Shulou(Shulou.com)06/01 Report--

NVGRE protocol

NVGRE (Network Virtualization Generic RoutingEncapsulation) is one of the commonly used tunnel encapsulation protocols. NVGRE uses a general encapsulation format to encapsulate layer 2 network packets into layer 3 network packets. NVGRE plays the role of virtualized IP in Hyper-V network virtualization. HNV uses NVGRE as the tunnel header. When the source virtual machine sends the packet, it is first re-encapsulated into another packet by the HNV-enabled switch. The new packet header contains the new source and destination IP addresses (IP virtualization) and their corresponding MAC addresses and VSID information, and the VSID is stored in the Key area of the GRE header, as shown in figure 1. After the data is sent to the target physical machine switch, the target HNV switch disassembles the packet and sends the data to the target virtual machine.

Figure 1 NVGRE encapsulation tunnel

PA and CA

In the same physical network system, there can be multiple repeated but not conflicting IP addresses in the environment without the help of VLAN technology, instead of Overlay technology to realize network virtualization. In HNV, each virtual network card can be associated with two IP addresses-that is, CA and PA addresses.

Customer Address (CA). It is also called the customer address, because the IP address is obtained from the IP address pool of the virtual subnet created by the tenant. The CA address is the IP address assigned to the virtual operating system, which can be checked by using commands such as ipconfig or ifconfig. When customers' virtual machines are deployed in multi-tenant data centers using CA IP addresses, they are not aware that the virtual machines use network virtualization technology, which is no different from the traditional network from the point of view of the virtual machines themselves.

Provider Address (PA). It is also called the service provider address, because this address is defined in the network virtualization architecture and is not assigned to the virtual machine but to the physical host. The function of the PA address is the IP address used by NVGRE to re-encapsulate the data, which plays the function of IP address virtualization. The PA address cannot be viewed in the virtual operating system using commands such as ipconfig or ifconfig. The PA address space is used for communication between physical machines running virtual machines and can only be viewed in the physical network.

If the customer migrates the virtual machine from their own data center to the multi-tenant public data center, the CA address helps the customer maintain the existing network topology. after the migration to the public data center, the CA address maintains loose coupling through the IP address virtualization of the public data center infrastructure, and the process of IP virtualization is completed by the PA address. So the essence of HNV is realized through IP address virtualization.

The PA address is not always assigned to the physical machine. The physical machine dynamically acquires and releases the PA address in the PA address space. For the physical machine to be able to assign PA addresses, it is necessary to assign the logical switch containing the HNV logical network to the physical machine. Once the virtual machine associated with the HNV logical network is created on the physical machine, the physical machine will obtain an PA IP address from the PA IP address pool. You can use the Get-NetVirtualizationProviderAddress command to view the PA address assigned by the physical machine, as shown in the following example.

PS C:\ > Get-NetVirtualizationProviderAddress ProviderAddress: 10.2.22.14 InterfaceIndex: 31 PrefixLength: 24 VlanID: 222AddressState: Preferred MACAddress: 001dd8b71c6f ManagedByCluster: False

The PA IP address is not permanently assigned to the physical machine, but changes dynamically. As long as the virtual machine using the HNV logical network is running, the physical machine in which the virtual machine is located will take an PA address from the address pool. If other nodes in the cluster do not use the virtual machine network using HNV, the PA address will not be assigned for the time being. Only after the virtual machine is migrated to a physical machine node in real time will the physical machine assign an PA address. Invalid PA addresses will also be recycled. If the virtual machine is migrated to other nodes, the PA address previously assigned to the physical machine may be recycled. When the virtual machine moves back to this physical machine, a new PA address will be reassigned.

Next, we use an actual case to verify the dynamic allocation of PA. There are two physical servers in the cluster, HYP06,HYP07. Create a PA logical network with subnet 10.2.22.0amp 24 and create a pool of IP addresses, associate the logical network with a logical switch, and assign the logical switch to the two physical machines. Then create two virtual machines, all running on the HYP06 physical machine, and be sure to use the HNV logical network, as shown in figure 2.

