Re: VMS cluster behind a *NIX firewall - VMS

This is a discussion on Re: VMS cluster behind a *NIX firewall - VMS ; >> VLANS are separate from the main network and easy to set-up. You use asep= >> arate NIC on the host side as well. What goes on a VLAN is not seen onthe >> main network. >> >> Can you ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Re: VMS cluster behind a *NIX firewall

  1. Re: VMS cluster behind a *NIX firewall

    >> VLANS are separate from the main network and easy to set-up. You use asep=
    >> arate NIC on the host side as well. What goes on a VLAN is not seen onthe >> main network.
    >>
    >> Can you explain why you think you need a "separate network?"

    >
    >You have a 100MB network. You have 3 VLANS on that network. Do you
    >honestly believe that all 3 get 100MB rather than 100MB being the
    >limit for the aggregate? Of course, if your VLAN is limited to just
    >one box.... Then it just takes up from the aggregate for that box,
    >which may, in fact, be higher. But then, why not just a separate box
    >and limit the complexity? (KISS) :-)



    Of course you get three 100mbs networks with three VLANS. What do you think switches are for? Or why they have high bandwidth backplanes? Essentially the inside of the switch is a very high speed netowrk- even switches rated at 100mbs have backplanes that are much higher speed than that. Otherwise what you have is essentially a hub.

    You only run into the situation you are talking about with trunked connections where you are passing multiple VLAN traffic, and if you have that condition on your server network, you have a bad configuration anyway. Or if you are using 20+ year old network infrastructure, like CDMA based thin or thick Ethernet. I don't think there is any of that left around thesedays.

    -Paul





  2. Re: VMS cluster behind a *NIX firewall

    In article ,
    "Paul Raulerson" writes:
    > ----=_vm_0011_W545166379_7236_1186155265
    > Content-Type: text/plain; charset="utf-8"
    > Content-Transfer-Encoding: quoted-printable
    >
    >>> VLANS are separate from the main network and easy to set-up. You use a=

    > sep=3D
    >>> arate NIC on the host side as well. What goes on a VLAN is not seen on=

    > the >> main network.
    >>>
    >>> Can you explain why you think you need a "separate network?"

    >>
    >>You have a 100MB network. You have 3 VLANS on that network. Do you
    >>honestly believe that all 3 get 100MB rather than 100MB being the
    >>limit for the aggregate? Of course, if your VLAN is limited to just
    >>one box.... Then it just takes up from the aggregate for that box,
    >>which may, in fact, be higher. But then, why not just a separate box
    >>and limit the complexity? (KISS) :-)

    >
    >
    > Of course you get three 100mbs networks with three VLANS. What do you thi=
    > nk switches are for? Or why they have high bandwidth backplanes? Essentia=
    > lly the inside of the switch is a very high speed netowrk- even switches =
    > rated at 100mbs have backplanes that are much higher speed than that. Oth=
    > erwise what you have is essentially a hub.
    >
    > You only run into the situation you are talking about with trunked connec=
    > tions where you are passing multiple VLAN traffic, and if you have that c=
    > ondition on your server network, you have a bad configuration anyway. Or =
    > if you are using 20+ year old network infrastructure, like CDMA based thi=
    > n or thick Ethernet. I don't think there is any of that left around these=
    > days.
    >


    Sigh....

    Go back and read what I said. You get the full bandwidth as long as your
    VLAN does not leave one single box. But if all the machines on that VLAN
    are located so close together that they can all be connected to a single
    box then the better solution is a single box to handle it rather than a
    VLAN. Does no one remember what KISS means? A separate box capable of
    handling gigabit speeds cost what today, $50? Why bother with the added
    complexity of establishing VLANS where there is a better and less complicated
    solution? Oh, I'm sorry, it must be technology for technolgy's sake.

