What we usually think of computer networks involves various cables (Ethernet, fiber optic, coax) connected to devices like routers and switches that direct the packets of data where they need to go.
The rise of Wi-Fi and cellular data networks has replaced some of those wires with wireless signals, but even radio waves belong to the physical realm, connecting back to cell phone towers or Wi-Fi access points.
In the seven-layer OSI network reference model, all of this network equipment, processing, and communication occupy the lowest three layers: Level 3 (network), Level 2 (data link), and Level 1 (physical layer).
In a virtual network, all these activities take place in software.Passerelle informatique périphérique
A virtual network may exist entirely within a single physical computer (server). Alternatively, they may form an abstraction layer running on a physical network, whose configuration and topology may be significantly different from that of the virtual network.
Building a virtual network is a complex task, but the benefits are huge: Networks can be reconfigured simply by changing files, rather than through laborious manual labor that may involve crawling ductwork.
How does a virtual network work?
To understand how virtual networking works, let’s start with a related and more familiar concept: virtual machines. Most of us are familiar with virtual machines, which make it possible to run multiple application instances on a single physical machine.
These virtual machines don’t really “know” that they are virtual; all system calls and other communications they would normally have with the underlying hardware are intercepted by a layer of software called a hypervisor. A hypervisor handles requests from multiple VMs running on the same computer to make the most efficient use of underlying hardware resources.
The VM can even translate instructions across hardware platforms, so, for example, a VM can run on an x86 machine even though it was designed for an ARM processor. The hypervisor can return the results that the VM expects to receive from the hardware.
Virtual networks are based on the same principles. The software is configured to simulate a network with the specific terrain required by the administrator. As is the case with virtual machines, virtual networks are able to work their magic because the operating systems and applications they communicate with do not know (or care) whether they are talking to a real switch or a virtual switch (vSwitch).
They simply send packets marked with some network routing information in their headers and expect to receive similar packets in return. Because this communication is standardized, it’s easy to build software that can emulate the behavior of a physical network card, switch, or router, and indeed tools like Open vSwitch can run on a hypervisor or act as a control stack for physical network hardware.
Once the hypervisor has these packets, it must figure out how to route them to their destination, just like physical network hardware. The difference is that the hypervisor must convert information about the software-defined virtual network (the network our computer “thinks” it is attached to) into information about the actual underlying physical environment.
A computer may think it is sending packets to another computer on the same LAN, but in fact the two computers may be in different countries, or may be two virtual machines running on the same server.
Hypervisors typically solve this problem by encapsulating the packet in another packet with different routing information in its header, and then handing that packet off to the physical network infrastructure. Once that packet reaches its destination, the outer packet is stripped off; the system receiving the packet will see it as arriving via the virtual network, rather than the actual physical network it traversed.
It goes without saying that implementing a virtual network requires considerable work and ingenuity. Why go through the trouble? An illustration of the different types of virtual networks will provide a sense of real-life scenarios in which they are useful.
Type of virtual network
An important distinction is between internal and external virtual networks. Internal virtual networks are used to connect multiple VMs running on the same server. In this case, the hypervisor does not need to encapsulate network packets and send them over the real network; it just determines which VM they are intended for, and delivers them.
It may seem strange to use a protocol developed for computer-to-computer communication as a means of communicating between two processes running on the same physical hardware. But remember, one of the benefits of virtualization is that you can run multiple out-of-the-box operating systems as completely separate and independent processes on the same server.
The use of standard network packets and protocols for this purpose and their associated security infrastructure means these VMs can run and communicate with each other without modification.
External virtual networks, on the other hand, involve separate physical computers (or a mix of VMs and physical machines). In this scenario, computers are connected through traditional physical network devices (including connections over the open Internet), but the network administrator creates a virtual network topology that is different from the underlying physical topology.
There are three types of virtual networks, which can be internal or external:
A virtual private network (VPN) is the simplest form of virtual network. The most common scenario involves a computer connected to a local corporate network through the open Internet. From the perspective of that computer and the other computers it interacts with, once the VPN is established, the computer is part of the LAN, even though it is remote.
A virtual LAN (VLAN) is more complex: it consists of an entire local area network that is virtually defined. VLANs can be created by dividing a single physical LAN into multiple VLANs or by combining physically independent LANs into a single VLAN.
Virtual Extensible LAN (VXLAN) is an enhanced version of VLAN that allows large LANs to be subdivided into more separate VLANs and also makes it easier to migrate virtual machines without disrupting service, both of which are cloud Infrastructure is key.
Advantages and Benefits of Virtual Networks
Virtual networking is absolutely necessary when running multiple VMs on the same hardware, which is a common scenario in cloud computing. At the same time, creating VLANs and VXLANs on top of existing physical networks allows administrators to quickly restructure the network to meet their needs – often automatically in the age of infrastructure as code. This would be difficult or impossible to do by manually rebuilding the physical network.
The advantages of virtual networks include:
Reduce the cost and maintenance of physical network hardware.
Simplify network management with centralized and automated control.
Provides more flexible and fine-grained network configuration options.
These benefits help improve IT productivity and reduce management costs, which is an important reason for the continuation of virtual networks.
Learn more about virtual networks: