Virtual networking is the abstraction of network resources from the underlying physical network infrastructure. A virtual network is the logical representation of the physical hardware, such as the switches and routers, that makes up the infrastructure.
Virtual networks reside on an abstraction layer, each with its own workloads and security. While the virtual networks are isolated from each other, they can broadcast messages to each other via the virtual overlay network without the messages having to pass through the underlying physical devices.
Virtual networking uses the power of software to abstract network services from the underlying infrastructure and then connect network components in an overlay. Each network node is abstracted into a virtual entity. This abstraction enables network administrators to make configuration changes virtually without touching the physical devices.
With virtual networking, the physical networking -- which comprises routers, switches and other devices -- does not change. Instead, an overlay provides a virtual path or tunnel between devices and through networks. This overlay enables a programmatic approach to networking that eliminates a tremendous amount of infrastructure and redundancy.
For instance, if an organization wanted to segment sales data and keep it from intermingling with manufacturing data, it would need two separate physical networks. But, with virtual networking, definitions for sales and manufacturing could be created on the same physical network, and data in motion can be kept separate.
A network's hardware devices usually define the three common types of virtual networks.
A virtual private network (VPN) uses the internet as a transport, connecting two networks or connecting remote clients to central networks. VPNs create a secure, encrypted tunnel between two endpoints, ensuring privacy by obscuring traffic. Through a VPN, all network services on either side of the connection are presented as local services, but in between, they are hidden.
A virtual local area network (VLAN) enables the segmentation of devices or endpoints within a network, delivering better security and management through virtual segmenting of traffic. VLANs tag network traffic at Layer 2, encapsulating the packets so the traffic only moves between the VLAN-tagged ports and devices. Up to 4,000 VLAN segments can be supported on a network.
A Virtual Extensible LAN (VXLAN) can create the same type of virtual network as a VLAN, but it takes the VLAN concept further by encapsulating the media access control address in User Datagram Protocol.
Where a VLAN is defined over switchports, a VXLAN creates virtual endpoints within switches or other Layer 3 devices. This enables a VXLAN to provide Layer 2 functionality while existing at Layer 3, the Internet Protocol (IP) address layer. VXLANs deliver greater flexibility than VLANs and can scale up to 16 million VXLAN segments per network.
These three examples of standardized network virtualization are all deployed on top of network infrastructure, such as routers, switches and cabling.
But another class of network virtualization is a bit more proprietary and happens deep inside a hypervisor that is running virtual machines (VMs). The hypervisor can create its own virtual network, either an internal virtual network that enables communication only to those VMs local to the hypervisor or an external virtual network that enables communication beyond the hypervisor to the rest of the network.
Virtual networks provide key benefits to networking, including the following:
Despite the benefits of virtual networks, they also have some potential challenges, including the following:
Some examples of virtual networking include the following:
31 May 2022