PureSystems Networking

IBM PureSystems Camp 2012 - 19./20. September + 1./2.
Oktober 2012, Bblingen
IBM PureFlex Systems Networking

Configuration & Integration
Tom.Schwaller@de.ibm.com & William.Scull@de.ibm.com
IBM System Networking
IBM Confidential
2012 IBM Corporation
IBM PureSystems Camp 2012 - 19./20. September + 1./2. Oktober 2012, Bblingen
Agenda
Naming Conventions & Switch Overview

FCoE & PureFlex Converged Switch
Node Connections to I/O Modules
Default Network Setup incl. VLANs
Browser Based Interface of Switches
Features on Demand
SNMPv3 Access Configuration
Basic Network Integration
Rack Level Network Integration
IBM Distributed Virtual Switch 5000V and IEEE 802.1Qbg

FSM NetworkControl - CEE/EVB Support
IBM Confidential
IBM Confidential
IBM Flex System I/O Module Naming Scheme
PureFlex System and IBM Flex System Products & Technology Redbook
EN2092 - 1Gb Switch

EN4091 - 10Gb Pass Thru
EN4093 - 10Gb Switch
CN4093 - Converged 10Gb Switch
4
IBM Confidential
IBM Flex System Fabric EN4093 10Gb Scalable Switch
1GbE Mgmt
IBM Confidential
Networking Infrastructure
#1 = 2x40GbE
Recommended Top-of-Rack switch

Multiple chassis of 10Gb connection G8264
#2 = 4x10GbE
Pay as you grow scalability
Optimized for performance
Efficient network automation
Enhanced virtualization
intelligence
Lower TCO
Seamless interoperability
Leadership
Proven Operating System
Exceptional Performance
< 1 s latency, up to 1.28Tbps
Scalable pay-as-you-grow design
VM aware & VM Mobility with VMready / 802.1Qbg
Virtual Fabric - carve up virtual NICs and pipes
Seamless interoperability with other vendors
switches
Works as FCoE Transit Switch with 7.3 firmware
7.5 firmware in Nov 2012
More FCoE Configurations
EN4093 Stacking, 4K VLANs
Warranty is 1 year or will match the chassis
warranty (Includes software upgrades)
Base 10 x 10GbE SFP+
Networking
IBM PureFlex System / Cisco UCS Network Topology Comparison

IBM PureFlex System
x240
x240
x240
x240
x240
x240
Up to 4*
IBM
EN4093
Up to 4*
G8264
EN4093
All network traffic within a

chassis is switched locally
Only traffic traffic from chassis
to chassis passes through the
top of the rack switch
Cisco
Cisco UCS
Up to 2*
B-Series
B-Series
B-Series
B-Series
B-Series
B-Series
2104XP
Up to 2*
6100
2104XP
IBM Confidential
Not optimized for chassis local

traffic
2104XP fabric extender
forwards all internal and
external traffic to top of the rack
switch
Higher port count required on
chassis top of the rack
connectivity
FCoE & PureFlex Converged Switch
IBM Confidential
IBM Flex System Fabric CN4093 10Gb Scalable Converged Switch (4Q12)
2 x 10Gb SFP+
Recommended Top-of-Rack switch

IBM Confidential
12 x 10GbE omni ports
Pay as you grow scalability
Optimized for performance
Efficient network automation
Enhanced virtualization
intelligence
Lower TCO
Seamless interoperability
Leadership
Proven Operating System
Exceptional Performance
< 1 s latency, up to 1.28Tbps
Scalable pay-as-you-grow design
Bulit in FCF to split FCoE packets in the chassis
12 omni ports programmable to run either
Ethernet or Fibre Channel
Virtual Fabric - carve up virtual NICs and pipes
Seamless interoperability with other vendors
switches
Warranty is 1 year or will match the chassis
warranty (Includes software upgrades)
2 x 40GbE
Networking Infrastructure
Networking
Supported x86 Flex/Cisco FCoE Configurations - Sept 2012

