Islamic Republic of Afghanistan

Ministry of Higher Education

Directory of Private Students’ Affairs
Khaja Abdullah-e-Ansari Institute of Higher Education
Computer Science Faculty
Communication and Operating System

Lecture title: Network Virtualization Lecture: 04

Teacher: Mohammad Arif Qarizada
Virtualization System and
Technology

10/1/2022 1
 Network Virtualization
• In computing, network virtualization is the process of combining
hardware and software network resources and network functionality into
a single, software-based administrative entity, a virtual network.
• Network virtualization involves platform virtualization, often combined
with resource virtualization.
• In software testing, software developers use network virtualization to
test software which are under development in a simulation of the
network environments in which the software is intended to operate. As a
component of application performance engineering, network
virtualization enables developers to emulate connections between
applications, services, dependencies, and end users in a test
environment without having to physically test the software on all
possible hardware or system software. The validity of the test depends
on the accuracy of the network virtualization in emulating real hardware
and operating systems.
Network Virtualization
 Components
Various equipment and software vendors offer network virtualization by combining any of the
following:
•Network hardware, such as switches and network adapters, also known as network interface
cards (NICs)
•Network elements, such as firewalls and load balancers
•Networks, such as virtual LANs (VLANs) and containers such as virtual machines (VMs)
•Network storage devices
•Network machine-to-machine elements, such as telecommunications devices
•Network mobile elements, such as laptop computers, tablet computers, and smart phones
•Network media, such as Ethernet and Fiber Channel
Network Virtualization Categories

Network virtualization is categorized as:

• External virtualization: combining many networks or parts of
networks into a virtual unit
• Internal virtualization: providing network-like functionality to
software containers on a single network server.
 External virtualization
• External network virtualization combines or subdivides one or more local area networks (LANs)
into virtual networks to improve a large network's or data center's efficiency.
• A virtual local area network (VLAN) and network switch comprise the key components.
• Using this technology, a system administrator can configure systems physically attached to the
same local network into separate virtual networks.
• Conversely, an administrator can combine systems on separate local area networks (LANs) into a
single VLAN spanning segments of a large network.
 Internal virtualization
• Internal network virtualization
configures a single system with
software containers, such as Xen
hypervisor control programs, or
pseudo-interfaces, such as a VNIC,
to emulate a physical network with
software.
• Internal virtualization improve a
single system's efficiency by
isolating applications to separate
containers or pseudo-interfaces.
 Wireless Network Virtualization
• Wireless network virtualization can have a very broad scope ranging from
spectrum sharing, infrastructure virtualization, to air interface virtualization.
• Similar to wired network
virtualization, in which
physical infrastructure owned
by one or more providers can
be shared among multiple
service providers, wireless
network virtualization needs
the physical wireless
infrastructure and radio
resources to be abstracted and
isolated to a number of virtual
resources, which then can be
offered to different service
providers.
 Wired network virtualization vs. wireless network virtualization

• Both are splitting the entire network systems into several virtual versions.
• Wireless network virtualization is not a subset of network virtualization due to:
• Distinctive properties of the wireless environment
• time-various channels
• Attenuation
• mobility
• Broadcast
• More complicated.
• Specific more access technologies with particular characteristics
 Application virtualization
• Is a software technology that encapsulates computer programs from the
underlying operating system on which it is executed.
• Known as process virtualization.
• A fully virtualized application is not installed in the traditional sense, although
it is still executed as if it were.
• The application behaves at runtime like it is directly interfacing with the
original operating system and all the resources managed by it, but can be
isolated or sandboxed to varying degrees.
• Full application virtualization requires a virtualization layer.
• Virtualization layers replace part of the runtime environment normally
provided by the operating system.
• The layer intercepts all disk operations of virtualized applications and
transparently redirects them to a virtualized location.
 Application virtualization…
• The application remains unaware that it accesses a virtual resource
instead of a physical one.
• Examples of this technology for the Windows platform include:
• Microsoft App-V
• Turbo (software)
 Benefits
• Applications run in environments that do not suit the native application (Wine).
• Low system integration and administration costs
• Lesser integration causes less poorly written or buggy code.
• Side-by-side running of incompatible applications.
• Isolating applications from the operating system has security benefits.
• Simplified operating system migrations.
• Portable software.
• Application virtualization uses fewer resources than a separate virtual machine.
 Limitations
• Not all computer programs can be virtualized.
• Some require a device driver
• Some need to run in shared memory space (16 bit applications).
• Some require heavy OS integration (anti-viruses, WindowBlinds or StyleXP .
• Software licensing issues.
 Database virtualization
• Database virtualization is the decoupling of the database layer, which lies between the storage
and application layers within the application stack.
• Virtualization of the database layer enables a shift away from the physical, toward the logical or
virtual.
• Virtualization enables compute and storage resources to be pooled and allocated on demand.
This enables both the sharing of single server resources for multi-tenancy, as well as the pooling
of server resources into a single logical database or cluster.
• Database virtualization provides:
• increased flexibility
• more granular and efficient allocation of pooled resources
• more scalable computing
 Virtual data partitioning
• Partitioning data stores as a database grows has been in use for several decades.
• Two primary ways to partition data in data management systems:
• Shared-data databases–an architecture that assumes all database cluster nodes
share a single partition. Internode communications is used to synchronize update
activities performed by different nodes on the cluster.
• Shared-Nothing databases–an architecture in which all data is segregated to
internally managed partitions with clear, well-defined data location boundaries.
require manual partition management.
• In virtual partitioning, logical data is abstracted from physical data by autonomously
creating and managing large numbers of data partitions (100s to 1000s). Because
they are autonomously maintained, resources required to manage the partitions are
minimal. This kind of massive partitioning results in:
• partitions that are small, efficiently managed and load balanced
• systems that do not required re-partitioning events to define additional
partitions, even when hardware is changed
 Horizontal data partitioning
• Partitioning database sources from consumers
• With greater numbers of database sources, inserting a horizontal data
virtualization layer between the sources and consumers helps address
this complexity.

