On 10/04/10 04:28, [email protected] wrote:
Hi there thank you for your answers below. Still some questions:
My concern regarding virtual switches is the fact that from a network
perspective I don't have control, but I am responsible if network
attached servers cause network issues.
Primary concern is the fact that in theory it is possible to create
layer-2 loops with vswitches. Therefore I would like to know from
Oracle/Sun what measures they have taken in order to avoid the
creation of Layer-2 loops with virtual switches. I would like to have
some documentation of Sun regarding the virtual network implementation
within T5240. Please see the splendid vmware documentation reqarding
"virtual networking concepts" for example.
Here my requirements for virtual switch implementations within servers:
-virtual switch isolation is required. It should not be possible to
connect 2 or more virtual switches in the same server with each other.
What mechanisms are in place on the T5240 to prevent this?
A vswitch only knows vnets that are directly connected to it (virtual
ports + 1 physical port if a physical link is assigned). If multiple
vswitchs are configured in a service domain, they are not aware of each
other and there are no loops; so, STP is not implemented in vswitch.
-suppose that a virtual switch has 2 fysical uplinks, what mechanisms
are in place to prevent the forwarding of a frame coming in on
uplink1 to uplink2 (thereby creating a layer-2 loop)
You can only specify 1 physical link (or a link aggregation) to a
vswitch. Thus the scenario you are depicting will not happen.
-Harsha
It would be apriciated, for our network guys to get a satisfied answer
for this.
Thanks in adv
Anne Adema
Martin Qoute:"
*Hi,
For a PoC we're running with LDOMs 1.3 and LDOMs 2.0 I have some
questions that hopefully someone can help me with. We're using Solaris
10 9/10 (u9) for control/service domain and guest domains.
1. Does the vswitch participate in Spanning-tree?
If yes, can this be disabled?
Any differences for LDOMs 1.3 and 2.0 here?*
*No idea, I never observed spanning- tree behaviour of vswitches*
*
*
*
2. How can the bandwidth that a VNIC consumes be limited?
(Case: we're creating multiple non-global zones in 1 LDOM guest and
want to prevent that one non-global zone can take up all bandwidth for a
single VNIC).*
*OTOH no way to do this in an I/O domain only without Crossbow. *
*
*
*
3. How can we configure "IP Multipathing" for the vswitch with LDOMs 1.3?
I know LDOMs 2.0 has this capability...*
*Question: do you want to connect a guest redundantly to the outside
world or do you want to connect whole vswitch redundantly to the
outside world?*
*
*
*
4. Using VLAN tagging on the vswitch, van I assign one VLAN to a VNIC in a
guest domain? So that there's a VLAN between the vswitch and the guest,
accessible as a VNIC from the guest?*
*Yes. IIRC possible since v1.2, described in the slides on LDOMs
under https://sunspace.sfbay.sun.com/x/c9VnDg** (sorry only accessible
from the Oracle intranet)*
"
*Stefan Quote":*
* *
*1. Does the vswitch participate in Spanning-tree?
If yes, can this be disabled?
Any differences for LDOMs 1.3 and 2.0 here?*
*No idea, I never observed spanning- tree behaviour of vswitches*
* *
*It doesn't have to. It can not be configured to create loops, so we
don't need to spanning-tree to protect against them. Externally, it
appears as a normal ethernet port, so the real switches at the other
end of the cable can do their spanning tree stuff, if they're so inclined.
Turning it off completly should'nt be supported on any switch. I
assume you mean turning off the spanning tree checking before taking a
port online. Cisco switches used to do this, and you could turn this
off, as in "go online first, check later, then, if loop detected, take
port offline". This would speed up the onlining of ports, but not
disable spanning tree checking completely.
*
*2. How can the bandwidth that a VNIC consumes be limited?
(Case: we're creating multiple non-global zones in 1 LDOM guest and
want to prevent that one non-global zone can take up all bandwidth for a
single VNIC).*
*OTOH no way to do this in an I/O domain only without Crossbow. *
* *
*you'll need crossbow for that, as martin already said"*
* *
* *
* *
------------------------------------------------------------------------
_______________________________________________
ldoms-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/ldoms-discuss
_______________________________________________
ldoms-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/ldoms-discuss
