1. Technical Field
This application relates to the field of computer networks, and more particularly to the field of routing data between computing resources in a computer network.
2. Description of Related Art
In a virtualization environment, hosts use virtual switches to join tenants in a network fabric local to a server. Uplink ports on the switch may be connected to other virtual fabrics or to a real LAN through the host's physical network card. Co-locating diverse tenants in a virtualization environment requires a significant degree of resource isolation. Tenants on one virtual machine should not be able to access CPU processes, stored data, or the network traffic of another. Virtualization products in the market address this issue by assuming either a) tenants largely belong to the same organization, and/or b) the number of unique tenants is a relatively small number. A solution to the isolation problem is to assign each organization a unique VLAN ID. This insures that traffic belonging to each unique tenant is sufficiently isolated. Virtual switches automatically tag traffic from a particular tenant, transparently providing data isolation from other tenants.
This approach becomes problematic in dense, heterogeneous tenant environments due to limitations in VLAN technology. A conventional VLAN domain can support a maximum of 4094 unique IDs. This may be insufficient for use in large-scale, utility virtualization deployments. In addition, VLAN IDs may be managed directly at each switch, making configuring a VLAN is a time-consuming task involving synchronizing switch configurations all over the network. In a utility virtualization environment, tenancies may be dynamically allocated, terminated and/or modified (increasing or decreasing capacity) according to business requirements of the tenants. This can make network management extremely difficult and costly proposition.
Accordingly, it is desirable to provide a mechanism that overcomes any limitations associated with providing unique VLAN IDs and, in addition, addresses network management issues created by having tenants in a heterogeneous environment dynamically modify their tenancy.