Migrating TCPIP to the z/VM Virtual Switch (August 2007)

Migrating TCPIP to the z/VM Virtual Switch (August 2007)
Migrating to the z/VM Virtual Switch
Session 9132
Alan Altmark, IBM
z/VM Development
Endicott, NY
© 2006, 2007 IBM Corporation
IBM Systems
IBM Systems
Note
References to IBM products, programs, or services do not imply that IBM
intends to make these available in all countries in which IBM operates. Any
reference to an IBM product, program, or service is not intended to state or
imply that only IBM's product, program, or service may be used. Any
functionally equivalent product, program, or service that does not infringe
on any of the intellectual property rights of IBM may be used instead. The
evaluation and verification of operation in conjunction with other products,
except those expressly designed by IBM, are the responsibility of the user.
The following terms are trademarks of the International Business Machines
Corporation in the United States or other countries or both:
IBM
IBM logo
z/VM
Other company, product, and service names may be trademarks or service
marks of others.
© Copyright 2006, 2007 by International Business Machines Corporation
2
© 2006, 2007 IBM Corporation
IBM Systems
Topics
ƒ Routing vs. Bridging
ƒ What’s a switch?
ƒ VLAN-unaware migration
ƒ VLAN-aware migration
3
© 2006, 2007 IBM Corporation
IBM Systems
Review: Guest LAN vs. Virtual Switch
Guest
Guest LAN
Guest
Guest
Guest
Guest
Virtual Switch
Ethernet LAN
ƒ Virtual router is required
ƒ No virtual router
ƒ Different subnet
ƒ Same subnet
ƒ External router awareness
ƒ Transparent bridge
ƒ Guest-managed failover
ƒ CP-managed failover
4
© 2006, 2007 IBM Corporation
IBM Systems
A routed Guest LAN
web
web
web
Subnet B
Router
web
Virtual router to
connect Guest LAN
to Ethernet
Often VM TCP/IP
z/VM
OSA
Subnet A
Switch
5
© 2006, 2007 IBM Corporation
IBM Systems
A bridged Guest LAN using VSWITCH
web
web
web
Subnet B
web
No virtual router
required
Built-in transparent
bridge
z/VM
OSA
Subnet B
Switch
6
© 2006, 2007 IBM Corporation
IBM Systems
What’s a switch?
© Cisco Corp
A
box that creates a LAN
It
can be remotely configured
E.g.
Contains
7
Turn ports on and off
a built-in router
© 2006, 2007 IBM Corporation
IBM Systems
Switch functions
ƒ Enable and disable a port
ƒ Set port type: trunk or access
ƒ Assign port to one or more VLANs
ƒ Set port speed: 10 / 100 / 1000 / Auto
ƒ Set port duplex mode: Simplex / Duplex / Auto
ƒ Define an internal router
ƒ Define SNAP (sniffer) ports
8
© 2006, 2007 IBM Corporation
IBM Systems
A routed Guest LAN
web
web
web
web
10.0.1 / 24
10.0.1.254
Router
20.17.19.85
Default gateway for Guest LAN hosts
z/VM
OSA
Default gateway for VSWITCH hosts
20.17.19.254
20.17.19 / 24
9
Switch
© 2006, 2007 IBM Corporation
IBM Systems
z/VM Virtual Switch – VLAN unaware
Linux
VM TCP/IP
VSE
z/OS
Virtual QDIO
adapter
Virtual Switch Guest LAN
CP
OSA-Express
Ethernet LAN
10
LAN Bridge
Same LAN
