Objective:
Create a virtual/physical separation between different kinds of CVM traffic. Each type of traffic can be on different vLANs (virtual) or a completely different physical switch. Different type of CVM traffic are:
- Management: Prism, SSH, Rsyslog, SNMP, PE-PC etc. Any communication that requires the default gateway.
- Backplane: Mainly CVM
CVM communication that happens between cluster services. Host Host and Host CVM traffic also comes under this category. - Service: This is a user defined traffic type where-in he can choose a particular AOS feature to be separated out of other traffic types.
- RDMA: This is a type of Service traffic but only limited to Stargate service.
Solution Summary:
The way to achieve these separations is by creating a new interface (vNIC) on CVMs for each traffic type. By default all the traffic types happen over management interface (eth0) and user can decide to segment other traffic types to new CVM interfaces one at a time. RDMA is a special segmentation type which does not consist of any vNICs, instead we passthrough a physical NIC from hypervisor onto the CVMs which Stargate can directly consume for remote memory access. Backplane interface (eth2) is always created as part of deployment by foundation but is unused without any IP until the user decides to enable Backplane Segmentation. Interfaces for Service segmentation are created and configured runtime when user triggers the appropriate operation. Below is the flow of Network Segmentation as a whole which can be drilled down into specific type of Network Segmentation's state machine.
NS 1.0 - Logical Backplane Segmentation
Released in AOS 5.5, this only contains separation of Backplane traffic type which is limited to vLAN based separation. User did not have any option to select an underlying network for backplane interfaces and we simply used the default management vSwitches on the hypervisors. Only separation is by tagging a vLAN ID for packets belonging to backplane category.
NS 2.0 - Service Segmentation
Released AOS 5.11, this FEAT contains segmentation of specific user defined feature. We only have Volumes & DR feature based segmentation as of now. This contains both vLAN based as well as physical segmentation. For customers 5.11 only consisted of Volumes segmentation and DR segmentation was released in 5.12.
NS 2.1 - Physical Backplane Segmentation
Released in AOS 5.11.1, this FEAT made the backing network customization available for Backplane hence allowing users to segment their Backplane traffic physically. This FEAT also added support for DVS based networks for both Backplane and Service.