Adapter
Integrated Switch
FCoE ToR Switch
SAN Switch
Storage Target
OS levels
LOM & CN4054 4port adapter (BE3)

pNIC & vNIC II
EN4091 10Gb Pass

Thru Module
Nexus 5010 / 5020

Nexus 5548 / 5596
Cisco SAN
FC: V7000, SVC,

DS8K, DS3K/5K,
Tape, XIV, EMC, HDS
Win2008, ESX 4/5,

RHEL 5/6, SLES
10/11

pNIC, vNIC I & vNIC II
EN4093 10Gb Switch
Nexus 5548 / 5596
Cisco SAN
FC: V7000, SVC
Win2008 R2SP1, ESX

5.0 U1, RHEL 6.3
Key value:
Integrated Virtual Fabric and FCoE on
compute node
High performance scalable 10Gb Flex
System Fabric switch in chassis
Connects to existing or new Cisco
network.
V7000
FC
Cisco
SAN
Nexus 55XX
FC
Nexus 55XX
FC
FCoE
FCoE
LOM or CN4054
(pNIC, vNIC mode)
IBM Confidential
EN4093
EN4093
FCoE
FCoE support plan (x86 nodes) - November release

Adapter
Integrated Switch
FCoE ToR
Switch
SAN Switch
Storage Target
OS levels

pNIC & vNIC II
EN4091 10Gb Pass

Thru Module
Brocade VDX
switch
Brocade SAN
switch
FC: SVC, DS3K/5K, DS8K,

Tape, XIV
Win2008, ESX 4/5,

RHEL 5/6, SLES
10/11

EN4093 10Gb Switch
Nexus 5548 /
5596
Cisco SAN
FCoE: Storage node, V7K, FC:

SVC, DS3K/5K, DS8K, Tape,
XIV
Win2008, ESX 4/5,

RHEL 5/6, SLES
10/11

UFP
EN4093 10Gb Switch
Nexus 5548 /
5596
Cisco SAN

XIV
Win2008, ESX 4/5,

RHEL 5/6, SLES
10/11

EN4093 10Gb Switch
G8264CS (IBM
Converged ToR)
in NPIV mode
Cisco & Brocade

SAN

XIV
Win2008, ESX 4/5,

RHEL 5/6, SLES
10/11

UFP mode
EN4093 10Gb Switch
G8264CS (IBM
Converged ToR)
in NPIV mode
Cisco & Brocade

SAN

XIV
Win2008, ESX 4/5,

RHEL 5/6, SLES
10/11

EN4093 10Gb Switch
Brocade VDX
Brocade SAN

XIV
Win2008, ESX 4/5,

RHEL 5/6, SLES
10/11

UFP mode
EN4093 10Gb Switch
Brocade VDX
Brocade SAN

XIV
Win2008, ESX 4/5,

RHEL 5/6, SLES
10/11

vNIC I & II
CN4093 10Gb Switch

NPIV mode
N/A
Cisco SAN
Brocade SAN

XIV
Win2008, ESX 4/5,

RHEL 5/6, SLES
10/11

pNIC
CN4093 10Gb Switch

NPIV mode
N/A
Cisco SAN
Brocade SAN

XIV
Win2008, ESX 4/5,

RHEL 5/6, SLES
10/11
10
IBM Confidential
Node Connections to I/O Modules
11
IBM Confidential
Compute Node Connections to I/O Modules
2 Port Adaptors
12
4 Port Adaptors
IBM Confidential
Robust Connectivity: Switch, ASIC and Adapter level Redundancy

Redundant pair
Redundant pair
EN4093 (base)
EN4093 (base)
EN4093 (base)
EN4093 (Upgrade 1)
EN4093 (Upgrade 1)
EN4093 (Upgrade 1)
ASIC 2
EN4093 (base)
ASIC 1
EN4093 (Upgrade 1)
asic level redundancy
CN4054
ASIC 1
ASIC 2
CN4054
Adapter level Redundancy

13
IBM Confidential
IBM Flex System EN4093 10Gb Scalable Switch - Connection to Nodes

Node Adaptor Slot
1
Adaptor NIC
I/O Module Bay
1 (LOM & 4 port adaptors)
INTAx
INTAx
3 (4 port adaptors)
INTBx
4 (4 port adaptors)
INTBx
5 (when available)
INTCx
6 (when available)
INTCx
INTAx
INTAx
3 (4 port adaptors)
INTBx
4 (4 port adaptors)
INTBx
5 (when available)
INTCx
6 (when available)
INTCx
LOM is currently only 1 Gb

