Exposing Inter-Virtual Machine Networking Traffic to External Applications
Technical Report,01 Aug 2014,24 Mar 2016
AIR FORCE INSTITUTE OF TECHNOLOGY WRIGHT-PATTERSON AFB OH WRIGHT-PATTERSON AFB United States
Pagination or Media Count:
Virtualization has become a powerful and fast growing technology. The Department of Defense is focused on taking advantage of virtualized hardware, software, and networks. Virtual environments create administrative and security challenges in having visibility of inter-virtual machine VM traffic. This thesis attempts to gain visibility and evaluate performance of inter-VM traffic. Separate virtual networks using VMWare ESXi and Citrix XenServer that comprise of three virtual host containing a computing domain of eight VMs. Configuration of all components are identical on each network for a consistent comparison. Transport-layer traffic is generated to test each network using batch files, Powershell scripts, and Python scripts. The results show standard virtual networks require additional resources and more hands-on administration for real-time traffic visibility than a distributed switch. Traffic visibility within a standard network is limited to using programs such as pktcap-uw, windump, or tcpdump. However, distributed networks offer advanced options, such as port mirroring, that deliver higher visibility but come at a higher latency cost.
- Computer Systems