segment and
subnet
© 2006, 2007 IBM Corporation
IBM Systems
11
© 2006, 2007 IBM Corporation
IBM Systems
Current Cisco 6509 Switch Configuration
ƒ OSA is plugged into port 7 of slot 2
ƒ Port is defined as an access port
VLAN unaware host
ƒ Port is currently assigned to VLAN 201
While in ENABLE mode:
#set vlan 201 name vlan201 mtu 1500
#set vlan 201 2/7
While in CONFIG mode:
#interface vlan 201
#ip address 20.17.19.254 255.255.255.0
12
© 2006, 2007 IBM Corporation
IBM Systems
CP – SYSTEM CONFIG
DEFINE
MODIFY
MODIFY
MODIFY
MODIFY
MODIFY
13
LAN
LAN
LAN
LAN
LAN
LAN
WEBNET
WEBNET
WEBNET
WEBNET
WEBNET
WEBNET
TYPE QDIO RESTRICTED
GRANT LINUX001
GRANT LINUX002
GRANT LINUX003
GRANT LINUX004
GRANT TCPIP
© 2006, 2007 IBM Corporation
IBM Systems
VM TCP/IP directory
USER TCPIP XXXXXXXX 32M 128M ABG
:
* Guest LAN
NICDEF E00 TYPE QDIO LAN SYSTEM WEBNET
* OSA
DEDICATE C200 C200
DEDICATE C201 C201
DEDICATE C202 C202
:
14
© 2006, 2007 IBM Corporation
IBM Systems
VM TCP/IP Profile
; Syntax is z/VM 5.2
; eth0 is the external OSA
DEVICE ETH0 OSD C200
LINK
ETH0 QDIOETHERNET ETH0
MTU 1500
; eth1 is Guest LAN
DEVICE ETH1 OSD E00
LINK
ETH1 QDIOETHERNET ETH1
MTU 1500
HOME
20.17.19.85/24
10.0.1.254/24
GATEWAY
defaultnet
15
ETH0
ETH1
20.17.19.254
ETH0 0
© 2006, 2007 IBM Corporation
IBM Systems
Linux directory entry
USER LINUX002 XXXXXXXX 128M 2048M G
:
* Guest LAN
NICDEF C204 TYPE QDIO LAN SYSTEM WEBNET
:
16
© 2006, 2007 IBM Corporation
IBM Systems
Linux configuration - network
ƒ ifconfig eth0 10.0.1.5 mask 255.255.255.0 mtu 1500
ƒ route add default gw 10.0.1.254
17
© 2006, 2007 IBM Corporation
IBM Systems
18
© 2006, 2007 IBM Corporation
IBM Systems
Methodology #1
ƒ Create a new VLAN in the Cisco switch to carry the subnet
being moved
ƒ Associate the OSA with the new VLAN
ƒ Add a new router to the switch
ƒ Delete the router from z/VM
ƒ Connect the VSWITCH
19
© 2006, 2007 IBM Corporation
IBM Systems
Cisco Catalyst 6509 (running CatOS)
ƒ While in ENABLE mode:
#set vlan 202 name webnet mtu 1500
#set vlan 202 2/7
ƒ While in CONFIG mode:
#interface vlan 202
#ip address 10.0.1.254 255.255.255.0
ƒ If you do not have a router function in your switch
add another interface on your router
plug it into another port
add the new port to vlan 202
20
© 2006, 2007 IBM Corporation
IBM Systems
CP – SYSTEM CONFIG
* from
DEFINE
MODIFY
MODIFY
MODIFY
MODIFY
MODIFY
Guest LAN…
LAN WEBNET
LAN WEBNET
LAN WEBNET
LAN WEBNET
LAN WEBNET
LAN WEBNET
* …to
DEFINE
MODIFY
MODIFY
MODIFY
MODIFY
VLAN-unaware VSWITCH
VSWITCH WEBNET RDEV C200
VSWITCH WEBNET GRANT LINUX001
VSWITCH WEBNET GRANT LINUX002
VSWITCH WEBNET GRANT LINUX003
VSWITCH WEBNET GRANT LINUX004
21
RESTRICTED TYPE QDIO
GRANT LINUX001
GRANT LINUX002
GRANT LINUX003
GRANT LINUX004
GRANT TCPIP
Note that TCPIP is
not in the access
list on the
VSWITCH
© 2006, 2007 IBM Corporation
IBM Systems
22
© 2006, 2007 IBM Corporation
IBM Systems
A routed Guest LAN
web
web
web
web
10.0.1 / 24