14
Port
x = Node Bay Number

IBM Confidential
IBM Flex System EN2092 1Gb Scalable Switch - Connection to Nodes

Node Adaptor Slot
1
Adaptor NIC
I/O Module Bay
Port
INTAx
INTAx
3 (4 port adaptors)
INTBx
4 (4 port adaptors)
INTBx
1 (LOM&
4 port adaptors)
INTAx
INTAx
3 (4 port adaptors)
INTBx
4 (4 port adaptors)
INTBx
x = Node Bay Number
15
IBM Confidential
Logical View of Chassis Management Module
16
IBM Confidential
Default Network Setup of PureFlex System

3 Default VLANs
VLANID 4091
VLANID 4092
VLANID 4093
VM/LPAR Management
Data Network
Management Network
vlan 4091
enable
name "OS Mgmt"
member INTA1-INTA14,EXT5
!
vlan 4092
enable
name "Data"
member INTA1-INTA14,EXT1-EXT4
!
vlan 4093
enable
name "Device Mgmt"
member EXT6-EXT10
!
spanning-tree stp 123 vlan 4091
17
IBM Confidential
Default Network Setup of PureFlex System - x86 Compute Node
18
IBM Confidential
Default Network Setup of PureFlex System - Power Compute Node
19
IBM Confidential
Brower Based Interface (BBI) of Ethernet Switches

Tabs at top to select
operation
Dashboard to
inspect
Configure to
make changes
Most operations are
two step
Submit (put
changes into
scratchpad)
Apply (make
changes take
effect)
Anything you can do
in the CLI you can
do in the GUI
Can be useful to
figure out a feature
in GUI, and then
look at CLI to see
how it is applied
20
IBM Confidential
BBI Feature on Demand Display
21
IBM Confidential
BBI Feature on Demand - Key Installation
22
IBM Confidential
CMM Software Key Display
23
IBM Confidential
SNMPv3 Access Configuration

of
Ethernet Switches
24
IBM Confidential
EN2092 / EN4093 SNMPv3 Access Configuration (1)

How to get rid of partial access status of Ethernet Switches in Resource Explorer?
Check if missing SNMP access is the reason.

If yes, check if there is a SNMPv3 User configured on the Ethernet Switch
If not (e.g. on Flex System), configure SNMPv3 User or deploy Template
Configure Access (Credentials) and check SNMPv3 status again
25
IBM Confidential

Check if missing SNMP access is the reason for the partial access message
26
IBM Confidential

Configure SNMPv3 User on the Ethernet Switch (e.g. Flex System)
snmp-server
snmp-server
snmp-server
!
snmp-server
snmp-server
!
snmp-server
snmp-server
snmp-server
snmp-server
!
snmp-server
snmp-server
!
snmp-server
snmp-server
snmp-server
user 4 name "DirectorServerSNMPv3User"

user 4 authentication-protocol sha authentication-password "ee307####"
user 4 privacy-protocol des privacy-password "ee067###"
group 4 user-name DirectorServerSNMPv3User
group 4 group-name "ibmd_grp_4"
access
access
access
access
name "ibmd_grp_4"
level authPriv
read-view "iso"
notify-view "iso"
target-address 1 name "ibmd_taddr_1" address 192.168.93.100

target-address 1 parameters-name "ibmd_tparam_1
target-parameters 1 name "ibmd_tparam_1
target-parameters 1 user-name "DirectorServerSNMPv3User
target-parameters 1 level authPriv
Type:
User:
PW:
Proto:
Privacy Proto:
Privacy PW:
27
4
4
4
4
snmpv3
adminmd5
adminmd5
MD5
DES
adminmd5
On a PureFlex System there

should be a user adminmd5
IBM Confidential

You can also create & apply a Ethernet Network Template with NetworkControl
28
IBM Confidential

29
IBM Confidential

30
IBM Confidential

Change the SNMPv3 Trap Destination in the Ethernet Network Template
31
IBM Confidential

Deploy the new SNMPv3 Template
32
IBM Confidential
EN2092 / EN4093 SNMPv3 Access Configuration

Configure SNMPv3 Access by creating a SNMPv3 Credential
33
IBM Confidential
EN2092 / EN4093 SNMPv3 Access Configuration

Configure SNMPv3 Access by creating a SNMPv3 Credential
SNMP Access Status is now OK
34
IBM Confidential
Basic Network Integration
35
IBM Confidential
Proven Interoperability: IBM and Cisco