Fig. 2 two virtual machines initially run on the same physical machine HYP06

Use the Get-NetAdapter command to check the index number of the logical network, and then use the Get-NetVirtualizationProviderAddress command to query the PA address assigned to the physical machine, which shows that the PA address is assigned to the logical switch with network card number 29 (HNV enabled) and not to other network cards. In the returned results, you can see that the logical switch with network card number 29 of HYP06 has been assigned two PA addresses, 10.2.22.18 and 10.2.22.19, as shown in the following example.

PS C:\ > Get-NetAdapter Name InterfaceDescription IfIndex Status-LogicalSwitch Microsoft Network Adapter Multiplex.. 29 UpPS C:\ > Get-NetVirtualizationProviderAddress ProviderAddress: 10.2.22.19 InterfaceIndex: 29 PrefixLength: 24 VlanID: 222AddressState: Preferred MACAddress: 001dd8b71c77 ManagedByCluster: False ProviderAddress: 10.2.22.18 InterfaceIndex: 29 PrefixLength: 24 VlanID: 222AddressState : Preferred MACAddress: 001dd8b71c76 ManagedByCluster: False

Because there are no virtual machines using HNV on HYP07, when you use the Get-NetAdapter command to retrieve the index number 31 of the logical switch, and when you use Get-NetVirtualizationProviderAddress to retrieve whether the logical switch with this index number is assigned a PA address, the result returned is empty, as shown in the following example, which means that the logical switch of HYP07 is not assigned a PA address.

PS C:\ > Get-NetVirtualizationProviderAddress PS C:\ > Get-NetAdapter Name InterfaceDescription IfIndex Status-LogicalSwitch Microsoft Network Adapter Multiplex.. 31 Up

Use live migration to migrate the virtual machine from HYP06 to HYP07, the migration ends, and the virtual machine runs on the new host HYP07, as shown in figure 3.

Figure 3 Virtual machine migration from HYP06 to HYP07

After waiting for the migration to finish, log in to the command on HYP07 to check the PA address allocation. In the returned result, you can see that HYP07 has been assigned two PA addresses, which are 10.2.22.20 and 10.2.22.21, respectively, as shown in the following example.

PS C:\ > Get-NetVirtualizationProviderAddress ProviderAddress: 10.2.22.21 InterfaceIndex: 31 PrefixLength: 24 VlanID: 222AddressState: Preferred MACAddress: 001dd8b71c79 ManagedByCluster: False ProviderAddress: 10.2.22.20 InterfaceIndex: 31 PrefixLength: 24 VlanID: 222AddressState: Preferred MACAddress: 001dd8b71c78 ManagedByCluster: False

Then the virtual machine is moved back to HYP06 in real time, and the virtual machine is run on HYP06 again, as shown in figure 4.

Figure 4 Virtual machine running on HYP06 again

At this time, log in to the HYP06 host again and run the command to check the PA address. You will find that the assigned PA address has changed. The new ones are 10.2.22.22 and 10.2.22.23, respectively, as shown in the following example. PA addresses previously assigned to HYP06 will also be recycled into the IP address pool later.

PS C:\ > Get-NetVirtualizationProviderAddress ProviderAddress: 10.2.22.19 InterfaceIndex: 29. …… MACAddress: 001dd8b71c77... …… ProviderAddress: 10.2.22.18 InterfaceIndex: 29. …… MACAddress: 001dd8b71c76... …… PS C:\ > Get-NetVirtualizationProviderAddress ProviderAddress: 10.2.22.23 InterfaceIndex: 29. …… MACAddress: 001dd8b71c7b... :. ProviderAddress: 10.2.22.22 InterfaceIndex: 29. …… MACAddress: 001dd8b71c7a... ……

After many times of real-time migration between physical machines, virtual machines cause the PA of physical machines to be redistributed and recycled many times. When you run the Get-SCIPAddress command in SCVMM to check, you will find that PA addresses are gradually recycled to the PA IP address pool by SCVMM.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.