| Network Working Group | H.O. Okita |
| Internet-Draft | M.Y. Yoshizawa |
| Intended status: Informational | Hitachi, Ltd. |
| Expires: September 15, 2011 | March 14, 2011 |
Virtual Network Management Information Model
draft-okita-ops-vnetmodel-04
Virtual switches on server virtualization platforms cause a problem in managing data center networks containing several hundred switches. Accordingly, a management information model for the network structure of data center networks containing virtual switches is proposed. The proposed model consists of a physical layer (which represents connections between physical switches) and a virtual layer (which represents connections between virtual switches). These layers also represent the association of the virtual switch with the corresponding physical switch. This document also provides an example of the XML-based data model that is implemented according to the proposed information model.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 15, 2011.
Copyright (c) 2011 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
In data center networks, a virtual switch on a server virtualization platform works as a virtual network element [VEB] [EVB-PAR] [PE-PAR] . The virtual switch connects multiple virtual machines on the same server virtualization platform and connects these virtual machines to external physical switches.
Virtual switches, however, cause a problem in managing data center networks because, mainly, a virtual switch and a physical switch require different management systems. Operators of data center networks therefore have to use multiple management systems for managing the whole data center network.
To avoid this management difficulty, an integrated network management system (NMS) is effective. The integrated NMS collects and stores virtual-network management information that describes network structure of a managed target network. It then displays or transmits this management information as a response to a request from operators or other NMSs.
The purpose of this document is to provide a management information model that represents the network structure of a data center containing virtual switches. Section 2 describes the model requirements, Section 3 describes the relationships to the existing MIBs, Section 4 defines the model, and Section 5 evaluates the model.
Virtual switches cause a difficulty in managing data center networks. They expand the data center network into the server virtualization platforms. Therefore, to manage the whole network structure of data center networks, network operators have to manage virtual switches in addition to physical switches.
To manage these virtual and physical switches, operators have to use multiple management interfaces. Specifically, to manage virtual switches, they have to use a specific management system for the server virtualization platform that the target virtual switches are created on. Moreover, to manage physical switches, they use a network management system. Figure 1 shows an architectural overview of a conventional data center network management system.
+-----------+
|User Client|
+-----------+
|
V
+-----------+ +---------+
|User Client| |Other NMS|
+-----------+ +---------+
| | | |
| +-------------+ |
| +------------+ | |
V V V V
+--------------+ +-----------------+
|Server | |Traditional |
|Virtualization| |Network |
|Management | |Management |
|System | |System (NMS) |
+--------------+ +-----------------+
| | |
V V V
+--------------+ +-------+ +-------+
|Server | |Network| |Network|
|Virtualization| |Switch | |Switch |
|Platform | +-------+ +-------+
|+--+ +-------+|
||VM| |Virtual||
|+--+ |Switch ||
| +-------+|
+--------------+
This conventional management architecture causes the following two problems which increase the operation time taken by operators of the data center networks and thus increase operational costs.
To solve these problems and save the operation time for data center networks, the following two requirements must be met.
A system architecture that effectively satisfies the above-described requirements is proposed in the following.
An integrated network management system (NMS) effectively reduces the network operation time needed for managing virtual switches and physical switches. It is referred to as a VNMS (Virtual Network Management System.) It integrates multiple existing management interfaces into a single interface. Operators can thus reduce their operation time.
The VNMS manages device connectivity in the managed target network. To perform this task, it stores network management information about configured virtual networks in the target network.
Figure 2 shows an overview of the system architecture of the target system. The virtual-network management information about the VNMS is based on the proposed model .
+-----------+ +-----------+
|User Client| |User Client|
+-----------+ +-----------+
| |
V V
+-----------+ +---------------+ +---------------+
|User Client| |Traditional NMS| |Traditional NMS|
+-----------+ +---------------+ +---------------+
| | |
= NMI = NMI =NMI
| | +------------+
+----------------------------------+
|Virtual Network Management System |
| +-----------------------------+ |
| |Virtual Network | |
| |Management Information | |
| |(based on the proposed model)| |
| +-----------------------------+ |
+----------------------------------+
| | |
= DMI = DMI = DMI
| | |
+--------------+ +-------+ +-------+
|Server | |Network| |Network|
|Virtualization| |Switch | |Switch |
|Platform | +-------+ +-------+
|+--+ +-------+|
||VM| |Virtual||
|+--+ |Switch ||
| +-------+|
+--------------+
The following three types of elements exist around this VNMS.
