HP Integrity Virtual Machines Installation, Configuration, and Administration Version A.03.50

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 Integrity Virtual Machines Host Per Core License LTU

111

112

113

114

115

116

117

118

119

120

Figure 8-2 Integrity VM VLAN Configuration Example

VM Host VM Host

VSwitch2

VSwitch1

Guest

VM1

Guest

VM2

PNIC 1

Internet

PNIC 2

VLAN1

VSwitch2

VSwitch1

Guest

VM3

Guest

VM4

VLAN1

PNIC 2

PNIC 1

A vNIC on a guest is associated with a port on the vswitch and all network communication to

and from the guest passes through this vswitch port. You can configure VLAN rules on the

individual ports of the vswitch, similar to most physical switches. Each VLAN is identified by

a VLAN identifier (VLAN ID). The VLAN ID is a number in the range 0-4094. A port on the

vswitch can be assigned a VLAN ID that identifies the VLAN to which the port (and, therefore,

the guest vNIC using that port) belongs.

Ports on a vswitch that are configured for the same VLAN ID can communicate with each other.

Ports on a vswitch that are configured for different VLAN IDs are isolated from each other. Ports

on a vswitch that do not have any VLAN ID assigned cannot communicate with ports that have

a VLAN ID assigned, but they can communicate with other ports that have no VLAN ID assigned.

If the guest has to communicate with the VM Host or outside the VM Host over a VLAN,

additional configuration is necessary. For communication to the VM host, configure a VLAN

interface on the VM host interface for that vswitch. This VLAN interface should have the same

VLAN ID as the guest port. For information about configuring VLANs on the VM Host, see the

Using HP-UX VLANs manual. Do not use the hpvmnet command to create a virtual switch that

is associated with a VLAN port on the VM Host (that is, a LAN created with lanadmin -V).

This “nested VLAN” configuration is not supported.

Frames arriving at the vswitch from a guest can be “tagged” by the vswitch. Tagging consists of

inserting the VLAN ID information into the MAC header before forwarding the frame on. Tagged

frames destined for a guest are always stripped of the tag information in the frame before being

forwarded. For Integrity VM, only tag-unaware guests are supported.

To configure a VLAN, follow this procedure:

1. Create and start the vswitch. For example, to create and boot vswitch vmlan4 on lan1,

enter the following command:

# hpvmnet -c -S vmlan4 -n 1

# hpvmnet -b -S vmlan4

2. Use the hpvmnet command with the —u option to create the port and assign it a VLAN ID.

For example, to create ports 1 and 2 for VLAN 100, enter the following command:

# hpvmnet -S vmlan4 -u portid:1:vlanid:100

# hpvmnet -S vmlan4 -u portid:2:vlanid:100

3. Add the vswitch ports to the guest configuration using the hpvmmodify command. For

example, to add the new VLAN ports to guests vm1 and vm2, enter the following command:

8.4 Configuring VLANs 117