Managing Network Virtualization and Network Resources in Oracle® Solaris 11.2

Exit Print View

 
Updated: September 2014
 
 

Enabling the VMs to Communicate Through an External Switch

When you have multiple VNICs configured over the same physical NIC, you can set the vswitchmode datalink property to remote to send the network traffic externally through the switch. However, the external switch must be configured in the reflective relay mode. The switch configuration that enables reflective relay is specific to the switch type. For more information, refer to the switch manufacturer's documentation.

The following figure shows a sample system with a 10G Ethernet link that is connected to an external switch and hosting two zones (VMs) that are running services for the same customer.

Figure 4-3  Internal Communication Between Zones

image:This image shows the inter-VNIC communication within the system.

Because the two zones, Zone1 and Zone2, are running services for the same customer, the communication between the two zones can occur internally without any restrictions. Hence, the traffic between VNIC1 and VNIC2 can be exchanged internally.

You would check the existing value of the vswitchmode property for the physical NIC net5 as follows:

# dladm show-linkprop -p vswitchmode net5
LINK  PROPERTY     PERM  VALUE  EFFECTIVE  DEFAULT  POSSIBLE
net4  vswitchmode  rw    local  local      local    local,remote,auto

The output displays the value local for the VALUE and the EFFECTIVE fields. This value indicates that the communication between the zones is internal.

In this example, assume that the two zones, Zone1 and Zone2, need to run services for different customers and the external switch has an access control list (ACL) configured that controls the network traffic for these services. Therefore, they must not communicate internally and the network traffic between VNIC1 and VNIC2 must be exchanged externally through a switch.

Hence, you must disable the internal communication between the zones by setting the vswitchmode property to remote as follows:

# dladm set-linkprop -p vswitchmode=remote net5
# dladm show-linkprop -p vswitchmode net5
LINK  PROPERTY     PERM  VALUE   EFFECTIVE  DEFAULT  POSSIBLE
net5  vswitchmode  rw    remote  remote     local    local,remote,auto
Note -  The external switch must be configured for reflective relay before you set the vswitchmode to remote.

Because you set the vswitchmode property to remote to disable the internal communication of the VNICs, the network traffic between the VNICs is sent through the external switch as shown in the following figure.

Figure 4-4  Communication Between Zones by Using an External Switch

image:This figure shows the communication through external switch, which is reflective relay enabled.
Copyright © 2011, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous
Next