The user client or network application uses management information about device connections in the managed network. The network switches are virtualized as multiple virtual switches. Moreover, the server virtualization platforms are virtualized as multiple virtual machines and internal virtual switches. A set of virtual switches and virtual machines forms a virtual system for a user.
Among the elements described above, we define the following two management interfaces.
The network management interface (NMI) is set between the network application and the VNMS. This interface is used by the VNMS to transport virtual-network management information to network applications in response to their request.
Datamodels provide the definition and format of the virtual-network management information transported on the NMI. The definition describes an encoding scheme and an underlying transport protocol. The VNMS may use, for example, SNMP (Simple Network Management Protocol) and MIB (Management Information Base) specified in the Internet-standard management framework [RFC3410] or an XML-based management framework [RFC3535] as the datamodel.
The device-management interface (DMI) is set between the VNMS and network devices, which include the server virtualization platforms and network switches. The DMI is used by the VNMS to query management information about a target device. This interface is device specific and not standardized by this document.
This document focuses on an information model for the virtual-network management information described in the previous section. The requirements for the information model are listed below. These requirements arise from the two problems stated above.
A lot of RFCs about MIBs have been published from the IETF. These existing MIBs provide each information models implicitly. For avoiding inventing the wheel, we researched relationships between the requirements for the virtual network management information model and existing MIBs.
Protocols for network topology discovery like Link Layer Discovery Protocol (LLDP) use some of MIB modules. These MIB modules are used to describe link state information in the managed network. For example, the LLDP-MIB [IEEE.802-1AB.2005] standardized as IEEE Standard 802.1AB supports this function.
The LLDP-MIB can be used to describe a connection between neighboring layer-2 MAC bridges. In the LLDP-MIB, there is an lldpRemTable which contains one or more rows per physical network connection. The row contains a chassis ID, a port ID, a port description, and system information for each neighboring layer-2 MAC bridge.
As described above, the LLDP-MIB can be used to describe the connection information between physical entities like physical switches. However, the LLDP-MIB cannot be used to describe the connection information between logical entities. Thus, it cannot be used to describe the connection information between a virtual switch and a virtual machine on the same physical server. Moreover, it cannot be used to describe the connection information between a virtual switch and an external physical switch.
As the result, the LLDP-MIB does not satisfy the first requirement in section 2.3 for the virtual network management information model.
The ENTITY-MIB [RFC2737] was published by the IETF entmib WG. It can be used to represent a single SNMP agent which supports multiple instances of one MIB. For example, a single physical switch having a single SNMP agent can support multiple instances of a bridge with the ENTITY-MIB.
The ENTITY-MIB can be used to describe following two types of information.
One is mapping information between logical entities and physical entities on one network element. The information can be represented by the entLPMappingTable and the entAliasMappingTable in the entityMapping group. For example, these tables support logical entities which contain OSPF instances and 802.1d bridges. Moreover, these tables support physical entities which contain bridge ports, backplanes and chassis.
Another is information about hierarchy relationship among physical entities. The information can be represented by the entPhysicalContainsTable in the entityMapping group. The entPhysicalContainsTable contains simple mapping information between 'container' entity and 'containee' entity. For example, a chassis is a 'container' entity. Its bridge ports and its backplane are 'containee' entities.
As described above, the ENTITY-MIB can be used to describe the mapping information between logical entities and physical entities. Therefore, the ENTITY-MIB satisfies the second requirement in section 2.3 for the virtual network management information model.
However, the ENTITY-MIB cannot be used to describe the connection information between logical entities. For example, it is impossible to describe connection information between virtual switches with the ENTITY-MIB.
