L2 Cache

Behold the power of |!

User Tools

Site Tools


snipets:solaris:net-etherstub

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
snipets:solaris:net-etherstub [2012/09/21 09:44]
sjorge [Introduction]
snipets:solaris:net-etherstub [2014/10/09 22:02] (current)
Line 4: Line 4:
  
 Take the following example:\\ Take the following example:\\
-{{:​snipets:​solaris:​etherstub-example.png?​nolink|}} +{{ :​snipets:​solaris:​etherstub-example.png?​200|}} 
-You have 2 database instances ​and 2 application ​servers ​behind ​reverse proxyLet'​s ​assume ​you are using mix of zones and kvm instances ​to run each component+You have
 +  * 1 reverse proxy to filter traffic ​and do loadbalancing 
 +  * applications ​servers 
 +  * 2 database servers 
 + 
 +Say you run each component in either zone or KVM instance, 
 +you can then give each vnic that is linked to your main network interface 
 +But will put more traffic on your physical switch and also open up some security issues. You could ofcourse use VLAN'​s ​but that again adds more administrative complexity. 
 + 
 +To solve this you can use an etherstub with vnics for the database and application servers. The proxy will also have vnic on the etherstub and one on the physical interface. 
 + 
 +This approuce will: 
 +  * **reduce the need for VLAN'​s,​** this elminitating the extra complexity ​of your physical network. 
 +  * **eliminate the traffic on the physical switch** 
 +  * **security benifits**, the backend servers are not connected to the physical network. 
 + 
 +Bellow I'll give some examples on how to create an etherstub ​and how to add vnics to it. 
 + 
 +===== Creating an etherstub ===== 
 +<​code>​dladm create-etherstub vSwitch0</​code>​ 
 + 
 +===== Adding/​removing vnics to/from an etherstub ===== 
 +Please see [[snipets:​solaris:​net-vnic|]],​ just provide the name of the etherstub instead of the physical interface/​aggr/​... after the ''​-l''​ flag. 
 + 
 +===== Displaying all etherstubs ===== 
 +<​code>​dladm show-etherstub</​code>​ 
 + 
 +===== Removing an etherstubs ===== 
 +<​code>​dladm delete-etherstub vSwitch0</​code>​ 
 + 
 +===== Example ===== 
 +Here is an example for the setup displayed above. ​ This creates the etherstub, 2 vnics for the proxy vm, 1 vnic for each database and application servers. 
 +<​code>​ 
 +dladm create-etherstub vsw0 
 +dladm create-vnic -l trunk0 vpr0 
 +dladm create-vnic -l vsw0 vpr1 
 +dladm create-vnic -l vsw0 zdb0 
 +dladm create-vnic -l vsw0 zdb1 
 +dladm create-vnic -l vsw0 zapp0 
 +dladm create-vnic -l vsw0 zapp1 
 +dladm set-linkprop -p protection=mac-nospoof vpr0 
 +dladm set-linkprop -p protection=mac-nospoof vpr1 
 +dladm set-linkprop -p protection=mac-nospoof zdb0 
 +dladm set-linkprop -p protection=mac-nospoof zdb1 
 +dladm set-linkprop -p protection=mac-nospoof zapp0 
 +dladm set-linkprop -p protection=mac-nospoof zapp1 
 +</​code>​
snipets/solaris/net-etherstub.1348213471.txt.gz · Last modified: 2014/10/09 22:02 (external edit)