Brian W. Hugenbruch, CISSP z/VM Development Team, IBM: Endicott, NY, USA Link Aggregation for the z/VM Virtual Switch © 2010 IBM Corporation Trademarks The following are trademarks of the International Business Machines Corporation in the United States, other countries, or both. Not all common law marks used by IBM are listed on this page. Failure of a mark to appear does not mean that IBM does not use the mark nor does it mean that the product is not actively marketed or is not significant within its relevant market. Those trademarks followed by ® are registered trademarks of IBM in the United States; all others are trademarks or common law marks of IBM in the United States. For a complete list of IBM Trademarks, see www.ibm.com/legal/copytrade.shtml: *, AS/400®, e business(logo)®, DBE, ESCO, eServer, FICON, IBM®, IBM (logo)®, iSeries®, MVS, OS/390®, pSeries®, RS/6000®, S/30, VM/ESA®, VSE/ESA, WebSphere®, xSeries®, z/OS®, zSeries®, z/VM®, System i, System i5, System p, System p5, System x, System z, System z9®, BladeCenter® The following are trademarks or registered trademarks of other companies. Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries. Cell Broadband Engine is a trademark of Sony Computer Entertainment, Inc. in the United States, other countries, or both and is used under license therefrom. Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both. Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. Intel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. UNIX is a registered trademark of The Open Group in the United States and other countries. Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. ITIL is a registered trademark, and a registered community trademark of the Office of Government Commerce, and is registered in the U.S. Patent and Trademark Office. IT Infrastructure Library is a registered trademark of the Central Computer and Telecommunications Agency, which is now part of the Office of Government Commerce. * All other products may be trademarks or registered trademarks of their respective companies. Notes : Performance is in Internal Throughput Rate (ITR) ratio based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput that any user will experience will vary depending upon considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve throughput improvements equivalent to the performance ratios stated here. IBM hardware products are manufactured from new parts, or new and serviceable used parts. Regardless, our warranty terms apply. All customer examples cited or described in this presentation are presented as illustrations of the manner in which some customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics will vary depending on individual customer configurations and conditions. This publication was produced in the United States. IBM may not offer the products, services or features discussed in this document in other countries, and the information may be subject to change without notice. Consult your local IBM business contact for information on the product or services available in your area. All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only. Information about non-IBM products is obtained from the manufacturers of those products or their published announcements. IBM has not tested those products and cannot confirm the performance, compatibility, or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. Prices subject to change without notice. Contact your IBM representative or Business Partner for the most current pricing in your geography. 22 © 2010 IBM Corporation Agenda • Overview of Virtual Switch and Virtual NICs • Link Aggregation • Requirements • Configuration and Commands • LACP Active vs. Inactive • Benefits • Questions? 