As the result, the ENTITY-MIB does not satisfy the first requirement in section 2.3 for the virtual network management information model.
This section defines the proposed virtual-network management information model, which is an object-oriented information model. The model can satisfy both of the requirements included in section 2.3. The model is an abstract-information model independent from encoding schemes and management protocols. The model is written in Unified Modeling Language (UML) [UML] .
The proposed model starts with a TargetedNetwork object. This object represents the overall network. In the network, two types of network exist: a physical network and a virtual network. In the proposed model, a PhysicalNetwork object represents a physical network, and a VirtualNetwork object represents a virtual network. To represent this structure, the TargetedNetwork object has one or multiple references to PhysicalNetwork objects and VirtualNetwork objects.
Furthermore, the PhysicalNetwork object and the VirtualNetwork have a reference between them. Since a physical network can create multiple virtual networks, the PhysicalNetwork object can have multiple references to corresponding VirtualNetwork objects. On the contrary, the VirtualNetwork object has only one reference to the PhysicalNetwork object, since the virtual network is created on the specific physical network.
Figure 3 shows a class diagram of the proposed virtual-network management information model containing the TargetedNetwork object, PhysicalNetwork objects, and VirtualNetwork objects.
+---------------+
|TargetedNetwork|
+---------------+
<> <>
|1 |1 +---------------+
| +--------|VirtualNetwork |------Virtual network related objects
| 0..* +---------------+ (Figure.5)
| |0...n
| |
| |1
| <>
| +---------------+
+------------|PhysicalNetwork|------Physical network related objects
0..* +---------------+ (Figure.4)
To represent the structure of a physical network, the proposed model defines the following six types of managed objects under the TargetedNetwork object.
Figure 4 shows an abstract class diagram of the objects related to the physical network.
+---------------+
|TargetedNetwork|
+---------------+
<>
|1 0..* +---------------+
+------------------|PhysicalNetwork|
+---------------+
<>
+-----------------+ |1
|PhysicalNodeGroup| |
+-----------------+ |
<> |
0..1 | |
+---------------+ |
0..* | |0..*
+------------+1 +--------------+
|PhysicalNode|------|Configurations|
+------------+ 0..1+--------------+
<>
+----------------------+ |1
|PhysicalInterfaceGroup| |
+----------------------+ |
<> |
0..1 | |
+-------------+ |
0..* | |0..*
+---------+ +--------+
|Physical |-------<>|Physical|
|Interface|2 0..1 |Link |
+---------+ +--------+
To represent the structure of a virtual network, the proposed model defines the following five types of managed objects under the TargetedNetwork object.
The relationship between the VirtualNetwork, the VirtualNode, the VirtualInterface, and this VirtualLink object is almost the same as the relationship between the PhysicalNetwork, the PhysicalNode, the PhysicalInterface, and the PhysicalLink object.
Figure 5 shows an abstract class diagram of the objects related to the virtual network.
+---------------+
|TargetedNetwork|
+---------------+
<>
|1 0..* +--------------+
+-------------------|VirtualNetwork|
+--------------+
<>
+----------------+ |1
|VirtualNodeGroup| |
+----------------+ |
1..* | <> |
| |1 |
| +----------+ |
| 1..* | |0..*
| +-----------+
| |VirtualNode|
| +-----------+
| <>
| |1
| |
| |0..*
| +---------+ +-------+
| |Virtual |-------<>|Virtual|
1| |Interface|2 0..1 |Link |
<> +---------+ +-------+
+------------+
|PhysicalNode|
+------------+
All objects except the TargetedNetwork object must contain each "id" object which stores an identifier (ID). The ID must be unique within the group formed by the same type of objects associated with the same parent object as following.
This section shows an example data model that is created according to the proposed information model described above. This example data model is intended to help readers check the feasibility of the proposed information model. Thus, this section will be removed when the proposed information model is fixed.
This example data model is defined as an XML-based data model. Therefore, it is represented as an XML tree, which has an "targetedNetwork" element as its top node. In this XML tree, each class in the proposed information model is mapped to an XML element and located hierarchically.
