Network Virtualization

One of the key goals of SDN is to implement flexible networks that can be dynamically provisioned. While the main cornerstones of SDN are centralized control and network programmability, network virtualization and network orchestration are just as important.


Network virtualization is the process of combining hardware and software network resources and network functionality into a single, software-based administrative entity, a virtual network. Network virtualization involves platform virtualization, often combined with resource virtualization.

Network virtualization is categorized as either external virtualization, combining many networks or parts of networks into a virtual unit, or internal virtualization, providing network-like functionality to software containers on a single network server.


External virtualization

External network virtualization combines or subdivides one or more local area networks (LANs) into virtual networks to improve a large network’s or data center’s efficiency. A virtual local area network (VLAN) and network switch comprise the key components. Using this technology, a system administrator can configure systems physically attached to the same local network into separate virtual networks. Conversely, an administrator can combine systems on separate local area networks (LANs) into a single VLAN spanning segments of a large network.

Internal virtualization

Internal network virtualization configures a single system with software containers, such as Xen hypervisor control programs, or pseudo-interfaces, such as a VNIC, to emulate a physical network with software. This can improve a single system’s efficiency by isolating applications to separate containers or pseudo-interfaces.


Why network virtualization?

Much of the technology discussed so far leads to the implied goal of network virtualization. When a network is virtualized, the physical components of the network have been abstracted so users no longer have to think of the network in terms of specific routers, switches or even ports. Instead, a common physical network is shared by a variety of virtual networks. MPLS is another tried-and-true technology that has been used to achieve this sort of network virtualization. Despite being a well-known and mature technology, Q-in-Q and MPLS tend to be service provider technologies, and they are not often deployed in data center environments.

In SDN paradigms, network virtualization tends to be accomplished using overlays like Virtual Extensible LAN (VXLAN), Network Virtualization using GRE (NVGRE) and Stateless Transport Tunneling (STT), possibly in conjunction with OpenFlow. In an overlay network, traffic that is part of a particular virtual network has an identifying wrapper placed around it that isolates it from other virtual networks sharing the same underlying physical network. While not strictly required, an SDN controller can be used to identify all of a virtual network’s endpoints, instructing switches where and how to encapsulate traffic inside of the overlay, maximizing the efficiency of endpoint-to-endpoint communication.