and controls data flow and coordinates policy on the network in a virtualized environment. Nicira – the backer of the Open vSwitch Project -- is one of the pioneers in this field. While the company isn't planning to "monetize" the open source virtual switch, it is hoping that its uptake will create "an opening in the network" for its new controller software, said Justin Pettit, Nicira's director of switch technology.
Nicira is still in stealth mode, but it has developed a software server that connects to each of the Open vSwitches in order to coordinate policies among VMs.
"XenServer has a protocol, Xapi, which takes care of [VM] migration. We could have Xapi notify us when a VM has migrated, but that's fairly expensive. [Instead] we're hooked into all the networking scripts so when we a virtual interface pop up on a system, [it] sends a message to our controller," explained Pettit.
Can an open source virtual switch exist in an enterprise world?
Open vSwitch may be promising but, as one network engineer at a large financial firm said, "The lack of VMware support is a huge problem."
So will this open source virtual switch ever function in vSphere?
Technically, nothing prevents VMware from adopting and supporting the Open vSwitch, but that's likely to be a long way off, Pettit said. In fact, no official discussions have yet taken place.
It's also unlikely that networking vendors will market or even build around the Open vSwitch since "they have nothing there to commoditize," said analyst Jim Metzler of Ashton Metzler & Associates.
Still, the adoption by XenServer is promising. Now it will be up to Nicira and others to develop the switch further, Metzler said.
"The project needs somebody pushing open source to make it happen," he said. "I am optimistic that Nicira will do that."