Both sides want to enable a new way of handling firewalls, access control, load balancing, deep-packet inspection and other network functions on data center switches. Those functions had been handled on various network appliances, but as virtualization takes hold some of the work is migrating to hypervisor software running on host CPUs on PC servers.

The shift threatens to waste CPU cycles and system bandwidth. End users also lose visibility into how the functions are working because with hypervisors much of the job involves communications between virtual machines they cannot directly monitor.

Both the Cisco and HP approaches tag data to enable the networking functions to be handled by direct communications between network interface cards and data center switches.

The HP approach, called Virtual Ethernet Port Aggregator (VEPA), creates data tags that establish a virtual link between network interface cards on server and edge switches such as the HP ProCurve that typically sit on top of a rack of servers in a data center. The HP proposal uses expanded media-access control addressing tables on both ends of the link.

Cisco's proposal builds on VEPA, adding a tag to automate the job of letting such packets travel across multiple systems as needed to a final destination without expanding address tables. The end point in the Cisco approach--called the port extender--typically is a larger switch that aggregates traffic from many edge switches.

Both specs are needed if OEMs and end users are to have a choice of managing traffic at edge or at core switches. However, end users are likely to choose one approach or the other for their networks.

The two specifications complement each other, but systems using them may compete in the market, said Paul Congdon, chief technology officer of HP's ProCurve group and one of the VEPA authors. Congdon is vice chairman of the IEEE 802.1 group that will vote in September on whether to approve the proposals.

An I/O specialist in HP's PC server group familiar with both proposals characterized the difference between the Cisco and HP approaches as a philosophical one.

"It comes down to what's your management model," said Michael Krause of HP. "The edge switch has more bandwidth [for handling network management], but the core switch aggregates more connections," he added.

The Cisco approach takes the view that a central point of management is best. The HP spec prefers a distributed networking approach and has backing from a group of about 20 companies including IBM and some network card makers who have been holding weekly conference calls since February.

A Cisco representative was not immediately available for comment.

Both the Cisco and HP require slight changes in firmware or hardware in the underlying silicon. A single chip could support both specs.

"We prototyped this and found it took just 118 lines of code to support VEPA on an HP ProCurve switch" along with minor extensions to virtualization tables, said Krause. "It's fairly lightweight and cheap to execute," he added.

One goal of the proposals is to get the specs ready for adoption in time to influence the next wave of semiconductors implementing 10 Gbit Ethernet and the converged Fibre Channel over Ethernet specification. The new I/O specs would give those chips new ways to optimize communications.

Both proposals face a preliminary IEEE vote in September to be accepted, followed by a higher-level vote probably before the end of the year. "The fact that both are up for approval says both have merit, so it will be up to the market to determine which takes hold," Krause added.

In either case, the technology sets up a three-way competition between switch makers, appliance makers and virtualization software companies. Each will try to deliver the richest set of networking features and try to be a central point in managing data center networks.

The efforts also show the impact virtualization software is having on server design.

"Virtualization is changing the old model of having all communications outside the box" to having more communications between virtual machines inside a server, said Krause. That's enabling end users who are "collapsing multiple tiers of a data center on to a box, and now asking how they diagnose problems between virtual machines talking to each other," he added.