Establishment Of Multiple Virtual Environments Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

The manufacturers of network hardware have been in the virtualization arena for some time, although not always recognized as virtualization. The most popular forms of network virtualization are:

As defined in the IEEE 802.1Q standard, VLANs are a method of creating independent logical networks within a shared physical network. Network administrators incorporate VLANs into their network design to logically segment broadcast domains and control the interaction between devices on different network segments. VLAN technology has evolved and is a common feature in the application-specific integrated circuits (ASICs) of just about all modern-day Ethernet switches. Although multiple devices can be physically connected to the same network switch, VLANs allow network administrators to create multiple virtual networks that isolate each segment from the others. Each segment utilizes a portion of the available resources (CPU, memory, bandwidth, and so on) in the host switch.

A virtual IP is the IP address that is not connected to a specific computer or a network interface in a computer. VIPs are usually assigned to a network device that is in-path of the traversing network traffic. Incoming packets are sent to the VIP which are redirected to the actual interface of the receiving host(s). VIPs are mostly used for redundancy and load-balancing scenarios, where multiple systems are hosting a common application and are capable of receiving the traffic as redirected by the network device.

Virtual private network (VPN)

A VPN is a private communication network that is used to communicate securely over a public network. VPN traffic is often carried over highly insecure network mediums, such as the Internet, creating a secure channel (tunnel) for sensitive and confidential information to traverse from one site to another. It is also used as a means of extending remote employees home networks to the corporate network. Although special software is usually needed to establish the connection, which once established, interaction with other resources on the network is handled the same way it would be on a true physical network, without requiring any further modification to the network stack or operating system.

Describe the purpose, architecture and operation of the general concept of both internal and external network virtualisation.

Internal Network Virtualization

The Internal Network Virtualization provides the so called "network-in-a-box" by defining containers which include pseudo network interfaces, virtual switches and management software which emulate network connectivity by enabling containers to exchange data without having to pass that data onto the external network. These containers are connected and are able to exchange data among each other.

In Xen Virtualization in the containers are the "Xen domains", combined with the Xen hypervisor kernel and pseudo-networking interfaces such as the VNICs.

Xen Virtualization

Xen is an open-source Virtual Machine Manager(VMM), or hypervisor, for both 32- and 64-bit processor architectures. It runs as a software directly on top of the physical hardware and enables to run several virtual guest operating systems on the same host computer at the same time. These virtual machines are run securely and efficiently with near-native performance above the VMM.

According to Xen terminology the first guest operating system, called "the domain 0" (dom0), boots automatically when the hypervisor boots and receives special management privileges and direct access to all physical hardware by default. The system administrator can log into dom0 in order to mange any further guest operating systems, the less privileged ones called the "domain U" (domU) in Xen terminology. The domUs have their own operation space presented by the VMM which is a virtual set of CPU, memory, I/O, and disk resources to each guest. But the domUs depend on the dom0 to communicate with the physical hardware. Xen creates virtual

Fig. System Structure with Xen VMM containing two linux based and two windows based guests

(ref. Syngress Press "Virtualization with Xen")

Xen networking architecture

To facilitate network I/O virtualization, Xen provides an abstraction of a virtual firewall router (VFR). The VFR has one or more virtual interfaces (VIFs) or the VNICs that logically make up the communication interfaces of the VFR. Each VIF looks and acts like a standard network interface card, containing two I/O rings, one for transmission and the other for reception. The VFR contains the rules, as established by the guest OS, Xen has two primary networking architecture options where the virtual network interfaces can be configured for bridging or routing. The default is bridging but it can be configured for routing according to requirements. However, the networks can also be configured for NAT (Network Address Translation) where packets within the network are translated to a particular network address before moving to external networks.

Bridging VLANs (Virtual Local Area Networks)

It is a method for creating independent networks within a LAN. It is implemented by tagging the Ethernet frame using the IEEE802.1Q tagging protocol. Using VLAN improves overall performance, because multicasts and broadcasts from VLANs are kept within the VLAN (broadcast domain). VLAN can also be configured for security. VLANs can be defined within the software using the vconfig utility.

Xen Network Virtualisation (industry example)

A web hosting company uses the guest instances to host separate web servers which have their own assigned resources such as CPU, memory, disk-space and network-capacity according to customer request. The two instances can be used as load-balancing structures for traffic in the network. One instance is the replica of the other which can also be used as failover path incase the previous instance is down. This will be done by redirecting the traffic using virtual IP on the VIF which will be redirected to the standby instance when fault occurs. Virtualizing will have advantages over the cost of adding adding new infrastructure than to add virtual instance… ( afai milau hai dear) mwahs