Cisco, HP and others are waging an epic battle to gain control of the datacentre, but at the same time they are joining forces to push through new Ethernet standards that could greatly ease management of those increasingly virtualised IT nerve centres.
The IEEE 802.1Qbg and 802.1Qbh specifications are designed to address serious management issues raised by the explosion of virtual machines in datacentres that traditionally have been the purview of physical servers and switches. In a nutshell, the emerging standards would offload significant amounts of policy, security and management processing from virtual switches on network interface cards (NIC) and blade servers and put it back onto physical Ethernet switches connecting storage and compute resources.
The IEEE draft standards boast a feature called Virtual Ethernet Port Aggregation (VEPA), an extension to physical and virtual switching designed to eliminate the large number of switching elements that need to be managed in a datacentre. Adoption of the specs would make management easier for server and network administrators by requiring fewer elements to manage, and fewer instances of element characteristics – such as switch address tables, security and service attribute policies, and configurations – to manage.
"There needed to be a way to communicate between the hypervisor and the network," an analyst at Enterprise Systems Group, Jon Oltsik, said. "When you start thinking about the complexities associated with running dozens of VMs on a physical server the sophistication of datacentre switching has to be there."
But adding this intelligence to the hypervisor or host would add a significant amount of network processing overhead to the server, Oltsik said. It would also duplicate the task of managing media access control address tables, aligning policies and filters to ports and/or VMs and so forth.
"If switches already have all this intelligence in them, why would we want to do this in a different place?" Oltsik noted.
VEPA does its part by allowing a physical end station to collaborate with an external switch to provide bridging support between multiple virtual end stations and VMs, and external networks. This would alleviate the need for virtual switches on blade servers to store and process every feature – such as security, policy and access control lists (ACLs) – resident on the external datacentre switch.