Generally described, computing devices utilize a communication network, or a series of communication networks, to exchange data. Companies and organizations operate computer networks that interconnect a number of computing devices to support operations or provide services to third parties. The computing systems can be located in a single geographic location or located in multiple, distinct geographic locations (e.g., interconnected via private or public communication networks). Specifically, data centers or data processing centers, herein generally referred to as a “data center,” may include a number of interconnected computing systems to provide computing resources to users of the data center. The data centers may be private data centers operated on behalf of an organization or public data centers operated on behalf, or for the benefit of, the general public.
To facilitate increased utilization of data center resources, virtualization technologies may allow a single physical computing device to host one or more instances of virtual machines that appear and operate as independent computing devices to users of a data center. With virtualization, the single physical computing device can create, maintain, delete, or otherwise manage virtual machines in a dynamic matter. In turn, users can request computer resources from a data center, including single computing devices or a configuration of networked computing devices, and be provided with varying numbers of virtual machine resources.
Generally, the physical networks include a number of hardware devices that receive packets from a source network component and forward the packet to a recipient network component. The packet routing hardware devices are typically referred to as routers. With the advent of virtualization technologies, networks and routing for those networks can now be simulated using commodity hardware rather than actual routers. As the scale and scope of data centers has increased, provisioning and managing the physical and virtual computing resources of a data center has become increasingly complicated. Specifically, in one aspect, a third party data center provider may host a number of virtual machine instances on a single physical computing device in which at least some of the virtual machine instances are associated with different third party users, or customers. As such, it may be possible that some virtual machine instances may expose other, non-associated virtual machine instances to disruptive, prohibited, or otherwise non-approved actions/behavior. Accordingly, the data center provider/operator may wish to isolate some virtual machines instances and perhaps limit the exposure of non-associated virtual machine instances to the non-approved actions/behavior.