L2 Cache

Behold the power of |!

User Tools

Site Tools


snipets:solaris:net-etherstub

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
snipets:solaris:net-etherstub [2012/09/21 09:06]
sjorge created
snipets:solaris:net-etherstub [2014/10/09 22:02] (current)
Line 1: Line 1:
 ====== Etherstubs / Virtual Switches ====== ====== Etherstubs / Virtual Switches ======
 ===== Introduction ===== ===== Introduction =====
 +Etherstubs seem to confuse some people. Things usually get  cleared up when I compare the to vSwitches.
  
 +Take the following example:\\
 +{{ :​snipets:​solaris:​etherstub-example.png?​200|}}
 +You have:
 +  * 1 reverse proxy to filter traffic and do loadbalancing
 +  * 2 applications servers
 +  * 2 database servers
  
 +Say you run each component in either zone or KVM instance,
 +you can then give each a vnic that is linked to your main network interface. ​
 +But will put more traffic on your physical switch and also open up some security issues. You could ofcourse use VLAN's but that again adds more administrative complexity.
 +
 +To solve this you can use an etherstub with vnics for the database and application servers. The proxy will also have a vnic on the etherstub and one on the physical interface.
 +
 +This approuce will:
 +  * **reduce the need for VLAN'​s,​** this elminitating the extra complexity of your physical network.
 +  * **eliminate the traffic on the physical switch**
 +  * **security benifits**, the backend servers are not connected to the physical network.
 +
 +Bellow I'll give some examples on how to create an etherstub and how to add vnics to it.
 +
 +===== Creating an etherstub =====
 +<​code>​dladm create-etherstub vSwitch0</​code>​
 +
 +===== Adding/​removing vnics to/from an etherstub =====
 +Please see [[snipets:​solaris:​net-vnic|]],​ just provide the name of the etherstub instead of the physical interface/​aggr/​... after the ''​-l''​ flag.
 +
 +===== Displaying all etherstubs =====
 +<​code>​dladm show-etherstub</​code>​
 +
 +===== Removing an etherstubs =====
 +<​code>​dladm delete-etherstub vSwitch0</​code>​
 +
 +===== Example =====
 +Here is an example for the setup displayed above. ​ This creates the etherstub, 2 vnics for the proxy vm, 1 vnic for each database and application servers.
 +<​code>​
 +dladm create-etherstub vsw0
 +dladm create-vnic -l trunk0 vpr0
 +dladm create-vnic -l vsw0 vpr1
 +dladm create-vnic -l vsw0 zdb0
 +dladm create-vnic -l vsw0 zdb1
 +dladm create-vnic -l vsw0 zapp0
 +dladm create-vnic -l vsw0 zapp1
 +dladm set-linkprop -p protection=mac-nospoof vpr0
 +dladm set-linkprop -p protection=mac-nospoof vpr1
 +dladm set-linkprop -p protection=mac-nospoof zdb0
 +dladm set-linkprop -p protection=mac-nospoof zdb1
 +dladm set-linkprop -p protection=mac-nospoof zapp0
 +dladm set-linkprop -p protection=mac-nospoof zapp1
 +</​code>​
snipets/solaris/net-etherstub.1348211189.txt.gz · Last modified: 2014/10/09 22:02 (external edit)