1. Field of the Invention
The present invention relates generally to software bridge failure. More specifically, the present invention relates to a protocol definition for software bridge failover.
2. Description of the Related Art
Virtual Ethernet technology is supported on systems, such as AIX 5L™ V5.3 on POWER5™ hardware. This technology enables IP-based communication between logical partitions on the same system using a virtual local-area network capable software switch in POWER5™ systems. Shared Ethernet Adapter (SEA) technology enables the logical partitions to communicate with other systems outside the hardware unit without assigning physical Ethernet slots to the logical partitions.
Virtual networking along with other POWER5™ virtualization technologies offers greater flexibility in configuration scenarios. Workloads can be easily consolidated with more control over resource allocation. Network availability can also be improved for more systems with fewer resources using a combination of Virtual Ethernet, Shared Ethernet and link aggregation in the Virtual I/O server. When there are not enough physical slots to allocate a physical network adapter to each logical partition network access using Virtual Ethernet and a Virtual I/O server is preferable to IP forwarding as it does not complicate the IP network topology.
Virtual local-area network is described by the IEEE 802.1Q standard. Virtual local-area network is a method to logically segment a physical network such that layer 2 connectivity is restricted to members that belong to the same virtual local-area network. This separation is achieved by tagging Ethernet packets with their virtual local-area network membership information and then restricting delivery to members of that virtual local-area network.
The virtual local-area network tag information is referred to as virtual local-area network identifier. Ports on a switch are configured as being members of virtual local-area network designated by the virtual local-area network identifier for that port. The default virtual local-area network identifier for a port is referred to as the port virtual local-area network identifier. The virtual local-area network identifier can be added to an Ethernet packet either by a virtual local-area network aware host or by the switch in the case of virtual local-area network unaware hosts.
Therefore, ports on an Ethernet switch have to be configured with information indicating whether the host connected is virtual local-area network aware or unaware. For virtual local-area network unaware hosts, a port is set up as untagged and the switch will tag all packets entering through that port with the port virtual local-area network identifier. It will also untag all packets exiting that port before delivery to the virtual local-area network unaware host. A port used to connect virtual local-area network unaware hosts is called an untagged port, and it can only be a member of a single virtual local-area network identified by its port virtual local-area network identifier.
Hosts that are virtual local-area network aware can insert and remove their own tags and can be members of more than one virtual local-area network. These hosts are typically attached to ports that do not remove the tags before delivering the packets to the host, but will insert the port virtual local-area network identifier tag when an untagged packet enters the port. A port will only allow packets that are untagged or tagged with the tag of one of the virtual local-area networks the port belongs to. These virtual local-area network rules are in addition to the regular media access control address based forwarding rules followed by a switch. Therefore, a packet with a broadcast or multicast destination media access control will also get delivered to member ports that belong to the virtual local-area network that is identified by the tags in the packet. This mechanism ensures the logical separation of physical network based on membership in a virtual local-area network.
As virtual local-area network ensures logical separation at layer 2, it is not possible to have an IP network that spans multiple virtual local-area networks. A router that belongs to both virtual local-area network segments and forwards packets between them is required to communicate between hosts on different virtual local-area network segments. However, a virtual local-area network can extend across multiple switches by ensuring that the virtual local-area network identifiers remain the same and the trunk ports are configured with the appropriate virtual local-area network identifiers. Typically a virtual local-area network capable switch will have a default virtual local-area network defined. The default setting for all its' ports is such that they belong to the default virtual local-area network and, therefore, have a port virtual local-area network identifier and assume that all hosts connecting will be virtual local-area network unaware. This setting makes such a switch equivalent to a simple Ethernet switch that does not support virtual local-area networks.
On AIX 5L™, virtual local-area network tagging and untagging is configured by creating a virtual local-area network device over a physical (or virtual) Ethernet device and assigning it a virtual local-area network tag identifier address, which is then assigned on the resulting interface associated with the virtual local-area network device. AIX 5L™ supports multiple virtual local-area network devices over a single Ethernet device each with its own virtual local-area network identifier. Each of these virtual local-area network devices is an endpoint to access the logically separated physical Ethernet network and the interfaces associated with them are configured with IP addresses belonging to different networks.
In general, configuration is simpler when ports are untagged and only the port virtual local-area network identifier is configured because the attached hosts do not have to be virtual local-area network aware and they do not require any virtual local-area network configuration. However, this scenario has the limitation that a host can access only a single network using a physical adapter. Therefore, untagged ports with port virtual local-area network identifiers only are preferred when accessing a single network per Ethernet adapter and additional virtual local-area network identifiers should be used only when multiple networks are being accessed through a single Ethernet adapter.
Thus, machines that can be logically partitioned into several independent operating system images may need to employ a software bridge to be able to transmit network traffic generated within the logical partitions to the outside world. This software bridge will receive all the traffic generated by the virtual Ethernet network used for inter-logical partition communication and send it out to the outside world through a physical Ethernet adapter. The software bridge resides in a special administrative partition called the hosting partition.
A problem exists when the hosting partition fails for any reason, such as the physical Ethernet adapter in the software bridge fails, or if the network switch that the physical Ethernet adapter is connected to fails. If the hosting partition fails, all internal logical partitions will also lose their connectivity to the outside world.