| Skip Navigation Links | |
| Exit Print View | |
|
Using Virtual Networks in Oracle Solaris 11.1 Oracle Solaris 11.1 Information Library |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Using Virtual Networks in Oracle Solaris 11.1 Oracle Solaris 11.1 Information Library |
1. Network Virtualization and Resource Management in Oracle Solaris
Overview of Network Virtualization
Components of Network Virtualization
Who Should Implement Virtual Networks?
Commands for Configuring Virtualization Components
Overview of Network Resource Management
Datalink Properties for Resource Control
2. Creating and Administering Virtual Networks in Oracle Solaris
3. Managing Network Resources in Oracle Solaris
4. Monitoring Network Traffic and Resource Usage in Oracle Solaris
This section explains different methods you can use to manage the use of network resources on a system.
In Oracle Solaris 11, quality of service (QoS) is obtained more easily and dynamically by managing network resources. Network resource management consists of setting datalink properties that pertain to network resources. By setting these properties, you determine how much of a given resource can be used for networking processes. For example, a link can be associated with a specific number of CPUs that are reserved exclusively for networking processes. Or, a link can be allotted a given bandwidth to process a specific type of network traffic.
After a resource property is defined, the new value takes effect immediately. This method makes managing resources flexible. You can set resource properties when you create the link. Alternatively, you can set these properties later, for example, after studying resource usage over time and determining how to better allocate the resource. The procedures for allocating resources apply to both the virtual network environment as well as the traditional physical network. For example, you use the dladm set-linkprop command to set properties that are related to network resources. The same syntax is used on both physical and virtual datalinks.
Network resource management is comparable to creating dedicated lanes for traffic. When you combine different resources to cater to specific types of network packets, those resources form a network lane for those packets. Resources can be assigned differently for each network lane. For example, you can allocate more resources to a lane where network traffic is heaviest. By configuring network lanes where resources are distributed according to actual need, you increase the system's efficiency to process packets. For more information about network lanes, see Overview of Network Traffic Flow.
Network resource management is helpful for the following tasks:
Network provisioning
Billing clients
Diagnosing security problems
You can isolate, prioritize, track, and control data traffic on an individual system without the complex QoS rule definitions.
A flow is a customized way of categorizing packets to further control how resources are used to process these packets. Network packets can be categorized according to an attribute. Packets that share an attribute constitute a flow and are labeled with a specific flow name. The flow can then be assigned specific resources.
The attributes that serve as the basis for creating flows are derived from the information in a packet's header. You can organize packet traffic into a flow according to one of the following attributes:
IP address
Application port number (for example, port 21 for FTP)
DS field attribute, which is used for QoS in IPv6 packets only. For more information about the DS field, refer to Managing IP Quality of Service in Oracle Solaris 11.1.
A flow can be based on only one of the attributes in the list. For example, you can create a flow according to the port that is being used, such as port 21 for FTP, or according to IP addresses, such as packets from a specific source IP address. However, you cannot create a flow for packets from a specified IP address that are received on port number 21. Likewise, you cannot create a flow for all traffic from IP address 192.168.1.10 and then create a flow for transport layer traffic on 192.168.1.10. Thus, you can configure multiple flows on a system, with each flow based on a different attribute.
The command to use for allocating network resources depends on whether you are directly working on datalinks or on flows.
For datalinks, you use the appropriate dladm subcommand depending on whether you are setting the property while creating the link or while setting the property of an existing link. To simultaneously create a link and allocate resources to it, use the following syntax:
# dladm create-vnic -l link -p property=value[,property=value] vnic
where link can be either a physical link or a virtual link.
To set the property of an existing link, use the following syntax:
# dladm set-linkprop -p property=value[,property=value] link
The following are link properties that you can set for resource allocation:
Bandwidth – You can limit a hardware's bandwidth for a certain link's use.
NIC rings – If a NIC supports ring allocation, its transmit and receive rings can be dedicated for use by datalinks. NIC rings are discussed in Working With Clients, Transmit Rings, and Receive Rings.
CPU pools – Pools of CPUs are generally created and associated with specific zones. These pools can be assigned to datalinks to reserve the sets of CPUs to manage the network processes of their associated zones. CPUs and pools are discussed in Working With Pools and CPUs.
CPUs – On a system with multiple CPUs, you can dedicate a given number of CPUs for specific network processing.
For flows, you use flowadm subcommands. Managing resources on flows parallels the methods for managing resources on datalinks. To simultaneously create a flow and add resources to it, use the following syntax:
# flowadm add-flow -l link -a attribute=value[,attribute=value] \ -p property=value[,property=value] flow
The set of defined attributes that characterizes the flows constitutes the system's flow control policy.
To set the property of an existing flow, use the following syntax:
# flowadm set-flowprop -p property=value[,property=value] flow
The properties for resource allocation that can be assigned to a flow are the same as the properties that are assigned directly to a link. Currently however, only the bandwidth properties can be associated with flows. Although the commands to set properties are different for datalinks and for flows, the syntax is similar. To configure the bandwidth properties, see the examples in How to Configure Flows
For more details about the flowadm command, refer to the flowadm(1M) man page. For a list of subcommands to use with the flowadm command, type the following:
# flowadm help
The following subcommands are supported:
Flow : add-flow remove-flow reset-flowprop
set-flowprop show-flow show-flowprop
For more info, run: flowadm help <subcommand>.
|