Anyone with even a passing interest in Nicira will have noticed that our approach to network virtualization depends heavily on open standards and open interfaces. In fact you'd struggle to find a company that is more associated with systems and protocols that use the word "Open". OpenFlow, Open vSwitch, OpenStack (where we contribute to the Quantum switch project) are three of the most visible "open" efforts that we have led or been heavily involved in, and we're founding members of the Open Networking Foundation as well.
Of course, "open" is one of those words that is getting so heavily used and abused that it runs a serious risk of losing any meaning at all. At least when it comes to networking protocols, there is a pretty clear meaning for open standards. For modern protocols, the Internet Engineering Task Force (IETF) is the primary standards-setting body. This week, we submitted an Internet Draft to the IETF describing a tunneling protocol that is extensively used by Nicira's products - STT, the Stateless Transport Tunneling protocol. We've done this precisely because our customers have asked for us to open up that protocol, to facilitate its implementation by multiple vendors in the network virtualization ecosystem. I should stress that there is a long and torturous path between submitting an Internet Draft and achieving an actual Internet standard, and that we have just taken the first step. But the fact is that the STT specification is now openly available to anyone who wants to read it, implement it, and inter-operate with other implementations.
I have to confess I was a bit skeptical when I first heard that Nicira's wizard engineers had cooked up their own tunneling protocol. It's not like there is any shortage of ways to tunnel packets. Even MPLS, something I know a few things about, is effectively a form of tunneling. But it turns out that building tunnels to and from modern servers - especially from inside the hypervisor, as we do with our Open vSwitch implementation - places some unique requirements on the tunneling protocol. You'll want to read the full Internet Draft (see the link below) to get all the details, but the high order bit is that there is a big performance win if your tunneling protocol can leverage the TCP segmentation offload (TSO) features of modern network interfaces. (Ironically, that's another area I worked on in a former life, back in the days when gigabit networks were a research area.) That's what STT does, and we reap a large benefit in performance.
Is STT the best way to tunnel packets ever invented? It depends on what you want to optimize. I'm sure there will be some good arguments at the IETF in the next few months or years about whose tunneling protocol for network virtualization has the prettiest header. For now, we just want to open up the approach that has worked for us and see if we can get some interoperable implementations.
