After reading a comment on Standalone Sysadmin blog suggesting a reader initially thought I was just making some of this stuff up, I thought I’d whip this up quickly to add some meat around the concept of hairpin turns. This post will briefly explain the concept of the hairpin turn, then in the new year we will dive deeper into the theory, practicalities and some of the pro’s and con’s…..
So…. when discussing I/O Virtualisation (IOV) it’s usually not long before the concept of hair-pinning arises. The conversation usually goes like this –
If a single physical port is being carved into multiple virtual ports, can you switch traffic between two virtual ports sharing the same hardware, without the I/O having to leave the physical adapter?
The diagram below shows this concept, which is sometimes called Virtual Ethernet Bridging, switching within the adapter, hair-pinning or a hairpin turn –
In the above diagram there is a single server running two Virtual Machines. The server has a single physical NIC configured to present two virtual NICs (vNIC). vNIC 1 is assigned to VM1 and vNIC 2 is presented to VM2. When VM1 sends data to VM2, in the diagram above, the physical NIC switches the packets without having to send them on to the edge switch – requiring the physical NIC to have a built-in switch, blurring the lines between server and network and a boat load more…..!
Sound interesting? Sound disruptive? Sound bold? Sound cool? …….. It should!
Some Theoretical Examples
Like you might expect, there are several different ways that hair-pinning can be implemented and the diagrams below show 3 possibilities –
The above Single Root (SR) style implementation has a single physical NIC in a single physical server, with vNICs being presented only to VMs executing on a single physical server. It can switch frames between vNICs carved from the same physical NIC.
The above can be either Single Root (SR) or Multi Root (MR) and removes the physical NIC from the server chassis and re-houses it in an external I/O Aggregator such as those offered by Xsigo and VirtenSys. The potential exists to switch frames between vNICs from either the same physical or different physical NICs. It can switch frames between VMs on different physical machines without touching the network.
The above example actually performs the hairpin turn in the edge switch rather than the I/O adapter. A single physical switch port is carved in to multiple virtual switch ports (referred to as VP in my above sketch). Normally Ethernet switches don’t switch frames back out over the same prot that they arrived on.
Like most new technologies and disruptive concepts, there are die-hard advocates for each approach. There are also equally die-hard opponents. Naturally this creates some interesting and often intense discussion – after all, taking a moment to think about the possibilities, this could potentially be very disruptive to existing networking models, and as always, there will be people who will not take this lying down.
Obviously there are pro’s and con’s as well as pre-req’s for each approach, and I intend to highlight and discuss some of them in future posts.
Hopefully this has shwd some light for now, and feel free to pitch in with thoughts, experiences and questions.
PS. FAO Standalone Sysadmin, the diagrams are not crayon 😛 Oh and I kind of like them!
PPS. Just so that folks don’t think Im making this stuff up again 😉 go search terms such as VNTag and VN-Link. These are technologies that Cisco is all over and they relate to being able to hairpin on physical switch ports. In fact when I get a minute I might get my crayons out again and add some detail to the diagrams
Other RAN and IOV related posts –