6.2.2 Configuring the RoCE Network Fabric Switches to Enable Exadata Secure RDMA Fabric Isolation

You can configure your RoCE Network Fabric switches to enable Exadata Secure RDMA Fabric Isolation.

Secure Fabric enables network separation between different clusters on systems with RoCE Network Fabric. This capability is conceptually similar to InfiniBand Network Fabric partitioning. Secure Fabric support is available starting with Oracle Exadata System Software release 20.1.0.

To use Secure Fabric, you must enable Secure Fabric support in the RoCE Network Fabric switch hardware before initial system deployment using Oracle Exadata Deployment Assistant (OEDA):

For each RoCE Network Fabric leaf switch, perform the basic configuration steps outlined in Configuring the Cisco Nexus 9336C-FX2 Switch.

Then, on each RoCE Network Fabric leaf switch, you must apply a specific golden configuration to enable Secure Fabric support. Use the procedure described in Applying Golden Configuration Settings on RoCE Network Fabric Switches, in Oracle Exadata Database Machine Maintenance Guide. However, when you specify the configuration type for each leaf switch, ensure that you specify the configuration type that enables Secure Fabric support.

After you complete the switch configuration, the leaf switch ports become trunk ports, which can carry network traffic with multiple VLAN IDs.