Go to main content

Managing Network Virtualization and Network Resources in Oracle® Solaris 11.3

Exit Print View

Updated: April 2018
 
 

Controlling Switching Between VMs Over the Same Physical Port

You can use the vswitchmode datalink property to control switching between VMs over the same physical port. The three possible values are:

  • local – Enables the network traffic between VMs over the same physical NIC to be exchanged internally. This is the default mode.

  • remote – Enables the network traffic between VMs over the same physical NIC to be exchanged through the external switch.

  • auto – Uses LLDP to determine whether reflective relay is supported on the external switch. If reflective relay is supported on the external switch, network traffic between VMs is exchanged through the external switch. Otherwise, network traffic between VMs is exchanged internally.

Enabling the VMs to Communicate Through an External Switch

When you have multiple VNICs configured over the same physical NIC, you can set the vswitchmode datalink property to remote to send the network traffic externally through the switch. However, the external switch must be configured in the reflective relay mode. The switch configuration that enables reflective relay is specific to the switch type. For more information, refer to the switch manufacturer's documentation.

The following figure shows a sample system with a 10G Ethernet link that is connected to an external switch and hosting two zones (VMs) that are running services for the same customer.

Figure 13  Internal Communication Between Zones

image:This fugyre shows the inter-VNIC communication within the system.

Because the two zones, Zone1 and Zone2, are running services for the same customer, the communication between the two zones can occur internally without any restrictions. Hence, the traffic between VNIC1 and VNIC2 can be exchanged internally.

You would check the existing value of the vswitchmode property for the physical NIC net5 as follows:

# dladm show-linkprop -p vswitchmode net5
LINK  PROPERTY     PERM  VALUE  EFFECTIVE  DEFAULT  POSSIBLE
net4  vswitchmode  rw    local  local      local    local,remote,auto

The output displays the value local for the VALUE and the EFFECTIVE fields. This value indicates that the communication between the zones is internal.

In this example, assume that the two zones, Zone1 and Zone2, need to run services for different customers and the external switch has an access control list (ACL) configured that controls the network traffic for these services. Therefore, they must not communicate internally and the network traffic between VNIC1 and VNIC2 must be exchanged externally through a switch.

Hence, you must disable the internal communication between the zones by setting the vswitchmode property to remote as follows:

# dladm set-linkprop -p vswitchmode=remote net5
# dladm show-linkprop -p vswitchmode net5
LINK  PROPERTY     PERM  VALUE   EFFECTIVE  DEFAULT  POSSIBLE
net5  vswitchmode  rw    remote  remote     local    local,remote,auto
Note -  The external switch must be configured for reflective relay before you set the vswitchmode to remote.

Because you set the vswitchmode property to remote to disable the internal communication of the VNICs, the network traffic between the VNICs is sent through the external switch as shown in the following figure.

Figure 14  Communication Between Zones by Using an External Switch

image:This figure shows the communication through external switch that is reflective relay enabled.

Using LLDP to Manage the Communication Between VMs

You can use LLDP for the automatic configuration of communication between VMs. LLDP configures the exchange of network traffic to be internal or external based on whether the external switch supports reflective relay. To use LLDP, set the vswitchmode datalink property to auto. First, you must ensure the following:

  • The LLDP package is installed.

    To check whether the LLDP package is installed, use the following command:

    # pkg info lldp

  • The LLDP service is online.

    To check whether the LLDP service is online, use the following command:

    # svcs lldp
STATE          STIME    FMRI
online         Jul_13   svc:/network/lldp:default

  • EVB is enabled in the dot1-tlv TLV unit.

  • LLDP mode is both for the NIC.

    In the example, to check whether EVB is enabled in the dot1-tlv TLV unit and the LLDP mode is both, you would use the following command:

# lldpadm show-agentprop -p mode,dot1-tlv net5
AGENT  PROPERTY  PERM  VALUE  DEFAULT  POSSIBLE
net5   mode      rw    both   disable  txonly,rxonly,both,disable
net5   dot1-tlv  rw    evb    none     none,vlanname,pvid,linkaggr,pfc,
                                       appln,evb,etscfg,etsreco,all

To set the vswitchmode datalink property to auto:

# dladm set-linkprop -p vswitchmode=auto net5

When you set the vswitchmode datalink property to auto, you can use the output of the dladm show-linkprop command to check whether the communication between the VMs is internal or through an external switch.

# dladm show-linkprop -p vswitchmode net5
LINK  PROPERTY     PERM  VALUE   EFFECTIVE  DEFAULT  POSSIBLE
net5  vswitchmode  rw    auto    remote     local    local,remote,auto

Since the value of the EFFECTIVE field of the output is remote, LLDP has enabled reflective relay on the external switch and the communication between the VMs is through the external switch.

For more information about LLDP, see Chapter 6, Exchanging Network Connectivity Information With Link Layer Discovery Protocol in Managing Network Datalinks in Oracle Solaris 11.3.

Copyright © 2011, 2018, Oracle and/or its affiliates. All rights reserved. 
Previous
Next