IBM Networking OS uses standards-compliant IEEE & IETF protocols
Common IBM Networking OS on PureSystems, BladeCenter, and RackSwitch switches
Extensive IBM interoperability testing with Cisco, Juniper and others
14M+ Ethernet ports shipped worldwide connecting to servers, storage and other networks
IBM estimates 1-2M ports are connected & working with Cisco switches & cores today
Cisco-like command line interface - familiar to Cisco-trained admins
Certified Cisco Catalyst and Nexus Interoperability for IBM Networking products
Find out more: contact your

local System Networking expert
Tolly Group: Nexus Interoperability report
Tolly Group: Catalyst Interoperability report
36
36
IBM Confidential
Network Interconnection Best Practices (1)

Questions to ask regarding existing Networking Infrastructure
CK
CHE
Spanning-tree protocol deployed: PVSTP, PVRSTP, MSTP

VLAN Trunking (802.1Q): Native (Default) VLAN, Usage of VTP (VLAN Trunking Protocol)
Link Aggregation Protocol: Static, LACP, PAGP (Port Agregation Protocol)
Existing Management Infrastructure
Out-of-Band (OoB), In-Band, Management VLAN
Protocols used: Telnet, SSH, SNMP, syslog, ICMP
DO !
Interconnection Best Practices

Crossed links with upper virtualized switch or
Straight Forward with upper non virtualized switch
Spanning-tree can be disabled on Flex switches

BPDU guard needs then to be configured on upper switches ports connected to flex links
Link aggregation using LACP

PVRSTP for small to medium range of VLANs (<500)
MSTP for high range of VLANs (>500)
OoB management using FSM and dedicated network infrastructure for management
Enforce the End-Hosts Interconnection Link Configuration Verification

All unused ports or ports not yet in production in the datacenter should be
configured by default in a trash vLAN that is not flooded on all used access & dot1q trunk ports.
shutdown by default and not shutdown only by networking staff or entitled people.
37 37
IBM Confidential
Network Interconnection Best Practices (2)
38 38
IBM Confidential
ch
oa
r
pp
da
o
o
h
ac
ro
p
p
da
o
o
No spanning-Tree is needed on Flex switch with straight forward topology

Two spanning-tree features, configured on upper switches ports connected to
flex links, are associated with this solution:
- Spanning-tree bpduguard needs to be configured
- It is highly recommended to enable Edge Trunk (portfast)
spanning-tree port type edge trunk
Upper access switches
Eliminates L2 loop blocked ports on upper switches

- virtualized or not
- 100% of available links are used
Eliminates any spanning tree limitations

Better convergence speed
- LACP hashing better convergence than spanning-tree
Simplify the forwarding path when upper

switches are not virtualized
39 39
IBM Confidential
LACP to the Servers

Nexus 5K
Nexus 5K
vPC
Nexus 5K with vPC

One vPC channel to the two EN4093 switches
10Gb
EN4093 with vLAG

One vLAG port channel to each server
One vLAG port channel to the two Nexus 5K
Server NICs in LACP mode
vLAG
Linux NIC bonding mode 4 (LACP)

Shared MAC address
All ports active in all directions

MAC table synchronization on Nexus
MAC table synchronization on EN4093
Rapid Failover on any link down event
Spanning Tree mode:

EN4093
EN4093
MSTP for higher scalability or

Rapid PVST+ for easier configuration
PureFlex Compute Node

40
IBM Confidential
Servers with NICs that are not teamed

Nexus 5K
Nexus 5K
vPC
Nexus 5K with vPC

Two vPC port channels to the chassis
One vPC channel to each EN4093
switch
LACP
EN4093 with LACP uplinks

One LACP port channel from each
EN4093 to the pair of Nexus 5K
L2 Failover to assist link level failover
on servers (no beaconing)
Servers with unbonded NICs

EN4093
EN4093
Each NIC for unique purpose or

Utilizing ESX Virtual port ID load
balancing
Flex System Chassis

41
IBM Confidential
Not recommended: Connecting to FEX

Nexus 5K
Nexus 5K
FEX default behavior:

Fabric Extender
FEX
BPDU Guard
BPDU Filter
FEX
Spanning Tree
Must be disabled on EN4093 uplinks
EN4093
EN4093
Flex System Chassis

