dropdown menu

Virtual Ethernet/Virtual Switch:

The Power Hypervisor has a feature to create Virtual Ethernet Network. This network is created by a Virtual Switch (which is part of the Hypervisor) and it  makes possible the communication between LPARs on the managed system without any physical devices. These are basically in-memory connections between LPARs through Virtual Ethernet Adapters.

When a Virtual Ethernet Adapter is created on the HMC a Virtual Ethernet switch port is configured at the same time, so the virtual port corresponds directly to the virtual Ethernet adapter. (There is no need to explicitly attach a virtual Ethernet adapter to a virtual Ethernet switch port it is done automatically by the Hypervisor. In fact both of them exist in the Hypervisor memory.)

------------------------------------

VLAN:

Virtual Local Area Network (VLAN) is a method to split up a physical network. This separation is achieved by configuring switch ports to be part of a VLAN and then tagging Ethernet packets with their VLAN information (VID=VLAN ID). The default VLAN ID for a switch port is the Port VID (PVID). (VLAN is described by the IEEE 802.1Q standard.)

The VLAN ID can be added to an Ethernet packet by the switch or it can be added by a VLAN-aware host. (VLAN-aware host could be an AIX server, where we have created a VLAN interface with "smitty vlan"). Ports on an Ethernet switch must therefore be configured with information indicating whether the host connected is VLAN-aware or VLAN-unaware.

VLAN unaware hosts: For VLAN-unaware hosts, a port is set up as untagged. This means the switch will tag all entering packets with the Port VLAN ID (PVID) and the switch will untag all exiting packets before delivery to the VLAN unaware host.(Untagged switch ports can be part of only one VLAN (PVID)).

VLAN aware hosts: Hosts that are VLAN-aware can insert and remove their own tags and can be members of more than one VLAN. These hosts are typically attached to ports that do not remove the tags before delivering the packets to the host, but will insert the PVID tag when an untagged packet enters the port.

A port will only allow packets that are untagged or tagged with VLANs of the port.

------------------------------------

Virtual Ethernet Adapter:

Virtual Ethernet adapters allow logical partitions within the same system to communicate without having to use physical Ethernet adapters. Within the system, these adapters are connected to a virtual Ethernet switch (which is basically in the Hypervisor), so TCP/IP communications over these Virtual Ethernet Adapters is routed through the server firmware. The system transmits packets by copying the packet directly from the memory of the sender logical partition to the receive buffers of the receiver logical partition without any intermediate buffering of the packet.

Virtual Ethernet adapters can be used without using the Virtual I/O Server, but the logical partitions will not be able to communicate with external systems. However, in this situation, you can use another device, called a Host Ethernet Adapter (or Integrated Virtual Ethernet), to facilitate communication between logical partitions on the system and external networks. The hardware MAC address of a virtual Ethernet adapter is automatically generated by the HMC when it is defined.

The POWER Hypervisor implements an IEEE 802.1Q VLAN style virtual Ethernet switch. Similar to a physical IEEE 802.1Q Ethernet switch it can support tagged and untagged ports. A virtual switch does not really need ports, so the virtual ports correspond directly to virtual Ethernet adapters that can be assigned to partitions from the HMC or IVM. (A virtual Ethernet switch port is configured when you configure the virtual Ethernet adapter on the HMC or IVM.)

Some Consideration:
- Maximum 256 virtual Ethernet adapters are permitted per partition.
- Maximum 20 VLANs are permitted on a Virtual Ethernet adapter (19 VIDs and 1 PVID).
- A system can support up to 4096 different VLANs
- A SEA can have maximum 16 virtual Ethernet adapters (with 20 VLANs on each)

Virtual Ethernet uses the system processors instead of off-loading that load to processors on network adapter cards. (It generates extra CPU)

------------------------------------



If you have one physical Ethernet adapter with device name ent0, which is connected to a tagged switch port with PVID=1 and VID=100, the administrator will generate an additional device name ent1 for the VLAN with VID=100 (smitty vlan). The original device name ent0 will represent the untagged Port VLAN with PVID=1. Ethernet interfaces can be put on both adapters: en0 would be stacked on ent0 and en1 on ent1, and different IP addresses will be configured to en0 and en1.

Dynamically adding or removing VLANs:
http://publib.boulder.ibm.com/infocenter/powersys/v3r1m5/index.jsp?topic=/p7hb1/iphb1_vios_managing_vlans.htm

Checking Virtual Ethernet Adapters and VLANs:
root@aix21: / # lsdev -Cc adapter
ent0   Available  Virtual I/O Ethernet Adapter (l-lan)
ent1   Available  Virtual I/O Ethernet Adapter (l-lan)

if it is an untagged port:
root@aix21: / # entstat -d ent0 | grep -i vlan
Invalid VLAN ID Packets: 0
Port VLAN ID:     1
VLAN Tag IDs:  None

if it is a tagged port:
Port VLAN ID:     1
VLAN Tag IDs:    23

(On HMC GUI, at the adapter properties these can be seen as well.)

------------------------------------

Adding/removing VLAN TAG dynamically:
(it will not add to profile)

adding (on HMC):
chhwres -r virtualio --rsubtype eth -m <man.sys.> -o s -p <LPAR> -s <adapter id> -a "addl_vlan_ids+=<VLAN TAG>"

removing (on HMC):
chhwres -r virtualio --rsubtype eth -m <man.sys.> -o s -p <LPAR> -s <adapter id> -a "addl_vlan_ids-=<VLAN TAG>"

------------------------------------

4 comments:

  1. After gone through about virtual Ethernet adapter virtual I had know the real meaning of virtual Ethernet ..This is awesome one..

    Leased line quote

    ReplyDelete
  2. This comment has been removed by the author.

    ReplyDelete
  3. Hi,
    From AIX LPAR, how to identify which VIOS is connected to Net VIIOS.

    like for disk we are using echo cvai |kdb

    is there any way to identify Net VIOS from AIX LPAR?

    ReplyDelete
  4. The article is beautiful, but as i'm a beginner i didn't understand the diagram clearly. If possible can you please explain it in low-level.

    ReplyDelete