RE: VMS cluster behind a *NIX firewall



-----Original Message-----
From: bill@xxxxxxxxxxxxxxxxxxxx [mailto:bill@xxxxxxxxxxxxxxxxxxxx] On
Behalf Of Bill Gunshannon
Sent: Friday, August 03, 2007 9:07 PM
To: Info-VAX@xxxxxxxxxxxx
Subject: Re: VMS cluster behind a *NIX firewall

In article <W54516637972361186155265@webmail19>,
"Paul Raulerson" <paul@xxxxxxxxxxxxxx> writes:
----=_vm_0011_W545166379_7236_1186155265
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

VLANS are separate from the main network and easy to set-up. You
use a=
sep=3D
arate NIC on the host side as well. What goes on a VLAN is not seen
on=
the >> main network.

Can you explain why you think you need a "separate network?"

You have a 100MB network. You have 3 VLANS on that network. Do you
honestly believe that all 3 get 100MB rather than 100MB being the
limit for the aggregate? Of course, if your VLAN is limited to just
one box.... Then it just takes up from the aggregate for that box,
which may, in fact, be higher. But then, why not just a separate box
and limit the complexity? (KISS) :-)


Of course you get three 100mbs networks with three VLANS. What do you
thi=
nk switches are for? Or why they have high bandwidth backplanes?
Essentia=
lly the inside of the switch is a very high speed netowrk- even
switches =
rated at 100mbs have backplanes that are much higher speed than that.
Oth=
erwise what you have is essentially a hub.

You only run into the situation you are talking about with trunked
connec=
tions where you are passing multiple VLAN traffic, and if you have
that c=
ondition on your server network, you have a bad configuration anyway.
Or =
if you are using 20+ year old network infrastructure, like CDMA based
thi=
n or thick Ethernet. I don't think there is any of that left around
these=
days.


Sigh....

Go back and read what I said. You get the full bandwidth as long as
your
VLAN does not leave one single box. But if all the machines on that
VLAN
are located so close together that they can all be connected to a
single
box then the better solution is a single box to handle it rather than a
VLAN. Does no one remember what KISS means? A separate box capable
of
handling gigabit speeds cost what today, $50? Why bother with the
added
complexity of establishing VLANS where there is a better and less
complicated
solution? Oh, I'm sorry, it must be technology for technolgy's sake.

Hint: I may not run VMS clusters, but I do have a lot of server to
server traffic. I keep it on a network all by itselfi (for both
efficiency and security reasons). And I don't use VLANS even though
all of my switches have that capability.

bill

--
Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three
wolves
bill@xxxxxxxxxxxxxxx | and a sheep voting on what's for dinner.
University of Scranton |
Scranton, Pennsylvania | #include <std.disclaimer.h>

Sigh yourself - go back and read what you wrote...

You have a 100MB network. You have 3 VLANS on that network. Do you
honestly believe that all 3 get 100MB rather than 100MB being the
limit for the aggregate?

On a 100 mbs switch, you will *get* full bandwidth on each port until you
exceed the backplane capacity.

That's before you start talking about VLANs by the way. VLANS offer better
traffic segregation and so better traffic management.

As for on a single box - I run both a large LAN/WAN and a whole bunch of
Linux
and z/VM instances on "a single box." I run VLANs on a *virtual* switch in
that box, to segregate traffic more than for bandwidth. Network bandwidth
between
the instances is limited by *memory bus* speed, and VLAN's can and do play a
significant role in traffic management there.

Same by the way is true on the IBM Bladecenter.

Even the SAN network has the equivalent of VLANs - and for much the same
purpose.

.

Relevant Pages

  • Re: To vlan or not to vlan, thats the question
    ... > divide the network in two, ... Unless you will now or in the near future implement vlans there is no ... routers to route traffic _between_ different vlans as well as switches ... opposed to conventional switching. ...
    (comp.os.linux.networking)
  • Re: VLAN Help
    ... clear how your network is setted up. ... the remote office LAN and add a port which will connect to this LAN ... Once you do that you have to add a tagged port to the 2 VLANS (yours ... > Our network center runs the same switch but the Layer 3 Version. ...
    (Security-Basics)
  • Re: Single domain two IP subnets
    ... hardware or any of the complexities of "network hardward ... I never criticize anyone's typing as long as the words can ... Cisco ISL VLANS are history. ... Newer Cisco switches don't even support ISL ...
    (microsoft.public.win2000.dns)
  • Re: badly in need of network advice
    ... > the same network to access the internet/print. ... If the companies care about security, they would need to use VLANs ... > managed switched and 48 port ones are pretty damn expensive, ... The server/printer would have to be on a separate subnet and you'd ...
    (comp.dcom.lans.ethernet)
  • Re: Windows XP systems on a particular VLAN cannot be seen
    ... Browsing has nothing to do with DNS. ... pointing to a WINS server which was in a cluster. ... Network Places is not "live",...it is just reading the data from a ... sitting on several VLANs cannot be seen under My Network Places. ...
    (microsoft.public.windows.server.networking)