Oracle VM supports multiple virtual networks, or VLANs, on the same network port or bond. Each VLAN is essentially an independent logical network operating with other VLANs over the same physical connection. This means that virtual machines deployed on different networks, connected through the same Oracle VM Server port (or bond), can have traffic directed to different VLANs. This feature is implemented using VLAN Interfaces.
Configuring VLANs within Oracle VM Manager involves creating VLAN interfaces. A VLAN segment or ID is assigned to each VLAN interface when you create it. The VLAN interface is a virtual interface attached to the bond or port that physically handles the traffic for the entire VLAN. When configuring different logical networks within Oracle VM Manager, the VLAN interfaces that you have defined can be attached to the network in the same way as any ports or bonds. This allows you to treat each VLAN ID as a separate logical network interface. When traffic is routed through the VLAN interface, it is automatically tagged with the VLAN ID that is configured for that interface, and is then routed through the actual port or bond that the VLAN interface is attached to.
The VLAN ID is used by an attached VLAN switch to segregate traffic among the different VLANs operating on the same physical link. When a VLAN is configured, it functions exactly like a separate physical connection. The original physical port that the VLAN interface is attached to, can continue to be used as a separate port to route untagged traffic.
You must configure the VLANs needed to support your network before you can use them. This is usually accomplished using switch trunking. Trunking involves configuring ports on the switch to allow multiple VLAN traffic on these ports, to ensure that packets are correctly transmitted to their final destination. Consult your switch vendor's documentation for information regarding trunking.
A VLAN Interface is a virtual interface that is attached to the physical network port or bond that your VLAN is configured on. The VLAN Interface is used to automatically tag traffic that is routed through it with the appropriate VLAN ID. Equally, traffic tagged with a VLAN ID that comes in on a physical port is routed through the appropriate VLAN interface. If no matching VLAN interface is found, the traffic is dropped.
You create VLAN interfaces to direct the traffic from several VLANs onto a single port or bond on each Oracle VM Server in the server pool. For example, if a port or bond is expected to carry traffic for VLAN with ID 2 and for VLAN with ID 3, you create a VLAN Interface for each of these VLAN segments. After creating the VLAN Interfaces, you create a network and specify one of the VLAN Interfaces as belonging to the network. Each packet transmitted from virtual machines on this network is tagged with the VLAN ID for the VLAN interface specified during network creation. If you added the physical network port or bond during network creation, the packets can still flow through the port or bond, but the packets are untagged. The Ethernet switch, to which the Oracle VM Servers are connected, is responsible for the transmission of packets to the appropriate VLAN.
Figure 5.6, “Networks with VLANs and VLAN Interfaces” illustrates the case of two virtual machine networks, whose network traffic flows through the same bonded interface.
In the diagram, titled Figure 5.6, “Networks with VLANs and VLAN Interfaces”, two VLAN interfaces are defined on the bond for each server. The VLAN2 interface handles traffic tagged with the VLAN ID 2 and the VLAN3 interface handles traffic tagged with the VLAN ID 3. Two virtual machine networks have been created in Oracle VM Manager, even though these networks use the same physical network infrastructure. The first virtual machine network has the VLAN2 interface attached for each server; while the second virtual machine network has the VLAN3 interface attached for each server. For each logical network, a bridge is automatically created for the specified VLAN interface. The bridge is configured without an IP address since none is specified during configuration. Network packets from virtual machines deployed on VLAN segment 2 travel through the bridge and acquire a tag which identifies the packets as belonging to VLAN 2. Similarly, the packets issued from the virtual machines deployed on the network for VLAN segment 3 are tagged for VLAN3 with ID 3. The packets from both networks use either path to the switch if the bond is configured for Dynamic Link Aggregation. The receiving ports on the Ethernet switch are configured using trunking or similar configuration to recognize network traffic for the two VLANs in this setup. As such, the trunk ports will direct the packets to the correct VLAN on the switch, or other connected switches.
To see how you are able to create VLAN Interfaces in the Oracle VM Manager Web Interface, see VLAN Interfaces in the Oracle VM Manager User's Guide and to see how VLAN Interfaces are attached to logical networks within the Oracle VM Manager Web Interface see Networks in the Oracle VM Manager User's Guide.