News

Cisco, NEC and Other Microsoft Partners Tap Hyper-V's 'Virtual Switch'

• By Kurt Mackie
• September 21, 2011

Microsoft spent some time at last week's Build conference to spotlight how five of its major partners -- Cisco, NEC, 5nine, Broadcom and inMon -- are already using the extensible virtual switch in Hyper-V 3.0 for Windows Server 8.

The Hyper-V 3.0 virtual switch essentially allows for network traffic to be managed in a more granular way between virtual machines (VMs), making the management experience for IT professionals more like standard network monitoring. Microsoft's partners can leverage the extensibility of Hyper-V 3.0's virtual switch -- extensibility that is made possible by "plug-ins" to the virtual switch -- to add functionality to their software products.

Microsoft touts its virtual switch as a solution to the management problems caused by increasing server virtualization, which has been a growing trend with server deployments. Increased virtualization can pose management problems further down the line. In devising its extensible virtual switch, Microsoft looked to create a public platform with open APIs, according to Bob Combs, a program manager on the Windows Core networking team, in a Build panel session called "Extending the Hyper-V Switch."

Microsoft based the APIs on its Windows Filtering Platform (WFP) and the Network Driver Interface Specification (NDIS). The filters used in partner extensions can be written using either API. Microsoft helps to ensure the quality of vendor extensions by providing certification tools.

Microsoft conceives of vendor-built extensions as "first-class citizens" in the virtual switch, so those extensions get other Microsoft Hyper-V 3.0 benefits, such as full "live migration" in which VMs can be moved from one physical server to the next. The configuration settings of the extensions will move with those VMs.

The past problem with server virtualization was that traffic from one VM to another VM was not visible outside the host machine. The solution back then was to put a firewall between the VMs to ensure security. However, doing so increased problems on the management side. With the introduction of the extensible virtual switch, Microsoft now has oversight into both ingress and egress traffic. Microsoft supports capture extensions that just allow IT pros to monitor, but not modify, the ingress and egress traffic between VMs. Microsoft's WFP technology can be used to add traffic management controls.

WFP is typically used in firewalls by other software vendors. WFP can be brought into the virtual switch and it can be used to change traffic across the switch, according to Luis Hernandez, a Microsoft senior software design engineer in the devices and networking team. Traffic can be blocked and WFP can also be used to restore fragmented traffic.

Cisco is using Microsoft's extensible virtual switch technology in its Nexus 1000V Series Switches and its Unified Computing System Virtual Machine Fabric Extender (VM-FEX) products. Nexus 1000V is a "distributed virtual switching platform that provides advanced networking features, integrated virtual services, and a consistent operational model across physical and virtual environments," according to Cisco's description. The UCS VM-FEX product provides an integrated way to manage physical and virtual networks via Hyper-V single-root I/O virtualization (SR-IOV). SR-IOV is a PCI-SIG specification that allows different operating systems to share PCI Express devices. Cisco claims that using Microsoft Hyper-V SR-IOV functionality supports a "near-bare-metal performance for virtual workloads."

Microsoft's virtual switch provides a network management tool that can be used to display network traffic trends. Underneath's Cisco's graphical user interface for the products is PowerShell, which can be used to apply network management policies to VMs via the virtual switch. Cisco's virtual networking solutions also use Microsoft's virtual switch technology to enable integration with Microsoft's System Center portfolio of management products.

NEC Corp. is leveraging Microsoft's extensible virtual switch technology for its OpenFlow network management solution for server virtualization. OpenFlow was introduced in March as a way of boosting the communication efficiency of virtualized servers with VMs. NEC describes OpenFlow as "a new generation networking technology that enables control of IT and networking by separating network control processes from switches to control servers and flexibly implementing them in software."

5nine, a provider of management solutions for virtualization infrastructure, described during the Build session how it has leveraged Microsoft's extensible virtual switch technology and WFP APIs to enable virtual firewalls with anti-virus protection. Last week, 5nine released a beta of its new 5nine Hyper-V Cloud Monitor product for real-time troubleshooting and monitoring of Hyper-V VMs and hosts, aimed at the small-to-medium business and enterprise markets. Konstantin Malkov, software CTO at 5nine, said during the Build session that it was previously an expensive prospect to deploy agents into multiple VMs, but the virtual switch now enables such security functionality at the host level. WFP also provides auditing capabilities, allowing IT pros to see open ports and what caused packets to be blocked.

Broadcom is using Microsoft's extensible virtual switch technology in its StrataXOS switch. Improvements in Broadcom's switch hardware can be reflected in the virtual switch via plug-ins, according to Eric Smiley, technical marketing engineer at Broadcom, during the Build session.

Microsoft's Hernandez noted during the Build session that Microsoft's virtual switch includes forwarding extensions technology, which can direct traffic on the switch at the ingress and egress points. However, he added that the forwarding extensions technology does not serve as a complete switch replacement.

inMon supports traffic monitoring in its sFlow Trend-Pro product by tapping into Microsoft's extensible virtual switch technology. Trend-Pro is designed to provide continuous monitoring across routers, servers and switches in the networks of small- and medium-size organizations.