ravirao@microsoft.com

rajeevn@microsoft.com

Lessons Learned

Lessons Learned

Microsoft’s vision of the unified platform for modern business

Cloud OS

Development Management Identity Virtualization Data

Transform existing networks into a pooled, automated resource. Enable software to dynamically optimize the network as per application/workload requirements, including flexible placement and mobility across clouds.

Extension miniport

Hyper-V Network Virtualization flow

10.0.0.5 10.0.0.5 10.0.0.7 10.0.0.7

192.168.2.22/24 192.168.5.55/24

10.0.0.5

10.0.0.7

10.0.0.5

10.0.0.7

10.0.0.5

10.0.0.7

10.0.0.5

10.0.0.7

Customer AddressProvider Address

NVGRE Packet

VSID

10.0.0.5

10.0.0.7GRE Key 6001 MACCA

192.168.2.22

192.168.5.55MACPA

192.168.2.22

192.168.5.55

10.0.0.5

10.0.0.7GRE Key 5001 MACCAMACPA

Network Virtualization using Generic Routing Encapsulation (NVGRE)Customer address header Customer MAC + Customer IP

Provider address header Provider MAC + Provider IP

GRE header 24 bit GRE key, i.e. 16 million Virtual Subnets

SQL Server Web

FabrikamContoso

SQL Server Web

SQL Server SQL Server Web Web

Hyper-V Host 2Hyper-V Host 1

192.168.5.55192.168.2.22

10.0.0.5 192.168.2.22

10.0.0.7 192.168.5.55

10.0.0.5 192.168.2.22

10.0.0.7 192.168.5.55

10.0.0.5 192.168.2.22

10.0.0.7 192.168.5.55

10.0.0.5 192.168.2.22

10.0.0.7 192.168.5.55

What is under the cover?

Customer’s view

Provider’s view

10.0.0.5 10.0.0.7

10.0.0.5 10.0.0.710.0.0.5 10.0.0.7

10.0.0.5 10.0.0.7

Manage separate address spaces

Separate policies per tenant

SCVMM distributes policies to hosts

Easily extend into Azure

On-premise

Datacenter

Individual computers behind corporate firewall

S2SVPN

Point-to-Site VPN

Site-to-SiteVPN

Windows Azure

Virtual Network

<subnet 1> <subnet 2> <subnet 3>

DNS Server

HA Windows Server

RRAS VPN Gateway

Physical or Software S2S VPN