42
IBM Confidential
Connecting to Catalyst 6500 with L2 Failover

Catalyst 6500
Catalyst 6500
EN4093 with L2 Failover
Integrated switch monitors uplinks

If enough uplinks fail, switch brings
down link to servers, causing NICs to
failover over to the backup
Servers NICs in Active/Backup mode
EN4093
EN4093
L2 Failover
Flex System Chassis
43
IBM Confidential
Linux NIC Bonding mode 1

One port is active
One port is backup
If active link fails, backup port takes
over and send gratuitous ARPs to
speed convergence
Half the servers use one switch as
active path, half use the other switch
Spanning Tree Optional

Rapid Layer 2 failover on any link
down event
No Interoperability issues
Layer 2 Failover in action

Catalyst 6500
Catalyst 6500
5) Server MAC address is learned here

1) Uplinks lose connection
EN4093
EN4093
3) Server fails over to backup link

4) Server sends gratuitous ARPs to speed failover
2) Switch brings down server link
Flex System Chassis
44
IBM Confidential
Connecting to Catalyst 6500 with HotLinks

Catalyst 6500
Catalyst 6500
Servers with unteamed NICs
Each port is used for unique purpose
EN4093 with HotLinks
Integrated switch monitors uplinks

One port (or LAG) in active mode
One port (or LAG) in standby mode
If the active uplinks fail, switch fails
over to the standby port(s)
Optional: Switch can send gratuitous
ARP to speed convergence
HotLinks
EN4093
EN4093
Spanning Tree Optional

No Interoperability issues
Flex System Chassis

45
IBM Confidential
HotLinks in action
Catalyst 6500
Catalyst 6500
4) Servers MAC addresses learned here

1) Active Uplink(s) fail
2) EN4093 unblocks backup port

3) EN4093 sends gratuitous ARP
EN4093
EN4093
Flex System Chassis

46
IBM Confidential
Connecting to Catalyst 6500 with Spanning Tree

Catalyst 6500
Catalyst 6500
Servers with unteamed NICs

Each port is used for unique
purpose
EN4093 with Spanning Tree

Redundant ports are blocked
Spanning Tree modes

Per VLAN RSTP for easy
configuration
MSTP for better scalability
Root Guard on Cisco will keep
misconfigured access switches
from causing disruptions
Active/active connections are
possible by balancing spanning
tree instances on the uplinks
Flex System Chassis
47
IBM Confidential
Rack Level Network Integration
48
IBM Confidential
LACP on the Servers and vPC on the Nexus 5K/7K

Nexus 5K/7K with vPC
vPC
One vPC channel to the two RackSwitch G8264 switches
RackSwitch G8264 with vLAG

One vLAG port channel to the pair of Nexus 5K/7K switches
One vLAG port channel to each Flex System Chassis
Up to 30 Flex System Chassis per pair of G8264 switches
EN4093 with vLAG

One vLAG port channel to the two RackSwitch G8264 switches

Linux NIC bonding mode 4
Shared MAC address
vLAG
MAC table synchronization between Nexus switches

MAC table synchronization between RackSwitch
MAC table synchronization between EN4093 switches
Spanning Tree mode

Flex System Chassis

49
IBM Confidential
PureSystem Aggregation with Cisco Nexus 5548
Layer 2 or
Layer 3 on
uplinks
Cisco Fabric Path

Nexus 5548
Oversubscription
depends upon :
Number of Uplinks to
Core and Number of
Switch Members of FP
Layer 2 LAG or
Layer 3 ECMP Route
Distribution
8 x 10G
RackSwitch
G8264 in
PureFlex
Rack
50
Rack 1
Rack 2
IBM Confidential
PureSystem Aggregation with Cisco Nexus 7000

Cisco Fabric Path
Layer 2 or
Layer 3 on
uplinks
Nexus 7000
Oversubscription depends
upon :
Number of Uplinks to Core
Layer 2 LAG or
Layer 3 ECMP Route
Distribution
8 x 10G
RackSwitch
G8264 in
PureFlex
Rack
51
Rack 1
Rack 2
IBM Confidential
Servers with independent NICs

