Virtual Machine On-board Switching in an Ethernet Network

Technology #33469

Questions about this technology? Ask a Technology Manager

Download Printable PDF

Image Gallery
High level architecture of single computer inter-VM frame paths: a) Virtual Switch; b & c) Physical Switch; and d) The proposed nSwitch
Researchers
Changchun Zou, Ph.D.
Jim Bardgett
Managed By
Raju Nagaiah
Licensing Associate 407.882.0593

Faster, More Secure Communication Between Virtual Machines

UCF researchers have fundamentally changed Network Interface Cards (NIC) for Ethernet Virtual Machines (VM), allowing them to perform on-board switching between shared resources, systems, and services. Virtual machine on-board switching, nSwitching, eliminates external software in Ethernet switching for faster and more secure communication between virtual machines in a network. The nSwitch technique fills the need for virtualized, low power, mobile network nodes to reduce their power and channel utilization. Direct switching allows network administrators to modify security parameters applied to Ethernet frames passing between virtual machines without exiting the server or using an external software process in the virtual machine monitor (hypervisor), slowing the switching process. The nSwitching eliminates any load created on the CPU, diminishes power consumption, and reduces precious wireless channel bandwidth.

Technical Details

With advances in computer processor capability, large processing operations run in parallel within the computing hardware, performed by a computing construct known as a virtual machine (VM). In processing collaboratively, the cluster of VMs must communicate large amounts of information between one another. Both methods for routing information slow down inter-VM communication as well as network traffic by unnecessarily utilizing network bandwidth. They also have security concerns with external software and hardware included in the data path.

Compared with software-based switching in the hypervisor, nSwitch reduces processor utilization and permits efficient traffic monitoring for on-board inter-VM input/output (I/O). It also eliminates the back-and-forth usage of external ports and channel bandwidth for internal VM communications. By switching at the network card level, inter-VM communication on the same physical hardware is much faster. The freeing-up of bandwidth between the NIC and server switch for inter-VM traffic in the server, leads to faster switching and ease in traffic management, providing benefit for both network administrators and system users. Since nSwitch is implemented on the swappable NIC, a costly change in server processing hardware is not necessary to implement nSwitch technology. A host of other packet operations can be included in the nSwitch firmware, including providing Quality of Service bits, application of security-based rule-sets, deep packet inspection, interception, and dropping or blocking of unwanted communications. nSwitch is shown to be able to reduce CPU utilization over the vSwitch and decrease latency. Comparing with 802.1Qbh or Qbg, inter-VM transmission speed will not be limited by the Ethernet port speed.

Benefits

  • Elimates load created on the CPU
  • Reduces power consumption
  • Does not require external software in Ethernet switching
  • Faster inter-VM communication on the same physical hardware

Applications

  • Virtural machines requiring inter-communications
  • Ethernet switching technology