There have been the following techniques for separating networks from each other. One of the techniques uses different switches for respective subnets and physically separates the subnets from each other by connecting servers to the switches. The other technique logically separates the subnets from each other over the switches using a virtual LAN (VLAN) technique without changing the physical wiring of the servers connected to the switches.
The VLAN technique, however, does not support more than 4096 subnets because the technique can separate only up to 4096 subnets from each other. When more than 4096 subnets are to be separated from each other, techniques that separate a single subnet into a plurality of networks are employed. A private virtual LAN (PVLAN) technique is one of such techniques. The PVLAN technique separates servers in the same subnet from each other in Layer 2 using switches having special functions.
For example, refer to http://www.cisco.com/JP/support/public/ht/tac/100/1007932/1 94-j.shtml “Configuring Isolated Private VLANs on Catalyst Switches”.
The conventional technique, which separates a single subnet into a plurality of networks, however, has a problem in that security of each separated network is not secured unless the switches having special functions are used because the technique requires the switches to have special functions. That is, in the PVLAN technique, only the switches having special functions can secure the security of each separated network because the technique uses the switches having special functions.
The conventional technique using different switches for respective subnets does not separate a single subnet into a plurality of networks. The conventional technique using the VLAN technique also does not separate a single subnet into a plurality of networks.
Such problems also occur when a single subnet is separated into a plurality of tenants. A tenant is a group of a plurality of servers provided to a company, for example.