Nexus 5K/7K with vPC
vPC
One vPC channel to the two RackSwitch G8264 switches

On vLAG port channel to each EN4093
EN4093 with LACP uplinks

One LACP port channel from each EN4093 to the pair of
RackSwitch G8264s
L2 Failover to assist link level failover on servers
Servers with unbonded NICs

Each NIC for unique purpose or
Utilizing ESX Virtual port ID load balancing
vLAG
MAC table synchronization on Nexus

MAC table synchronization on EN4093
Spanning Tree mode:

Flex System Chassis

52
IBM Confidential
LACP to the Servers and Loop-Free-U to Catalyst 6500

Catalyst 6500
L3
L2
Utilize Loop-Free U, where switch interconnect is L3

Spanning tree wont block because there are no loops
One LACP channel from each 6500 to the two RackSwitch G8264
switches
LACP

One vLAG port channel to each Flex System Chassis
One vLAG port channel to each Catalyst 6500
EN4093 with vLAG

One vLAG port channel to the two RackSwitch G8264 switches
vLAG

Linux NIC bonding mode 4
Shared MAC address
MAC table synchronization between Nexus switches

MAC table synchronization between RackSwitch
MAC table synchronization between EN4093 switches
Spanning Tree mode:

Flex System Chassis

53
IBM Confidential
PureSystem Aggregation with IBM System Networking G8316

Layer 2 or
Layer 3 on
uplinks
Layer 2 or
Layer 3 on
uplinks
RackSwitch
G8316
ISL
2 x 40G
Layer 2 LAG or
Layer 3 ECMP Route
Distribution
2 x 40G
RackSwitch
G8264 in
PureFlex Rack
54
Rack 1
Rack 2
IBM Confidential
PureSystem Aggregation with Juniper EX4500 Virtual Chassis

Layer 2 or
Layer 3 on
uplinks
EX4500
Virtual Chassis
upon :
Number of Stack Members
Layer 2 LAG or
Layer 3 ECMP Route
Distribution
8 x 10G
RackSwitch
G8264 in
PureFlex
Rack
55
Rack 1
Rack 2
IBM Confidential
PureSystem Aggregation with Juniper EX8208

Layer 2 or
Layer 3 on
uplinks
EX8208
upon :
Number of Uplinks to Core
Layer 2 LAG or
Layer 3 ECMP Route
Distribution
8 x 10G
RackSwitch
G8264 in
PureFlex
Rack
56
Rack 1
Rack 2
IBM Confidential
IBM Distributed Virtual Switch 5000V

and IEEE 802.1Qbg
57
IBM Confidential
What is the IBM Distributed Virtual Switch 5000V?
Distributed Virtual Switch for VMware

For vSphere 5.0 and beyond
IBM Networking OS based Management Plane
Advanced Layer-2 Features in Control and Data Plane
Roughly equal to a stack of independent switches
controlled by remote management plane
58
58
IBM Confidential
IBM Confidential
5000V Solution Components

Controller
ISCLI-driven Management Plane

Delivered as a Virtual Appliance
Open Virtual Appliance (OVA) Format
One per Distributed Switch
Host Module
59
59
Implements Data/Control Plane

Resides in ESXi Hypervisors (vSphere 5.0)
Data Path Kernel Module (DPM) and Agent (User World)
Delivered as VMware Installation Bundle (VIB) packaged in
Offline Bundle (zip) format
IBM Confidential
IBM Confidential
5000V Architecture - Component Overview

5000V
Controller
HTTP
Qbg Switch
VDP/LLDP
IBM API
vSphere API
ESXi5
Agent
vCenter
Server
60
DPM Kernel Module

vSphere API
IBM Confidential
IBM System Networking DVS 5000V for VMware vSphere 5.0

IBM Distributed Virtual Switch for VMware vSphere 5.0
Key Features
Customer Benefits
Managed Layer 2
Distributed Virtual Switch
for VMware
Configuration and management of Distributed Virtual Switch

as any other IBM physical switch
Distributed Virtual Switch visible to the network administrators
Ability to manage and troubleshoot virtual machine traffic
Familiar Cisco like CLI to manage the Distributed Virtual Switch
Advanced Networking
Features
VLANS & Private VLAN for VM traffic separation

