Problem Statement: Overlays for Network Virtualization (RFC7364)

Data centers are increasingly being consolidated and outsourced in an effort to improve the deployment time of applications and reduce operational costs. This coincides with an increasing demand for compute, storage, and network resources from applications. In order to scale compute, storage, and network resources, physical resources are being abstracted from their logical representation, in what is referred to as server, storage, and network virtualization. Virtualization can be implemented in various layers of computer systems or networks.

Internet Engineering Task Force (IETF)                    T. Narten, Ed. Request for Comments: 7364                                           IBM Category: Informational                                     E. Gray, Ed. ISSN: 2070-1721                                                 Ericsson                                                                 D. Black                                                                      EMC                                                                  L. Fang                                                                Microsoft                                                               L. Kreeger                                                                    Cisco                                                             M. Napierala                                                                     AT&T                                                             October 2014

          Problem Statement: Overlays for Network Virtualization


   This document describes issues associated with providing multi-

   tenancy in large data center networks and how these issues may be

   addressed using an overlay-based network virtualization approach.  A

   key multi-tenancy requirement is traffic isolation so that one

   tenant's traffic is not visible to any other tenant.  Another

   requirement is address space isolation so that different tenants can

   use the same address space within different virtual networks.

   Traffic and address space isolation is achieved by assigning one or

   more virtual networks to each tenant, where traffic within a virtual

   network can only cross into another virtual network in a controlled

   fashion (e.g., via a configured router and/or a security gateway).

   Additional functionality is required to provision virtual networks,

   associating a virtual machine's network interface(s) with the

   appropriate virtual network and maintaining that association as the

   virtual machine is activated, migrated, and/or deactivated.  Use of

   an overlay-based approach enables scalable deployment on large

   network infrastructures.

Narten, et al.                Informational       ...