• The process of
offering data
consumers a data
access interface
that hides the
technical aspects
of stored data, such
as location, storage
structure, API,
access language,
and storage
technology.
 Advantages
• Added flexibility and agility for existing computing infrastructure
• Enhanced database performance
• Pooling and sharing computing resources, either splitting them (multi-tenancy) or combining
them (clustering)
• Simplification of administration and management
• Increased fault tolerance
 What is VLAN? Types, Advantages, Example

VLAN is a custom network which is created from one or more local area
networks. It enables a group of devices available in multiple networks to
be combined into one logical network. The result becomes a virtual LAN
that is administered like a physical LAN. The full form of VLAN is defined
as Virtual Local Area Network.
The below topology depicts a network having all hosts inside the same
virtual LAN:
What is VLAN? Types, Advantages, Example

network having all hosts inside the same VLAN

 What is VLAN? Types, Advantages, Example

• Without VLANs, a broadcast sent from a host can easily reach all
network devices. Each and every device will process broadcast
received frames. It can increase the CPU overhead on each device and
reduce the overall network security.
• In case if you place interfaces on both switches into separate VLAN, a
broadcast from host A can reach only devices available inside the
same VLAN. Hosts of VLANs will not even be aware that the
communication took place. This is shown in the below picture:
What is VLAN? Types, Advantages, Example

Host A can reach only devices available inside the same VLAN
 How VLAN works

Here is step by step details of how VLAN works:

•VLANs in networking are identified by a number.

•A Valid range is 1-4094. On a VLAN switch, you assign ports with the proper VLAN number.
•The switch then allows data which needs to be sent between various ports having the same
VLAN.
•Since almost all networks are larger than a single switch, there should be a way to send
traffic between two switches.
•One simple and easy way to do this is to assign a port on each network switch with a VLAN
and run a cable between them.
 VLAN Ranges
Here are the important ranges of VLAN:

Range Description

VLAN 0-4095 Reserved VLAN, which cannot be seen or used.

This is a default VLAN of switches. You cannot

VLAN 1:
delete or edit this VLAN, but it can be used.

It is a normal VLAN range. You can create, edit,

VLAN 2-1001:
and delete it.

These ranges are CISCO defaults for token rings

VLAN 1002-1005:
and FDDI. You cannot delete this VLAN.

VLAN 1006-4094: It is an extended range of VLANs.

 Example of VLAN
In the below example, there are 6 hosts on 6 switches having different
VLANs. You need 6 ports to connect switches together. It means, if you have
24 various VLANs, you will have only 24 hosts on 45 port switches.
 Characteristics of VLAN
Here are the important characteristics of VLAN:
Virtual LANs offer structure for making groups of devices, even if their networks are different.
It increases the broadcast domains possible in a LAN.
Implementing VLANs reduces the security risks as the number of hosts which are connected
to the broadcast domain decreases.
This is performed by configuring a separate virtual LAN for only the hosts having sensitive
information.
It has a flexible networking model that groups users depending on their departments instead
of network location.
Changing hosts/users on a VLAN is relatively easy. It just needs a new port-level
configuration.
It can reduce congestion by sharing traffic as individual VLAN works as a separate LAN.
A workstation can be used with full bandwidth at each port.
Terminal reallocations become easy.
A VLAN can span multiple switches.
The link of the trunk can carry traffic for multiple LANs.
 Difference between LAN and VLAN
Here is an important difference between LAN and VLAN:

LAN VLAN

LAN can be defined as a group of computer A VLAN can be defined as a custom network
and peripheral devices which are connected in which is created from one or more local area
a limited area. networks.