Because of the difference between UML and XML, several new objects exist in the example XML data model. For example, a "physicalLinks" element appeared under a "physicalNetwork" element in order to aggregate multiple "physicalLink" elements. To represent the reference to one of these "physicalLink" elements, a String-type "linkId" element appears in a "physicalInterface" element.
The XML below shows the definition of the example data model written in W3C XML Schema.
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema targetNamespace="http://www.hitachi.com/vnetmodel-0.1"
elementFormDefault="qualified"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:vnm="http://www.hitachi.com/vnetmodel-0.1">
<xs:element name="targetedNetwork"
type="vnm:targetedNetworkType"></xs:element>
<xs:complexType name="targetedNetworkType">
<xs:sequence>
<xs:element name="physicalNetwork"
type="vnm:physicalNetworkType"
maxOccurs="unbounded" minOccurs="0">
</xs:element>
<xs:element name="virtualNetwork"
type="vnm:virtualNetworkType"
maxOccurs="unbounded" minOccurs="0">
</xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:string"></xs:attribute>
</xs:complexType>
<xs:complexType name="physicalNetworkType">
<xs:sequence>
<xs:element name="physicalNodeGroup"
type="vnm:physicalNodeGroupType"
maxOccurs="unbounded" minOccurs="0">
</xs:element>
<xs:element name="physicalNode" type="vnm:physicalNodeType"
maxOccurs="unbounded" minOccurs="0">
</xs:element>
<xs:element name="physicalLinks" type="vnm:physicalLinksType"
maxOccurs="1" minOccurs="0">
</xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:string"></xs:attribute>
</xs:complexType>
<xs:complexType name="physicalNodeGroupType">
<xs:sequence>
<xs:element name="physicalNode" type="vnm:physicalNodeType"
maxOccurs="unbounded" minOccurs="0"></xs:element>
<xs:element name="physicalNodeGroup"
type="vnm:physicalNodeGroupType"
maxOccurs="unbounded" minOccurs="0">
</xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:string"></xs:attribute>
<xs:attribute name="type" type="xs:string"></xs:attribute>
</xs:complexType>
<xs:complexType name="physicalNodeType">
<xs:sequence>
<xs:element name="physicalInterface"
type="vnm:physicalInterfaceType"
maxOccurs="unbounded" minOccurs="0">
</xs:element>
<xs:element name="physicalInterfaceGroup"
type="vnm:physicalInterfaceGroupType"
maxOccurs="unbounded" minOccurs="0">
</xs:element>
<xs:element name="configurations" type="xs:anyType"
maxOccurs="1" minOccurs="0">
</xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:string"></xs:attribute>
<xs:attribute name="type" type="xs:string"></xs:attribute>
</xs:complexType>
<xs:complexType name="physicalLinksType">
<xs:sequence>
<xs:element name="physicalLink" type="vnm:physicalLinkType"
maxOccurs="unbounded" minOccurs="0"></xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="physicalInterfaceType">
<xs:sequence>
<xs:element name="linkId" type="xs:string"
maxOccurs="1" minOccurs="0"></xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:string"></xs:attribute>
<xs:attribute name="type" type="xs:string"></xs:attribute>
</xs:complexType>
<xs:complexType name="physicalInterfaceGroupType">
<xs:sequence>
<xs:element name="physicalInterfaceId" type="xs:string"
maxOccurs="unbounded" minOccurs="1">
</xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:string"></xs:attribute>
<xs:attribute name="type" type="xs:string"></xs:attribute>
</xs:complexType>
<xs:complexType name="physicalLinkType">
<xs:sequence>
<xs:element name="physicalInterface" type="xs:string"
maxOccurs="2" minOccurs="2"></xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:string"></xs:attribute>
<xs:attribute name="type" type="xs:string"></xs:attribute>
</xs:complexType>
<xs:complexType name="virtualNetworkType">
<xs:sequence>
<xs:element name="virtualNode" type="vnm:virtualNodeType"
maxOccurs="unbounded" minOccurs="0">
</xs:element>
<xs:element name="virtualNodeGroup"
type="vnm:virtualNodeGroupType"
maxOccurs="unbounded" minOccurs="0">
</xs:element>
<xs:element name="virtualLinks" type="vnm:virtualLinksType"
