1. Field of the Invention
The present invention relates to a computer network system including a user network, server units and a server unit management network, and more particularly, to a network switch for logically isolating the user network and the server unit management network from each other and its operating method.
2. Description of the Related Art
Generally, a computer network system is constructed by user computers and a plurality of server units having different functions such as a Web server unit, a mail server unit, an application server unit and the like.
The loads of the server units fluctuate on a time basis. For example, the load of the Web server unit is remarkably increased for one time period, and the load of the application server unit is remarkably increased for another time period.
One approach to overcome the fluctuation of the loads of the server units is to provide a plurality of server units for each of the different functions, which is, however, not economical.
Another approach is a providing or deployment system where one pool server unit including no operating system (OS) and no application software and a server unit management computer are provided. When the load of one of the server units is remarkably increased, the server unit management computer automatically installs the OS of the overloaded server unit and its application software in the pool server unit, thus reducing the load of the overloaded server unit, which is economical.
An automatic installing operation of the OS and application software performed upon the pool server unit is carried out by a network boot function called a pre-boot execution environment (PXE) boot function which is an extended function of a dynamic host configuration protocol (DHCP). Note that DHCP is a protocol for assigning an Internet protocol (IP) address to nodes within a network.
A PXE boot function is included in a PXE agent in a basic input output system (BIOS) of the pool server unit. Briefly, the PXE requests an assignment of an IP address from a DHCP server unit. Then, the PXE agent requests necessary parameters such as the name of a boot file and the name of an accessed server unit. Then, after the PXE agent has obtained the necessary parameters, the PXE agent accesses a suitable PXE server unit to download the boot file. Finally, the PXE agent executes the boot file to initiate the operation of the pool server unit.
The above-mentioned server unit management computer and the PXE server are provided in a server unit management network which is isolated from a user network in view of security. That is, if the server unit management network is accessible from the user network, the server unit management network could be easily attacked.
Generally, isolation technology for networks is divided into physical isolation technology using a plurality of network controllers and logical isolation using virtual local area networks (VLANs). Note that automatic participation and secession of a virtual group for VLANs is disclosed in JP-A-2000-134207.
The physical isolation technology is disadvantageous in terms of manufacturing cost. That is, one network controller for the user network and one network controller for the server unit management network have to be mounted in each of the server units. Also, in order to realize a duplex system for preparing for a failure, two more redundancy network controllers have to be mounted in each of the server units. This is further disadvantageous in terms of manufacturing cost. Particularly, in a blade server apparatus where a plurality of server blades are mounted in one chassis, the increased number of network controllers would decrease the mounting density.
On the other hand, the logical isolation technology cannot realize the PXE boot function. That is, the PXE boot function does not have a definition for VLANs, and a DCHP packet generated by the PXE agent does not include VLAN tags. Therefore, the PXE boot function is incompatible with the logical isolation using VLANs.