The present invention relates to service appliances used in virtual networks, and more particularly, this invention relates to supporting high availability of service appliances used for service chaining in software-defined networks (SDNs).
Network virtualization is implemented by many vendors using overlay technologies, such as Virtual Extensible Local Area Network (VXLAN), Network Virtualization using Generic Routing Encapsulation (NVGRE), etc., to form tunnels, where an identifier is used to indicate a virtual network for each tunneled packet. These technologies enable multiple virtual networks to be utilized over the same physical network. Usually, a virtual switch component in a host or a virtualization layer (e.g., a hypervisor) provides the virtual ports which may be used to associate virtual machines (VMs) to the various virtual networks.
Even though communication within a virtual network is a given, it is possible to allow or control communication across virtual networks. In physical networks, it is possible to use service appliances, such as those which implement firewalls, transcoding, load balancing, etc. Normally, the service appliances are inserted as a “bump in the wire” between the networks and/or services. These kind of service appliances (e.g., “waypoints”) are not currently supported in virtual networks. However, since network virtualization abstracts physical Layer-2/Layer-3 networks, the use of physical appliances in a virtual network becomes a serious challenge. A bump in the wire insertion of one or more service appliances is not possible in virtual networks, as multiple virtual networks may share the same physical infrastructure and service appliances may not be able to distinguish between packets belonging to one specific virtual network from all the others.
There are some mechanisms available to allow for the insertion of service appliances in overlay networks defined by a SDN. Once the service appliances are inserted into the overlay network, the management and control plane configure the data forwarding layers so that data frames in the overlay network follow the path defined by the overlay network administrator, e.g., the SDN controller. However, there is currently no solution which allows for a service appliance to be inserted into an overlay network without requiring the service appliance to engage in some control plane activity with other components.
Furthermore, these service appliances may be needed to operate in a high availability mode where multiple service appliances provide the same functionality or service and the SDN administrator is allowed to choose how data flows through the set of similar service appliances. Typical high availability modes that may be employed in other applications include active/active or active/standby designations for devices performing the same functionality. However, there is currently no known method which allows for such configurations in service appliances used in service chaining.