maxOccurs="1" minOccurs="0"></xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:string"></xs:attribute>
</xs:complexType>
<xs:complexType name="virtualNodeGroupType">
<xs:sequence>
<xs:element name="virtualNodeId" type="xs:string"
maxOccurs="unbounded" minOccurs="1">
</xs:element>
<xs:element name="physicalNodeId" type="xs:string"
maxOccurs="1" minOccurs="1">
</xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:string"></xs:attribute>
<xs:attribute name="type" type="xs:string"></xs:attribute>
</xs:complexType>
<xs:complexType name="virtualLinksType">
<xs:sequence>
<xs:element name="virtualLink" type="vnm:virtualLinkType"
maxOccurs="unbounded" minOccurs="1"></xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="virtualNodeType">
<xs:sequence>
<xs:element name="virtualInterface"
type="vnm:virtualInterfaceType"
maxOccurs="unbounded" minOccurs="0">
</xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:string"></xs:attribute>
<xs:attribute name="type" type="xs:string"></xs:attribute>
</xs:complexType>
<xs:complexType name="virtualLinkType">
<xs:attribute name="id" type="xs:string"></xs:attribute>
</xs:complexType>
<xs:complexType name="virtualInterfaceType">
<xs:sequence>
<xs:element name="linkId" type="xs:string"
maxOccurs="1" minOccurs="0"></xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:string"></xs:attribute>
<xs:attribute name="type" type="xs:string"></xs:attribute>
</xs:complexType>
<xs:element name="NewElement" type="xs:string"></xs:element>
</xs:schema>
This document proposes a management information model for a virtual network in a data center network. This information model can represent the network structure of a virtual network composed of virtual switches and physical switches. It can also represent the mapping between the virtual switch and the physical switch.
The network management system, which manages virtual-network management information according to the proposed information model, reduced VLAN configuration time by 35%. This result demonstrates that the virtual-network management information model is effective in reducing the management time of a data center network containing virtual switches.
The proposed management information model does not contain implementation specifications. Therefore, to implement the information model, developers have to select an encoding scheme and a management protocol for transporting management information data. For example, developers can use SNMP and MIB specified in the Internet-standard management framework [RFC3410] or an XML [W3C.REC-xml] -based management framework [RFC3535]
The virtual-network management information as defined in this document provides administrative information about a data center network. This information could be used to aid an attack on the network.
It is assumed that accesses to the data defined in this document are subject to appropriate access control in the network management system.
The document does not request any IANA action, since the proposed model is an abstract information model. However, a concrete data model based on this information model should request IANA actions if necessary.
| [IEEE.802-1AB.2005] | , , "Local Area Networks and Metropolitan Area Networks: Station and Media Access Control Connectivity Discovery", IEEE Standard 802.1AB, May 2005. |
| [RFC2737] | McCloghrie, K. and A. Bierman, "Entity MIB (Version 2)", RFC 2737, December 1999. |
| [UML] | OMG, , "Unified Modeling Language", September 2002. |
| [RFC3410] | Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Management Framework", RFC 3410, December 2002. |
| [RFC3535] | Schoenwaelder, J., "Overview of the 2002 IAB Network Management Workshop", RFC 3535, May 2003. |
| [W3C.REC-xml] | Bray, T., Paoli, J., Sperberg-McQueen, C.M. and E. Maler, "Extensible Markup Language (XML) 1.0 (2nd ed)", W3C REC-xml, October 2000. |
| [VEB] | Ganga, I.G., "Virtual Ethernet Bridging in Server end stations", September 2008. |
| [EVB-PAR] | Congdon, P.C., "Edge Virtual Bridging Draft PAR", September 2009. |
| [PE-PAR] | Pelissier, J.P., "Port Extension Draft PAR Proposal", September 2009. |