The full form of VLAN is Virtual Local Area

The full form of LAN is Local Area Network
Network.
The latency of LAN is high. The latency of VLAN is less.
The cost of LAN is high. The cost of a VLAN is less.
In LAN, the network packet is advertised to In VLAN, the network packet is sent to only a
each and every device. specific broadcast domain.

It uses a ring, and FDDI (Fiber Distributed Data

It uses ISP and VTP as a protocol.
Interface) is a protocol.
 Advantages of VLAN
Here are the important pros/benefits of VLAN:
•It solves a broadcast problem.
•VLAN reduces the size of broadcast domains.
•VLAN allows you to add an additional layer of security.
•It can make device management simple and easier.
•You can make a logical grouping of devices by function rather than location.
•It allows you to create groups of logically connected devices that act like they are on their own network.
•You can logically segment networks based on departments, project teams, or functions.
•Higher performance and reduced latency.
•VLANs provide increased performance.
•Users may work on sensitive information that must not be viewed by other users.
•It lets you easily segment your network.
•It helps you to enhance network security.
•You can keep hosts separated by VLAN.
•You do not require additional hardware and cabling, which helps you to saves costs.
•It reduces the number of devices for particular network topology.
•VLAN makes managing physical devices less complex.
 Disadvantages of VLAN
Here are the important cons/ drawbacks of VLAN:
•A packet can leak from one VLAN to other.
•An injected packet may lead to a cyber-attack.
•Threat in a single system may spread a virus through a whole logical
network.
•You require an additional router to control the workload in large networks.
•You can face problems in interoperability.
•A VLAN cannot forward network traffic to other VLANs.
Application/Purpose of VLAN
Here are the important uses of VLAN:
•VLAN is used when you have 200+ devices on your LAN.
•It is helpful when you have a lot of traffic on a LAN.
•VLAN is ideal when a group of users need more security or being slow
down by many broadcasts.
•It is used when users are not on one broadcast domain.
•Make a single switch into multiple switches.
VLAN Configuration Commands
Adding a VLAN Directly and Entering into VLAN Configuration Mode

Ste Actions Commands

p
1 Enter global switch#configure terminal
configuration mode.
2 Enter VLAN switch(config)#vlan vlan-id
configuration mode
and/or create a
VLAN.
3 Configure a name switch(config-vlan)#name name
for the VLAN.
 VLAN Configuration Commands
Assigning the VLAN to a Switchport (and Possibly Creating a New VLAN)

Step Actions Commands

1 Enter global configuration switch#configure terminal

mode.

2 Enter interface configuration switch(config)#interface interface

mode.

3 Configure the interface into a switch(config-if)#switchport access vlan vlan-id

specific VLAN. (If the VLAN
doesn't exist, it will be
created.)
 VLAN Configuration Commands
Deleting a VLAN

Step Actions Commands

1 Enter global configuration switch#configure terminal

mode.
2 Delete a configured VLAN. switch(config)#no vlan vlan-id
If an interface is configured
into the VLAN being deleted,
it will become inactive and
will not be displayed in the
output of the show
vlan command.
 VLAN Configuration Commands
Verifying Existing VLANs

Step Action Command

1 Display the current switch#show vlan [brief]
VLANs and their
assignments.
 VLAN Configuration
Step Actions Commands
1 Enter global configuration mode. switch#configure terminal
2 Create VLAN 100. switch(config)#vlan 100
3 Create VLAN 200. switch(config-vlan)#vlan 200
Notice that the configuration mode
changed to VLAN configuration mode
(config-vlan), but this command is still
configured as if the user is in global
configuration mode.
4 Move into interface configuration switch(config-vlan)#interface range fastethernet0/1-12
mode for switchports Fast Ethernet
0/1–0/12.
5 Configure the switchports into VLAN switch(config-if)#switchport access vlan 100
100.
6 Move into interface configuration switch(config-if)#interface range fastethernet0/13-24
mode for the switchports Fast
Ethernet 0/13–0/24.
7 Configure the switchports into VLAN switch(config-if)#switchport access vlan 200
200.