• United States
by Dave Roberts, special to Network World

Virtualization downsizes the data center

Jan 26, 20044 mins

Data centers run an array of computing, storage and network systems that creates management challenges and strains IT resources. There’s a growing need to simplify and automate data center networks to make them run smarter and more efficiently. Network virtualization technology is key to accomplishing that goal.

Data centers run an array of computing, storage and network systems that creates management challenges and strains IT resources. There’s a growing need to simplify and automate data center networks to make them run smarter and more efficiently. Network virtualization technology is key to accomplishing that goal.

Virtualization pools IT resources and allocates them as needed to specific tasks, allowing users to meet their requirements with fewer physical resources.

Frame relay, virtual LANs, logical partitions and RAID all use virtualization. Virtualization is being applied in new ways to consolidate and automate network functionality in data centers.

Network virtualization blends the economics and efficiencies of shared systems with the integrity, performance and security of independent systems. Virtualization switches deliver a range of networking and security functions, such as firewall and intrusion detection, on one physical hardware platform. Network administrators can configure, deploy and manage these functions as if they were separate devices.

While virtualization switches combine functions, they also partition and isolate resources into multiple sets. Network administrators can operate the resources and allocate different quantities to specific applications.

Isolation starts at the configuration level and ensures that each set of resources within the system has a separate configuration so that a misconfiguration of one application’s resources will not interfere with another application. A service processor performs the primary processing for the individual network services configured in the virtual partitions. A custom ASIC allocates partitions on the service processor to isolate resources all the way down to the hardware and provides each virtualized instance with separate queues, buffers, memory or processing resources.

The system shifts resources between each virtual instance, such as providing one virtualized instance with more bandwidth and another with more memory, as requirements dictate. The virtualized system tracks all the resources used whenever a packet or service is being processed on the application’s behalf so that one virtual entity cannot monopolize resources at the expense of another virtual entity.

Virtualized systems maintain system integrity by establishing protective domains that prevent the failure of any segment from propagating through the system and affecting other virtual entities.

For example, if a virtual firewall on the system crashes, the rest of the virtual entities on the system – other firewalls, VPNs, load balancers – are protected from the failure and continue to function normally. Once the system detects a failure in a virtual entity, it automatically contains it by using a processor memory management unit (MMU) to create memory-protection domains and restarts the entity without disrupting the other resources in the system.

When a service crashes, the virtual system can clean up the memory associated with the virtualized partition and re-create it from scratch. This feature allows for quick service restart without compromising other partitions in the system.

Private partitions

Virtualized network systems perform resource management at the hardware level to partition and protect virtualized resources, so they don’t mix with or disrupt other partitioned resources in the system. This means one virtual service cannot “see” any other virtual services on the system, which ensures that virtual functions operate independently and guarantees security and integrity between virtual functions on one hardware platform.

Network virtualization technology lets corporations increase network resource utilization and exert more control over resources and how they are allocated. The company also gains flexibility and speed in scaling the resources. Using virtualization to reduce the number of physical devices in a network significantly reduces the cost and complexity of managing network infrastructure.

Roberts is co-founder and vice president of strategy for Inkra Networks. He can be reached at