Why Do Modern Data Centers Need a Large Second‑Layer Network?

Why Do Data Centers Need a Large Second‑Layer Network?

Before we begin, it is important to note that large second‑layer networks are primarily designed for data center scenarios, created to address the specific need of dynamic virtual machine migration after server virtualization. For ordinary campus networks, large second‑layer networks have little value except in special cases such as Wi‑Fi roaming.

1. Traditional Data Center Network Architecture

Traditional data centers typically use a two‑layer plus three‑layer architecture, as shown in the diagram below.

This architecture resembles the "franchise" model in retail, whereas the upcoming "three‑layer to edge" and "large second‑layer" architectures correspond to a "company‑owned" model.

The reason for using this architecture is its maturity; the underlying two‑ and three‑layer technologies (VLAN + STP, routing) are well‑established, easy to deploy, and align with the modular nature of data center workloads.

However, this architecture hides a weakness for data centers, which will be discussed later.

2. Trend of Server Virtualization

Traditional data center servers have low utilization, typically only 10%–15%, wasting power and space. Server virtualization addresses this by turning a physical server into multiple logical servers, called virtual machines (VMs), each with its own OS, applications, MAC and IP addresses, connected to external networks via an internal virtual switch (vSwitch).

Virtualization improves server utilization, reduces energy consumption, and lowers operational costs. Leading products include VMware, Microsoft Hyper‑V, and KVM.

3. Virtual Machine Live Migration

Live migration allows a VM to move from one physical host to another without interrupting the services running on it, making the process invisible to end users and enabling flexible resource allocation and maintenance.

4. Impact of Live Migration on the Network

The weakness of traditional two‑ and three‑layer architectures is that a server’s location cannot freely move across different layer‑2 domains. Moving a server to another domain requires IP changes, breaking TCP connections and disrupting services.

In traditional data centers, cross‑domain physical server migration is rare, and when it occurs, services are already down, so the issue is not evident. After virtualization, live migration becomes frequent, and to keep services uninterrupted, the VM’s IP and state must remain unchanged, which is only possible within the same layer‑2 domain.

The traditional architecture therefore limits live migration to a small local area, restricting application flexibility.

To break this limitation and enable large‑scale or even cross‑region VM migration, all servers involved must belong to the same layer‑2 domain, allowing seamless migration without IP changes.

Analogously, if a person moves from Nanjing to Suzhou, a unified social‑security system (a large second‑layer network) would let the move happen without needing to change any identifiers.

A true large second‑layer network should be able to accommodate more than 10,000 hosts.