3 © 2010 IBM Corporation 4 © 2010 IBM Corporation What’s a ‘switch’ anyway? © Cisco Corp A box that creates a LAN It can be remotely configured E.g. Turn ports on and off Similar to a home router 5 © 2010 IBM Corporation z/VM Virtual Switch A special-purpose Guest LAN – Ethernet – Built-in IEEE 802.1q bridge to outside network guest guest guest – IEEE VLAN capable Each Virtual Switch has up to 8 separate OSA-Express connections associated with it CP Created in SYSTEM CONFIG or by CP DEFINE VSWITCH command z/VM 5.3 Router AIX 6 © 2010 IBM Corporation Guest LAN vs. Virtual Switch Virtual router is required No virtual router Different subnet Same subnet External router awareness Transparent bridge Guest-managed failover CP-managed failover 7 © 2010 IBM Corporation z/VM Virtual Switch – VLAN unaware Linux VM TCP/IP VSE z/OS Virtual QDIO adapter Virtual Switch Guest LAN CP OSA-Express Same LAN segment and Ethernet LAN Access port subnet 8 © 2010 IBM Corporation A VLAN-aware switch: An inside look 2 4 2 4 2 4 2 4 3 3 T 9 © 2010 IBM Corporation Trunk Port vs. Access Port Access port carries traffic for a single VLAN T 4 4 2 4 2 Host not aware of VLANs 2 2 3 4 3 4 T 2 4 2 3 3 Trunk port carries traffic from all VLANs 2 4 3 4 3 4 Every frame is tagged with the VLAN id 10 © 2010 IBM Corporation Physical Switch to Virtual Switch T 4 4 2 4 2 2 2 3 4 3 4 Each guest can be in Trunk port carries a different VLAN traffic between CP and switch 2 4 2 3 3 4 T CP Virtual Switch 11 © 2010 IBM Corporation z/VM Virtual Switch – VLAN aware Linux VM TCP/IP VSE z/OS Virtual QDIO adapter Virtual Switch Guest LAN CP OSA-Express IEEE 802.1q transparent Ethernet LAN Trunk port bridge Multiple LANs 12 © 2010 IBM Corporation Network with VSWITCH LPAR 1 LPAR 2 z/VM web web web web z/OS app app web app DB2 VSWITCH To internet With 1 VSWITCH, 3 VLANs, and a multi-domain firewall 13 © 2010 IBM Corporation Virtual Switch Attributes Name Associated OSAs Access List One or more controlling virtual machines (minimal VM TCP/IP stack servers) – User pre-configured DTCVSW1 and DTCVSW2 – Controller not involved in data transfer – Starts, stops, and monitors OSAs – Do not ATTACH or DEDICATE Similar to Guest LAN – Owner SYSTEM – Type QDIO – Persistent – Restricted 14 © 2010 IBM Corporation Create a Virtual Switch SYSTEM CONFIG or CP command: DEFINE VSWITCH name [RDEV NONE | cuu.Pnn [cuu.Pnn [cuu.Pnn]] ] [CONNECT | DISCONNECT] [CONTROLLER * | userid ] [IP IPTIMEOUT 5 NONROUTER | ETHERNET] [NOGroup | GROup groupname] [VLAN UNAWARE | VLAN def_vid NATIVE native_vid ] [PORTTYPE ACCESS | PORTTYPE TRUNK] Example: DEFINE VSWITCH SWITCH12 RDEV 1E00 1F04 CONNECT 15 © 2010 IBM Corporation Change the Virtual Switch access list Specify after DEFINE VSWITCH statement in SYSTEM CONFIG to add users to access list MODIFY VSWITCH name GRANT userid SET [VLAN vid1 vid2 vid3 vid4] [PORTTYPE ACCESS | TRUNK] [PROmiscuous | NOPROmiscuous] SET VSWITCH name REVOKE userid Examples: MODIFY VSWITCH SWITCH12 GRANT LNX01 VLAN 3 7 105 CP SET VSWITCH SWITCH12 GRANT LNX02 PORTTYPE TRUNK VLAN 4-20 22-29 CP SET VSWITCH SWITCH12 GRANT LNX03 PRO CP QUERY LAN or VSWITCH to display current access list (see DETAILS option) 16 © 2010 IBM Corporation 17 © 2010 IBM Corporation Virtual Network Interface Card (NIC) A simulated network adapter –OSA-Express QDIO –HiperSockets –Must match LAN type Virtual Machine 3 or more devices per NIC –More than 3 to simulate port sharing on 2nd-level system or for multiple data channels Provides access to Guest LAN or Virtual Switch Guest LAN or virtual switch Created by directory or CP DEFINE NIC command 18 © 2010 IBM Corporation Virtual NIC - User Directory May be automated with USER DIRECT file: NICDEF vdev [TYPE HIPERS | QDIO] [DEVices devs ] [LAN owner name ] [CHPID xx] [MACID xxyyzz] Combined with VMLAN MACPREFIX to create Example: virtual MAC NICDEF 1100 LAN SYSTEM SWITCH1 CHPID B1 MACID B10006 19 © 2010 IBM Corporation Virtual NIC - CP Command May be interactive with CP DEFINE NIC and COUPLE commands: CP DEFINE NIC vdev [[TYPE] HIPERsockets |QDIO] [DEVices devs ] [CHPID xx ] CP COUPLE vdev [TO] owner name Example: CP DEFINE NIC 1200 TYPE QDIO CP COUPLE 1200 TO SYSTEM CSC201 20 © 2010 IBM Corporation 21 © 2010 IBM Corporation Traditional VSWITCH Setup controller guest guest guest CP OSA OSA • Up to 8 OSAs per VSWITCH • Define a VSWITCH with 3 RDEVs • Use one for data transfer, keep two as back-up devices • Automatic failover 22 © 2010 IBM Corporation Traditional VSWITCH Setup controller guest guest guest CP OSA OSAX If OSA dies or stalls, controller will detect it and switch to backup OSA • Failover to a back up OSA causes a brief network outage • Improved from release to release, but a brief outage is still technically an outage 23 © 2010 IBM Corporation