10.0.1.254
Router
20.17.19.85
Default gateway for Guest LAN hosts
TCPIP
20.17.19.85 z/VM
OSA
Default gateway for VSWITCH hosts
20.17.19.254
20.17.19 / 24
23
Switch
© 2006, 2007 IBM Corporation
IBM Systems
A VLAN-aware switch: An inside look
2
4
2
4
2
4
2
4
3
3
T
24
© 2006, 2007 IBM Corporation
IBM Systems
z/VM Virtual Switch – VLAN aware
Linux
VM TCP/IP
VSE
z/OS
Virtual QDIO
adapter
Virtual Switch Guest LAN
CP
OSA-Express
Ethernet LAN
27
Trunk port
IEEE 802.1q
transparent
bridge
© 2006, 2007 IBM Corporation
IBM Systems
28
© 2006, 2007 IBM Corporation
IBM Systems
Methodology #2
ƒ Use a single OSA port to carry traffic for both VM TCP/IP and
the Linux guests
ƒ Use a VLAN-aware VSWITCH
ƒ Add a new router to the switch
ƒ Allow VLAN tags for both subnets to flow on the OSA port
29
© 2006, 2007 IBM Corporation
IBM Systems
CP – SYSTEM CONFIG
* from
DEFINE
MODIFY
MODIFY
MODIFY
MODIFY
MODIFY
a Guest LAN…
LAN WEBNET RESTRICTED TYPE QDIO
LAN WEBNET GRANT LINUX001
LAN WEBNET GRANT LINUX002
LAN WEBNET GRANT LINUX003
LAN WEBNET GRANT LINUX004
LAN WEBNET GRANT TCPIP
* …to a VLAN-aware VSWITCH
DEFINE VSWITCH WEBNET RDEV C200 VLAN 1
MODIFY VSWITCH WEBNET GRANT LINUX001 VLAN 202
MODIFY VSWITCH WEBNET GRANT LINUX002 VLAN 202
MODIFY VSWITCH WEBNET GRANT LINUX003 VLAN 202
MODIFY VSWITCH WEBNET GRANT LINUX004 VLAN 202
MODIFY VSWITCH WEBNET GRANT TCPIP VLAN 201
The native VLAN id of the switch should match
the VLAN specified on DEFINE VSWTICH
30
© 2006, 2007 IBM Corporation
IBM Systems
Cisco Catalyst 6509 (running CatOS)
ƒ While in ENABLE mode:
#set vlan 202 name webnet mtu 1500
#set trunk 2/7 on dot1q 1,201-202
ƒ While in CONFIG mode:
#interface vlan 202
#ip address 10.0.1.254 255.255.255.0
ƒ If you do not have a router function in your switch
add another interface on your router
plug it into another port
add the new port to vlan 202
31
© 2006, 2007 IBM Corporation
IBM Systems
VM TCP/IP directory
USER TCPIP XXXXXXXX 32M 128M ABG
:
* Virtual Switch
NICDEF C200 TYPE QDIO LAN SYSTEM WEBNET
32
© 2006, 2007 IBM Corporation
IBM Systems
VM TCP/IP Profile
; Syntax is z/VM 5.2
; eth0 is the external OSA
DEVICE ETH0 OSD C200
LINK
ETH0 QDIOETHERNET ETH0
MTU 1500
HOME
20.17.19.85
GATEWAY
defaultnet
33
255.255.255.0
20.17.19.254
ETH0
ETH0 0
© 2006, 2007 IBM Corporation
IBM Systems
34
© 2006, 2007 IBM Corporation
IBM Systems
Summary
ƒ Conversion is relatively easy
ƒ Draw pictures
ƒ There are choices:
Separate OSA ports, each assigned to a separate VLAN
A single OSA port that trunks multiple VLANs
A combination
35
© 2006, 2007 IBM Corporation
IBM Systems
Contact Information
ƒ By e-mail:
Alan_Altmark@us.ibm.com
ƒ In person:
USA 607.429.3323
ƒ On the Web:
http://ibm.com/vm/devpages/altmarka
ƒ Mailing lists:
IBMTCP-L@vm.marist.edu
IBMVM@listserv.uark.edu
LINUX-390@vm.marist.edu
http://ibm.com/vm/techinfo/listserv.html
36
© 2006, 2007 IBM Corporation
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising