This invention relates to a virtual machine system for executing network communication between virtual machines by using a virtual network interface card. More particularly, the invention relates to a virtual machine system using VLAN for network communication between virtual machines.
A multi-core processor having a plurality of processor cores packaged in one processor package has now made it possible to drastically increase the number of processors that can be utilized by one machine system.
When such a machine system having a large number of processors mounted thereto is utilized by a single OS, there remains the problem that a large number of processor resources are left useless when the system is idle. One of the methods for improving utilization efficiency of the processor resources includes the steps of constituting a plurality of virtual machines by a control program on a machine system, allocating the processor resources of the machine system to the respective virtual machines and simultaneously operating a plurality of virtual machine systems on one machine system.
As for I/O devices on a machine system, on the other hand, the degree of increase of the number of the I/O devices is relatively milder than that of the number of the processors. Therefore, the number of the I/O devices per processor decreases in the machine system having the multi-core processor packaged thereto as described above.
To operate a greater number of virtual machines on a machine system, therefore, it is imperative how to utilize efficiently the I/O devices.
Methods of efficiently utilizing the I/O devices include a method that virtualizes a network interface card as a kind of the I/O devices by a control program and executes network communication between virtual machines without utilizing a network interface card physically packaged to a machine system, and a method that allows a plurality of virtual network interface cards to share a physical network interface card packaged to a machine system by a control program when communication is made between the virtual network interface card and a network outside a virtual machine system.
To execute network communication between a plurality of machine systems, a method that has been customarily employed virtually forms a group without relying on a physical connection form called “VLAN”, regards this group as one LAN, transfers traffics through a common network switch among a plurality of machine systems, on one hand, and separates the traffics in accordance with the business content such as an accounting system, a personnel affairs system, a business system, and so forth, on the other.
VLAN has the feature that communication can be mutually made between members belonging to the same VLAN but such communication cannot be seen from members from different VLAN. The VLAN kind includes port base VLAN that forms VLAN in a physical unit of a network switch and tag VLAN that executes VLAN control by adding information called “tag” to a communication packet.
To constitute a business system that has been accomplished by a plurality of machine systems by utilizing VLAN on one machine system by using virtual machines, it is necessary to enable network communication between virtual machines to handle VLAN. A method used in a product called “VMware ESX Server” of VMware Co. is known as a prior art technology accomplishing this business system.
According to VMware Co.: “VMware ESX Server 802.1Q VLAN Solutions”, VMware Co. White Paper, html, 2004, two methods are available for the product, that is, a method that constitutes VLAN by utilizing a VLAN function of guest OS on a virtual machine, and a method that constitutes VLAN by a virtual network switch provided by this product without using the VLAN function of the guest OS. Because these two methods can be exclusively utilized with each other, VLAN is constituted by only one of the methods in this product.
In the case where large quantities of virtual machines are operated on a machine system having a large number of processors packaged thereto so as to efficiently use the processors, separate machine systems utilizing VLAN constituted by different methods are integrated in some cases on one machine system by using virtual machines.
Because only one VLAN constitution method is utilizable according to the prior art method described above, however, the VLAN construction of the original machine system must be re-constituted by the utilizable VLAN constitution method when there is any machine system using VLAN that is constituted by the non-utilizable method. In consequence, the number of process steps for integrating the machine system on the virtual machine system increases.
In addition, the VLAN construction of the original machine system cannot always be re-constituted y the utilizable VLAN constitution method. When re-constitution is difficult, the virtual machine system must be re-constituted by dividing the machine system in accordance with each VLAN construction.