Designing a Virtual Network.

In a ‘real world’ network architecture,if two or more machines need to be communicated in an isolated environment,VLAN can be devised between them. A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer. In this context, virtual refers to a physical object recreated and altered by additional logic.Similarly, if two virtual machines need to be communicated on a virtual platform,what’s the solution here? This blog will describe the solution.

What is a virtual network?

It is network where all the devices including virtual machines,servers,data centres communicate with each other through software and wireless technology.

How it works?

A virtual network uses modern technology to create an extended network that works wirelessly. This includes:

• VSwitch Software: Virtualization software on host servers that allows you to set up and configure a virtual network.
• Virtual machines and devices: Instruments that connect to the network and allow various functionality.
• Servers: Part of the network host infrastructure.
• Virtual Network Ndapter: Creates a gateway between networks.
• Physical network: Required as a host for the virtual network infrastructure.
• Firewalls and security: Designed for monitoring and stopping security threats.

Lets make it simple with a diagrammatic overview.The figure given below is an architecture before using Virtual Network.

BEFORE USING VIRTUAL NETWORK:

Any external user of the service needs to pass through the layers of Virtual Machine Hardware,NIC(Network Interface Card) and then the switch and then to the Internet.But what if zone1 needs to communicate to zone2? Above solution can be re-implemented here.But there is an optimal solution too,which would reduce latency,hardware utilisation.The answer is Virtual Network.

Let’s device a solution of an IT service, here,Gmail service, where the machines in two zones can communicate with each other using Virtual Network.

The figure shows a single Gmail service system with one NIC and a Virtual Network.

AFTER USING VIRTUAL NETWORK:

What is NIC?

A Network Interface Card (NIC) is a hardware component without which a computer cannot be connected over a network.

What is VNIC?

Every virtual machine will need a NIC that can connect and participate in a network. VMware calls it a vNIC. These entities can be created on each virtual machine.

The NIC is configured with four VNICs. Each VNIC is assigned to a zone. Zone1, Zone2,Zone3 and Zone4 are the four zones configured for use in the system. The zones communicate with each other and with the external network by using their respective VNICs.

Two out of the four VNICs connect to the underlying physical NIC through the virtual switch.The function of a virtual switch is equivalent to the function of a physical switch as both provide connectivity to the systems.Whereas, the other two are directly connected to the physical interface.

When a virtual network is configured, a zone sends traffic to an external host/client(in the Internet) in the same way as a system without a virtual network. For example,traffic flows from the zone1, through the VNIC to the virtual switch, and then to the physical interface,NIC then to the switch which sends the data to the Internet.

The zones can also exchange traffic with one another inside the system if all the VNICs configured to the zones are part of the same VLAN.

1. Lets say, gmail-login data of a certain user needs to be passed from Zone1 to Zone2. This data packet then uses Virtual Network.
2. This packet passes from Zone1 through its dedicated VNIC 1.
3. The traffic then flows through the virtual switch to VNIC 2.
4. VNIC 2 then passes the traffic to Zone 2.
5. The traffic never leaves the system, and therefore never violates the Ethernet restrictions and keeps the login credentials secure ;)

Whereas,as the Zone3 DOES NOT belong to the Virtual Network,it needs to travel through the VMware,NIC and the switch to communicate with the zone1,zone2,zone4.

Altogether,Virtual Network has these advantages:

1. Latency reduction:The zones in a single virtual network need not pass through the VMware,NIC,switch to communicate between each other.(Consider VLAN as its analogy.)
2. Security: As considered in the example above,the packet doesnt need to travel long till the last layer,hence the security increases.
3. Hardware utilisation reduction: VMware,NIC arent necessary for intra-zone communications.

Isn’t it amazing to have a virtual environment completely isolated from the world? ;)

I hope this blog was helpful!

References:

1. https://www.oreilly.com/library/view/learning-vmware-vsphere/9781782174158/ch04s04.html
2. https://en.wikipedia.org/wiki/VN