ACLs for VM traffic control
Local (SPAN) and remote (ERSPAN) Port Mirroring for
advanced VM traffic visibility and troubleshooting
sFlow
VM traffic statistics, Port Statistics
802.1Qbg including VEPA, VDP nd VSI Manager for IEEE
standards based VM traffic management in the network
QoS, LACP & Advanced Teaming
Advanced Management
Features
Telnet and SSH

Per-User access and Role Based Access Control (RBAC)
SNMP (Read and Write), Syslog
TACACS+, RADIUS
Per User access
61
IBM Confidential
IEEE 802.1Qbg: VEB versus VEPA
Reflective Relay
Enables hairpin forwarding
on a per port basis.
Relies on the upstream
switch for L2 switching.
VEPA advantages
VM to VM traffic visibility to physical switch, leverage the physical switch capability
to do traffic control - ACL, security features etc. Means VEB do not need to complete
complex features.
Leverage physical switch management capability like statistics, S-flow, RMON etc.
Minimizes changes to current NICs, vswitches, and external switches, by software upgrade.
62
IBM Confidential
High Level VDP Use Case Example - VM Creation

6
VM
Manager
Apps
Apps
VM
VM
VM
VM
VEB or VEPA
Push VSI
Manager ID and
Address
VSI Type
Database
VSI Discovery and

Configuration
Protocol (VDP)
Switch (a.k.a. Bridge)
VSI
Manager
63
Apps
Query available VSI types

Obtain a VSI instance
Network
Admin
Create set of
VSI Types
Apps
3
2
Physical End Station
Push VM & VSI

info to servers
virtualization
infrastructure
System Admin
VM is brought online after VDP

completes
5
Retrieve VSI
Information
IBM Confidential
L2 net(s)
802.1Qbg Solution for VMware vSphere 5

VM Management
(Creation/Migration/Deletion)
VDP Parameter Communication
VMWare vCenter
IBM VDS 5000V

Controller
VSI
Table
VM-1
VM-N
VM-1
ESXi5
ESXi5
Qbg PROTOCOLS
IBM Switch
Reflective
Relay
802.1Qbg Solution for VMware
802.1
802.1
Qbg
Qbg
IBM 5000V with 802.1Qbg on ESXi5

VM
Groups
IBM Physical switches

- IBM BladeCenter Virtual Fabric 10G switch
- G8264 RackSwitch
64
IBM DVS 5000V

With 802.1Qbg
Qbg PROTOCOLS
IBM DVS 5000V

With 802.1Qbg
Export VM Groups and VSI
Mapping Table to switches
IBM Confidential
VM-N
IBM Switch
Reflective
Relay
VSI
Table
802.1
802.1
Qbg
Qbg
VM
Groups
VSI
Table
Physical Network
Live Migration in 5000V VEPA Scenario

ESXi5 Host2
ESXi5 Host1
FILE
DB
11
WEB
DB
109
108
5000V
Qbg/VEPA
Uplink
Uplink
8
VFSM
RR
IBM NOS 7.2.2.0
RR
Qbg
VLAN 1100
Client
Port Group
standalone
invisible
ACL: Deny Port 80 Response
VLAN 1200
Bandwidth Limiting
65
IBM Confidential
FSM NetworkControl
CEE/EVB Support
66
IBM Confidential
UPCOMING
IBM Systems Director 6.3.2 (Nov 2012 release)

