In the era of Infrastructure-as-a-Service (IaaS), data centers face the dual challenge of massive scalability and strict tenant isolation. Traditional network architectures relying on IEEE 802.1Q VLANs encounter significant limitations, primarily the 4094 VLAN ID cap and the Spanning Tree Protocol (STP) scalability issues. To address these constraints, Network Virtualization Gateway (NVG) architectures have emerged. An NVGNetwork utilizes an overlay approach, decoupling the logical network topology viewed by the tenant from the physical underlay infrastructure managed by the provider. This paper delineates the architecture of NVGNetworks, focusing on the gateway’s pivotal role in traffic encapsulation, broadcast suppression, and tenant mobility.

The NVG must maintain mapping tables for potentially millions of flow entries.

A practical application of NVGNetwork is found in hybrid cloud extensions. An enterprise can deploy an NVG appliance in their on-premise data center and another in a public cloud provider. These gateways form a secure, encrypted tunnel over the internet (WAN). Through this NVG tunnel, VMs can be migrated to the cloud without changing IP addresses, creating a seamless "stretching" of the Layer 2 network.

To overcome these challenges, researchers and developers are working on:

The NVG acts as the translation layer between the virtual and physical worlds. Its primary functions include:

The NVGNetwork architecture is predicated on a separation of duties between the underlay and overlay networks.