Information Technology Reference
In-Depth Information
Another way to assign a VLAN ID is to assign it to the virtual switch.
This is similar to the preceding method, where the ID is configured on the physical
switch, but this requires the port on the physical switch to be configured in trunk mode
to allow all traffic for all VLANs to pass through, giving the job of packet segregation
to the virtual switch. That virtual switch is now dedicated to that specific VLAN, and
all virtual machines attached to it belong to that VLAN segment.
The third method is to assign the VLAN IDs in the virtual machines themselves by
configuring their virtual NICs.
In this way, each VM already knows which VLAN it is assigned to and will accept all
communication meant for it and drop the rest. No further configuration has to be done on
the virtual switch, and only one virtual switch is required even though we can have multiple
VLANs active at the virtual machine level. A port on the physical switch needs to be config-
ured as trunk for this to work.
Binding Interfaces
As mentioned in the section “Interface Configuration” earlier in this chapter, in order for
a connected machine to be able to ping the switch or communicate at all, there must be an
existing VLAN interface on the switch to allow routing of correct packets with VLAN tags
associated with them.
Once the logical or VLAN interface has been created, it is bound to the VLAN ID in order
to associate the IP address of the interface with a specific VLAN. Again, the commands and
where you input them might be different depending on your network solution provider, so
consult the technical documentation for your specific network equipment.
Virtual Storage Area Network
A virtual storage area network (VSAN) is based on the same concept as the VLAN. The
physical counterpart, the SAN, is a dedicated network that interconnects different hosts
and storage devices with the primary goal of exchanging SCSI traffic. It's basically a net-
work to consolidate all storage devices into a network in and of itself. Physical connections
are of course used here together with a set of protocols that handle routing, traffic, naming,
and zoning.
In concept, a VSAN is very much like a VLAN in that it creates additional segmentation
and isolation from a larger network. For example, in a single SAN with 10 storage servers,
you can create any number of VSANs that connect different servers virtually isolated from
the others in order to fulfill a specific purpose. Usually it is to give specific users access to
only a specific portion instead of the whole SAN.
The main purpose of a VSAN is to achieve greater security and stability within Fibre
Channel fabrics by creating isolation among physically connected devices. You can create
multiple logical SANs over the same common fabric. And although a VSAN has all of the
properties of a SAN, it has some added advantages:
The same topology can be shared by multiple VSANs.
VSAN scalability can be increased by using the same Fibre Channel ID on another host
in a different VSAN.
Search WWH ::




Custom Search