Planning and Implementing VLANs with HP-UX HP Part Number: 5992-0538 Published: March 2007
Table of Contents About This Document.........................................................................................................5 What is VLAN?.......................................................................................................................................7 Benefits of VLANs ............................................................................................................................8 VLAN-Aware Switches Are the Key...........................................
About This Document This white paper presents network managers with an overview of HP-UX Virtual LAN (VLAN) software for HP servers. The following HP-UX VLAN topics are addressed: • An introduction to VLAN technology and its benefits—since a VLAN-aware switch is the building block of a VLAN network environment, this white paper explains how switches implement VLANs.
What is VLAN? Virtual LAN (VLAN) technology allows network administrators to separate logical network connectivity from physical connectivity. This concept is different from a traditional LAN in that a LAN is limited by its physical connectivity. All users in a LAN belong to a single broadcast domain1 and can communicate with each other at the Data Link Layer or “Layer 2”.
Benefits of VLANs The key benefits of using VLANs include the following: • • Bandwidth preservation: A well-designed VLAN helps restrict broadcast and multicast traffic to only those stations listening to and responding to the traffic related to that VLAN. The network and computing resources of nonparticipating stations are unaffected, thus improving performance. Manageability: Moves, additions, and changes to network topology do not require physical changes to network topology.
Which VLAN Does a Frame Belong To? The previous section notes that a frame can belong to a VLAN. The next question is—how is this association made? • • • A VLAN-aware switch can make the association based on various attributes of the frame (such as Ethernet and IP header content). Example attributes include destination MAC address, IP address, TCP port, Network Layer protocol, and so on. Attributes such as “the switch port on which the frame arrived” can also be used.
• that hub must belong to the same VLAN or set of VLANs, thereby restricting the benefits of VLANs. A common misconception is that because multiple IP subnets can share a single switched infrastructure using VLANs, switching can replace routing in the network. Remember that VLAN is strictly a Data Link Layer (Layer 2) technology. You must use routers for communication between IP subnets, even in a VLAN.
Figure 3 VLANs Overlapping or Sharing the Same LAN Card Port Server Run Attn. Fault Remote Power VLAN-aware Ethernet LAN Card Port VLAN0 VLAN5 VLANs on HP-UX HP-UX allows users to configure VLAN tagging and association rules at end stations. An efficient implementation of this mechanism has been developed, allowing network administrators to make full use of the advantages of VLANs and VLAN tagging with minimal performance impact.
suits your needs, you must understand what each type of usage scenario implies. On HP-UX, the type of VLAN configured on a NIC port depends on how you configure virtual interfaces and use them. • Port-based VLAN: All frames transmitted by a NIC are tagged using only one VLAN ID. The NIC does not transmit or receive any untagged frames. To implement this on HP-UX, you create just one VI on a given NIC port. All protocols and applications use this virtual interface’s virtual PPA to transmit data traffic.
service (for example, lower drop rate or higher scheduling priority) to frames carrying a certain 802.1p priority value in the VLAN tag. For information on priority policies on switches, refer to the switch manufacturer’s manuals. HP-UX allows a user to assign an 802.1p priority to a VLAN. This priority is subsequently encoded in the VLAN tag of the frame’s Ethernet header.
Figure 4 VLAN Implementation Example each of these lines indicates a unique VLAN workstations servers this link belongs to more than one VLAN “backbone switch” with optional routing module— supports portbased VLAN and tagging first tier of switches that support portbased VLAN and tagging A VLAN Implementation Example This section provides an overview of how to implement an IP subnet-based VLAN in a network with HP-UX. See Figure 4 for reference.
— addresses to them. Then configure the same VLANs on the switch port, marking them “tagged.” One (and only one) untagged VLAN can be configured on a switch port. If a workstation needs to belong to more than one VLAN and supports tagging, follow the same steps as outlined for the server configuration.
Figure 5 VLAN over APA HP server running HP-UX Workgroup Applications VLAN Interfaces HR VLAN1 Finance VLAN2 Marketing Engineering VLAN3 VLAN4 Manufacturing VLAN5 HP APA/LAN Monitor Failover Group APA Interfaces HP APA Aggregate Physical NICs VLAN-aware network Using HP-UX VLANs with HP Virtual Machines (HPVM) The HPVM product is part of the HP-UX 11i Partitioning Continuum and Virtual Server Environment (VSE) technologies.
NOTE: Tagged frames originating from the HPVM guest are not supported and are discarded at the HPVM virtual switch. Also, only VLAN identifier configuration is allowed over virtual-switch ports. Currently, configuration of 802.1p priorities is not allowed. There are various scenarios where the system administrator can configure the HPVM virtual switch to utilize the traffic isolation feature of VLAN technology.
In the scenario illustrated in Figure 6, the peer-to-peer communication can be between: • Two HPVM guests virtual network interfaces through the shared virtual switch. For example, guests A and C (virtual switch ports 1 and 3 respectively) can communicate with each other over the RED VLAN. • An HPVM guest virtual network interface and the physical network interface on the local HPVM host, through the virtual switch.