    Hint: I may not run VMS clusters, but I do have a lot of server to
    server traffic. I keep it on a network all by itselfi (for both
    efficiency and security reasons). And I don't use VLANS even though
    all of my switches have that capability.

    bill

    --
    Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
    bill@cs.scranton.edu | and a sheep voting on what's for dinner.
    University of Scranton |
    Scranton, Pennsylvania | #include

  3. RE: VMS cluster behind a *NIX firewall



    > -----Original Message-----
    > From: bill@triangle.cs.uofs.edu [mailto:bill@triangle.cs.uofs.edu] On
    > Behalf Of Bill Gunshannon
    > Sent: Friday, August 03, 2007 9:07 PM
    > To: Info-VAX@Mvb.Saic.Com
    > Subject: Re: VMS cluster behind a *NIX firewall
    >
    > In article ,
    > "Paul Raulerson" writes:
    > > ----=_vm_0011_W545166379_7236_1186155265
    > > Content-Type: text/plain; charset="utf-8"
    > > Content-Transfer-Encoding: quoted-printable
    > >
    > >>> VLANS are separate from the main network and easy to set-up. You

    > use a=
    > > sep=3D
    > >>> arate NIC on the host side as well. What goes on a VLAN is not seen

    > on=
    > > the >> main network.
    > >>>
    > >>> Can you explain why you think you need a "separate network?"
    > >>
    > >>You have a 100MB network. You have 3 VLANS on that network. Do you
    > >>honestly believe that all 3 get 100MB rather than 100MB being the
    > >>limit for the aggregate? Of course, if your VLAN is limited to just
    > >>one box.... Then it just takes up from the aggregate for that box,
    > >>which may, in fact, be higher. But then, why not just a separate box
    > >>and limit the complexity? (KISS) :-)

    > >
    > >
    > > Of course you get three 100mbs networks with three VLANS. What do you

    > thi=
    > > nk switches are for? Or why they have high bandwidth backplanes?

    > Essentia=
    > > lly the inside of the switch is a very high speed netowrk- even

    > switches =
    > > rated at 100mbs have backplanes that are much higher speed than that.

    > Oth=
    > > erwise what you have is essentially a hub.
    > >
    > > You only run into the situation you are talking about with trunked

    > connec=
    > > tions where you are passing multiple VLAN traffic, and if you have

    > that c=
    > > ondition on your server network, you have a bad configuration anyway.

    > Or =
    > > if you are using 20+ year old network infrastructure, like CDMA based

    > thi=
    > > n or thick Ethernet. I don't think there is any of that left around

    > these=
    > > days.
    > >

    >
    > Sigh....
    >
    > Go back and read what I said. You get the full bandwidth as long as
    > your
    > VLAN does not leave one single box. But if all the machines on that
    > VLAN
    > are located so close together that they can all be connected to a
    > single
    > box then the better solution is a single box to handle it rather than a
    > VLAN. Does no one remember what KISS means? A separate box capable
    > of
    > handling gigabit speeds cost what today, $50? Why bother with the
    > added
    > complexity of establishing VLANS where there is a better and less
    > complicated
    > solution? Oh, I'm sorry, it must be technology for technolgy's sake.
    >
    > Hint: I may not run VMS clusters, but I do have a lot of server to
    > server traffic. I keep it on a network all by itselfi (for both
    > efficiency and security reasons). And I don't use VLANS even though
    > all of my switches have that capability.
    >
    > bill
    >
    > --
    > Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three
    > wolves
    > bill@cs.scranton.edu | and a sheep voting on what's for dinner.
    > University of Scranton |
    > Scranton, Pennsylvania | #include


    Sigh yourself - go back and read what you wrote...

    > >>You have a 100MB network. You have 3 VLANS on that network. Do you
    > >>honestly believe that all 3 get 100MB rather than 100MB being the
    > >>limit for the aggregate?


    On a 100 mbs switch, you will *get* full bandwidth on each port until you
    exceed the backplane capacity.

    That's before you start talking about VLANs by the way. VLANS offer better
    traffic segregation and so better traffic management.

    As for on a single box - I run both a large LAN/WAN and a whole bunch of
    Linux
    and z/VM instances on "a single box." I run VLANs on a *virtual* switch in
    that box, to segregate traffic more than for bandwidth. Network bandwidth
    between
    the instances is limited by *memory bus* speed, and VLAN's can and do play a
    significant role in traffic management there.

    Same by the way is true on the IBM Bladecenter.

    Even the SAN network has the equivalent of VLANs - and for much the same
    purpose.


  4. Re: VMS cluster behind a *NIX firewall

    Bill Gunshannon wrote:
    > Go back and read what I said. You get the full bandwidth as long as your
    > VLAN does not leave one single box.


    Not true. At least on Cisco switches, you can combine multiple ports to
    form an inter-switch trunk.

    In any config, you need to study what the traffic will be like and plan
    accordingly.

    And there may be ways to create a trunk dedicated to a VLAN, garanteeing
    bandwidth won't be used by others.


+ Reply to Thread