VMware users say the company's plans to create a virtual firewall with routing capabilities could be appealing down the road, but today they have other, more pressing needs. What users really want now are enhancements and competition for the Nexus 1000V, Cisco Systems' proprietary -- and costly -- implementation of VMware's vNetwork Distributed Switch (vDS).
Like the VMware vDS for vSphere, the Cisco Nexus 1000V maps virtual workloads to physical ports in the network infrastructure from a Cisco interface. But it does so at a cost, said Jeff Papen, the founder of Peak Web Consulting.
"Eventually, it all comes back to physical hardware, somewhere," Papen said. "If I know the MAC address of the server and the VLANs I need to assign to the virtual machines, auto-tag those VLANs to all of the switches and which port it's attached to -- but don't try to put a sexy name on it and charge me double."
Eric Siebert, a senior systems administrator at Boston Market Corp., manages about half a dozen hosts, but uses a VMware Enterprise Plus license because of its advanced features, as well as Cisco's Nexus 1000V. Siebert shares Papen's frustration about the cost, which he hopes to see alleviated by more competitors in the virtual switch space. Specifically, Siebert, a Hewlett-Packard Co. user for blade servers and storage, said he wants to see an HP competitor to Nexus 1000V. "I'm surprised we haven't seen any other vSwitches besides VMware's and Cisco's," he said. "Not everyone is a fan of Cisco, and having an alternative would be a good thing."
Despite the hopes of users like Siebert, some in the market doubt that HP can develop its own vSwitch with its current portfolio of networking IP; others see HP moving in a different direction, either by cozying up further to Microsoft rather than VMware in its virtual networking efforts, or attempting to forge a new standard for virtualization-aware networking at the physical layer.
HP declined to comment on the possibility of a VMware vDS implementation by press time.
Network virtualization angst
Users are also wary of new abstraction in the network without more basic mprovements in visibility.
"Everyone is hot to trot when it comes to ease of deployment [with things like vShield], but it's also adding another layer of abstraction," Papen said. "What happens when you need to troubleshoot and find problems? Another virtual layer makes troubleshooting more difficult, unless they provide as many tools for improved transparency as they do for increased abstraction."
Networking vendors are also battling in the standards bodies, adding to the uncertainty. Take, for example, the Transparent Interconnection of Lots of Links (TRILL) standard from the Internet Engineering Task Force (IETF), currently backed by Cisco. The point of TRILL is to create large "flat" networks to support virtualization, but Papen said this could also cause problems in high-end network environments. "Everyone's not running Exchange or NFS [Network File System], and all VLANs are not created equal," he said. "If you're not aware of what apps are in play -- Hadoop as an example is a bandwidth hog -- and how they're deployed across your network, be prepared to reap the whirlwind."
Then there's the separate but related intrigue currently playing out in the IEEE standards body. Under an IEEE Edge Virtual Bridging (EVB) project, two proposals are being considered: 802.1qbg, supporting VEPA (Virtual Ethernet Port Aggregation) and 802.1qbh, supporting Cisco's VN-Tag.
Sources close to the IEEE process say a vendor coalition led by HP -- which also includes IBM, Brocade and Juniper Networks -- are backing the VEPA standard, while Cisco forges ahead with its own proposal. "HP tried to kill VN-Tag as an EVB option, but Cisco prevailed to make it a second proposal -- two committees, [with] most of the same attendees at both," wrote the source in an email to SearchServerVirtualization.com.
In a way, the upcoming vShield Edge and vShield App products are a temporary solution from VMware for advanced users that are chomping at the bit to try advanced networking features while Ethernet standards are being sorted out, said Andre Kindness, an analyst at Forrester Research. "In the meantime, vendors want to be able to do in the virtual world what they can already do in the physical network, things like policy controls and rate limiting, and some companies are asking for it," he said. "I can see why VMware would want to start down that path right now."
Beth Pariseau is a Senior News Writer for SearchServerVirtualization.com. Write to her at email@example.com.