Support for CEE and EVB on IBM Switches
- CEE Configuration Templates
- EVB Configuration Templates
- VSI Database Management
Available on FSM for PureFlex
67
IBM Confidential
CEE Configuration Template Support for IBM Switches
68
IBM Confidential
EVB Configuration Template Support for IBM Switches
69
IBM Confidential
EVB VSI Database Configuration for VSI Database on ISD/FSM
70
IBM Confidential
Trademarks
Trademarks
The following are trademarks of the International Business Machines Corporation in the United States and/or other countries. For a complete list of IBM Trademarks, see
www.ibm.com/legal/copytrade.shtml: AS/400, DBE, e-business logo, ESCO, eServer, FICON, IBM, IBM Logo, iSeries, MVS, OS/390, pSeries, RS/6000, S/30, VM/ESA, VSE/ESA,
Websphere, xSeries, z/OS, zSeries, z/VM
The following are trademarks or registered trademarks of other companies
Lotus, Notes, and Domino are trademarks or registered trademarks of Lotus Development Corporation
Java and all Java-related trademarks and logos are trademarks of Sun Microsystems, Inc., in the United States and other countries
LINUX is a registered trademark of Linux Torvalds
UNIX is a registered trademark of The Open Group in the United States and other countries.
Microsoft, Windows and Windows NT are registered trademarks of Microsoft Corporation.
SET and Secure Electronic Transaction are trademarks owned by SET Secure Electronic Transaction LLC.
Intel is a registered trademark of Intel Corporation
* All other products may be trademarks or registered trademarks of their respective companies.
NOTES:
Performance is in Internal Throughput Rate (ITR) ratio based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput that
any user will experience will vary depending upon considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage configuration, and the
workload processed. Therefore, no assurance can be given that an individual user will achieve throughput improvements equivalent to the performance ratios stated here.
IBM hardware products are manufactured from new parts, or new and serviceable used parts. Regardless, our warranty terms apply.
All customer examples cited or described in this presentation are presented as illustrations of the manner in which some customers have used IBM products and the results they may have
achieved. Actual environmental costs and performance characteristics will vary depending on individual customer configurations and conditions.
This publication was produced in the United States. IBM may not offer the products, services or features discussed in this document in other countries, and the information may be subject
to change without notice. Consult your local IBM business contact for information on the product or services available in your area.
All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.
Information about non-IBM products is obtained from the manufacturers of those products or their published announcements. IBM has not tested those products and cannot confirm the
performance, compatibility, or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.
Prices subject to change without notice. Contact your IBM representative or Business Partner for the most current pricing in your geography.
References in this document to IBM products or services do not imply that IBM intends to make them available in every country.
Any proposed use of claims in this presentation outside of the United States must be reviewed by local IBM country counsel prior to such use.
The information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of
the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.
Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those
Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk.
71
IBM Confidential

PureSystems Networking

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

PureSystems Networking

Hochgeladen von

Copyright:

Verfügbare Formate

IBM PureSystems Camp 2012 - 19./20. September + 1./2.

Oktober 2012, Bblingen

IBM PureFlex Systems Networking

2012 IBM Corporation

Naming Conventions & Switch Overview

IBM Distributed Virtual Switch 5000V and IEEE 802.1Qbg

2012 IBM Corporation

IBM PureFlex Systems Networking

2012 IBM Corporation

IBM Flex System I/O Module Naming Scheme

EN2092 - 1Gb Switch

2012 IBM Corporation

IBM Flex System Fabric EN4093 10Gb Scalable Switch

2012 IBM Corporation

Recommended Top-of-Rack switch

Pay as you grow scalability

Optimized for performance

Efficient network automation

Base 10 x 10GbE SFP+

IBM PureFlex System / Cisco UCS Network Topology Comparison

All network traffic within a

Not optimized for chassis local

FCoE & PureFlex Converged Switch

2012 IBM Corporation

Recommended Top-of-Rack switch

2012 IBM Corporation

12 x 10GbE omni ports

Pay as you grow scalability

Optimized for performance

Efficient network automation

Supported x86 Flex/Cisco FCoE Configurations - Sept 2012

FCoE ToR Switch

LOM & CN4054 4port adapter (BE3)

EN4091 10Gb Pass

Nexus 5010 / 5020

FC: V7000, SVC,

Win2008, ESX 4/5,

LOM & CN4054 4port adapter (BE3)

EN4093 10Gb Switch

Nexus 5548 / 5596

FC: V7000, SVC

Win2008 R2SP1, ESX

2012 IBM Corporation

FCoE support plan (x86 nodes) - November release

LOM & CN4054 4port adapter (BE3)

EN4091 10Gb Pass

FC: SVC, DS3K/5K, DS8K,

Win2008, ESX 4/5,

LOM & CN4054 4port adapter (BE3)

EN4093 10Gb Switch

FCoE: Storage node, V7K, FC:

Win2008, ESX 4/5,

LOM & CN4054 4port adapter (BE3)

EN4093 10Gb Switch

FCoE: Storage node, V7K, FC:

Win2008, ESX 4/5,

LOM & CN4054 4port adapter (BE3)

EN4093 10Gb Switch

Cisco & Brocade

FCoE: Storage node, V7K, FC:

Win2008, ESX 4/5,

LOM & CN4054 4port adapter (BE3)

EN4093 10Gb Switch

Cisco & Brocade