A computer network as we usually visualize it involves various cables (Ethernet, fiber optic, coaxial) connecting to appliances like routers and switches, which direct data packets where they need to go.\nThe rise of Wi-Fi and cellular data networks have replaced some of those wires with wireless signals, but even radio waves are in the realm of the physical, and they connect back to cell towers or Wi-Fi access points.\nIn the seven-layer OSI network reference model, all of that network equipment, processing, and communication occupies the lowest three layers: Level 3 (the network), Level 2 (the data link), and Level 1 (the physical layer).\nIn a virtual network, all of that activity takes place in software.\nVirtual networks may exist entirely within a single physical machine \u2013 a server. Or they may constitute an abstraction layer running on top of a physical network, whose configuration and topography may be quite different from that of the virtual network.\nBuilding a virtual network is a complex undertaking, but the benefits are enormous: networks can be reconfigured simply by changing a file, rather than through laborious physical labor that might involve crawling through ductwork.\u00a0\nHow does a virtual network work?\nTo understand how a virtual network works, let's start with a related and somewhat more familiar concept: a virtual machine. Most of us are familiar with VMs, which makes it possible to run multiple application instances on one physical machine.\nThese VMs don't really "know" that they're virtual; all the system calls and other communication that they would normally have with the underlying hardware is intercepted by a software layer called a hypervisor. The hypervisor juggles requests from multiple VMs running on the same machine to make the most efficient use of the underlying hardware resources.\nA VM and can even translate instructions across hardware platforms, so that a VM could, for instance, run on an x86 machine even though it's been designed for ARM processors. The hypervisor is able to return the results that the VM expects to receive from the hardware.\nA virtual network is based on the same principles. Software is configured to emulate a network with the specific topography desired by its administrators. As is the case with VMs, a virtual network is able to do its magic because the operating systems and applications communicating with it don't know (or care) whether or not they're talking to a real switch or a virtual switch (vSwitch).\nThey just send out packets marked with certain network routing information in their headers and expect to receive similar packets in return. Because that sort of communication is standardized, it's easy to build software that can emulate how a physical network card, switch, or router would behave, and indeed tools like Open vSwitch can run either on a hypervisor or as the control stack for physical networking hardware.\nOnce the hypervisor has these packets, it has to figure out how to route them to their destination, just like physical network hardware would. The difference is that the hypervisor must translate information about the software-defined virtual network\u2014the one that our computer "thinks" it's attached to\u2014to information about the actual underlying physical environment.\nA computer might think that it's sending a packet to another computer on the same local area network, but in reality the two machines might be in different countries\u2014or might be two virtual machines running on the same server.\nThe hypervisor will often solve this problem by enclosing the packet inside another packet that has different routing information in its header, and then handing that packet over to physical networking infrastructure. Once that packet arrives at its destination, the exterior packet is stripped away; the system that receives the packet will perceive it as having arrived via the virtual network, not the actual physical network that it traversed.\nIt goes without saying that implementing a virtual network takes quite a bit work and ingenuity. Why go through the trouble? A description of the different types of virtual networks will provide a sense of the real-world scenarios where they're useful.\u00a0\nTypes of virtual networks\nOne important distinction is between internal and external virtual networks. An internal virtual network is used to connect multiple VMs running on the same server. In this case, the hypervisor doesn't need to encapsulate network packets and send them out across a real network; it just figures out which VM they're intended for and delivers them.\nIt might seem odd to use protocols developed for computer-to-computer communications as a means for two processes running on the same physical hardware to communicate. But remember, one of the benefits of virtualization is that you can run multiple out-of-the-box operating systems as entirely separate and self-contained processes on the same server.\nUsing standard networking packets and protocols for this purpose, along with their associated security infrastructure, means that these VMs can run and communicate with each other without modification.\nExternal virtual networks, on the other hand, involve separate physical computers (or a mix of VMs and physical machines). In this scenario, machines are connected by traditional physical networking equipment (including connections over the open internet), but the network administrator will create a virtual network topology that's different from the underlying physical one.\nThere are three classes of virtual network, which could be internal or external:\n\nA Virtual Private Network (VPN) is the simplest form of virtual network. The most common scenario consists of a single computer connecting over the open internet to a local corporate network. From the perspective of that computer and other computers it interacts with, the computer is part of the LAN once the VPN is established, even though it's remote.\n\n\nA Virtual Local Area Network (VLAN) is more complex: it consists of an entire local area network defined virtually. A VLAN can be created by dividing a single physical LAN into multiple VLANs, or combining physically separate LANs into a single VLAN.\n\n\nA Virtual Extensible Local Area Network (VXLAN) is a souped up version of a VLAN, which allows large LANs to be subdivided into many more separate VLANs, and also makes it easier to migrate VMs without interrupting services, both of which are key for cloud infrastructure.\n\nAdvantages and benefits of virtual networks\n\u00a0Virtual networking is an absolute necessity when you have multiple VMs running on the same hardware\u2014a common scenario in cloud computing. Creating VLANs and VXLANs atop existing physical networks, meanwhile, allows admins to restructure networks to meet their needs quickly \u2014 and often, in the era of infrastructure as code, automatically. This would be difficult or impossible to do by manually rebuilding physical networks.\nThe advantages of virtual networking include:\n\nReducing the cost and maintenance involved with physical networking hardware.\nStreamlining network administration by centralizing and automating control.\nOffering more flexible and fine-grained network configuration options.\n\nThese benefits all help boost IT productivity and lower administrative costs, which is a big reason why virtual networking is here to stay.\nLearn more about virtual networks:\n\nVirtual networks need a rethink to meet hybrid-, multi-cloud demands\nCloud providers should unify virtual networking and SD-WAN\nWhat are virtual routers and how can they lead to virtual data centers?