Arcfra logoDocs
API Doc
Search Docs...
⌘ K
OverviewDeploymentManagementOperationReferenceGlossary

Basic concepts

Virtual distributed switch

A virtual distributed switch (VDS) is a distributed switch at the virtualization layer defined by a group of physically connected network ports. It has similar functions to physical switches and can provide a basis for system networks and VM networks.

A virtual distributed switch can be associated with one or more physical network ports on a host. Once associated, a VDS data plane instance (i.e., OVS bridge) will be created on each host to forward network traffic on the host, encapsulate or decapsulate VLANs, process security rules and QoS policies, etc., thereby achieving network high availability and network isolation.

VM network

VM networks are networks used for virtual machine communication, which also provide services for external clients. You can use VM networks to achieve logical isolation between virtual machines to improve network security.

You can configure multiple VM networks in a cluster as needed. A virtual machine can be connected to multiple VM networks through different virtual NICs. When a virtual machine is migrated between different hosts in a cluster, VM networks can ensure that the services provided by the virtual machine are not interrupted during the migration process, and there is no need to reconfigure a network database.

System network

System networks are virtual networks used by the services on the host. Depending on their purpose, system networks can be categorized as follows:

  • Management network: The network used for cluster management and requires physical network ports with a speed of 1 GbE or above. It is created during ACOS (AVE) installation and deployment. An ACOS (AVE) cluster can only have one management network, which cannot be deleted.

  • Storage network: The network used for data exchange between nodes in a hyperconverged cluster. It can only be used within hyperconverged clusters, and requires physical network ports with a speed of 10 GbE or above. It is created during ACOS (AVE) installation and deployment. An ACOS (AVE) cluster can only have one storage network, which cannot be deleted.

  • Access network: The network that needs to be created only when the ACOS cluster is used as a storage cluster and is set to provide storage services for external compute clients.

  • Migration network: The network created specifically for virtual machine migration. When performing virtual machine cold migration or hot migration within a cluster, or performing hot migration between clusters, the storage network will be used by the migration task by default. After creating a dedicated migration network for the cluster, when both the source and target ends of a migration task have configured migration networks and the networks are connected, the hot migrated data will be transmitted through the migration network to avoid occupying the bandwidth of the storage network.

  • VPC system network: When a cluster is associated with the VPC networking feature, the system automatically creates a VPC system network, namely the host TEP network, for implementing tunnel connection and data exchange between nodes in clusters associated with the VPC. This network cannot be modified or deleted.

  • Mirroring egress network: When the cluster uses the traffic mirroring feature, you can configure this network separately to send encapsulated mirror traffic outside the cluster. An ACOS (AVE) cluster can only have one mirroring egress network.

Port bonding mode

When a host associated with the virtual distributed switch has multiple physical network ports, you need to configure the port bonding mode to bind multiple ports into one logical port to improve the high reliability and total bandwidth of the physical network ports.

The network port bonding types and modes vary depending on the network types in the virtual distributed switch (VDS):

  • VDS without RDMA-enabled storage networks: The OVS Bond type is used, supporting active-backup, balance-tcp, and balance-slb modes.

  • VDS with RDMA-enabled storage networks:

    • For newly deployed clusters: The OVS Bond type is used, supporting only active-backup and balance-tcp modes.
    • For clusters upgraded from earlier versions to this version: The Linux Bond type is used, supporting active-backup, 802.3ad, and balance-xor modes. It is recommended to contact Arcfra technical support to manually convert this to the OVS Bond type.
    • After converting to OVS Bond, if the mode is set to balance-tcp, the system automatically enables data channel multipathing. This allows the system to fully utilize the bandwidth of multiple network ports, thereby enhancing storage performance.

OVS Bond mode

  • active-backup: In this mode, only one port is active, which is used for sending and receiving all traffic. The remaining ports serve as backup ports. When the active port fails, the system will immediately switch to the backup port.

  • balance-tcp: In this mode, the virtual distributed switch uses LACP (Link Aggregation Control Protocol) to forward traffic through multiple ports simultaneously. When a port fails, other ports can automatically take over the failed port to share the traffic, thus achieving port load balancing. When using this mode, the physical switch must have LACP dynamic link aggregation enabled.

  • balance-slb: In this mode, the virtual distributed switch will calculate the hash value according to the packets' source MAC address and VLAN tag, and then select different physical network ports to forward different traffic according to different hash values, thus achieving network port load balancing. You can enable Network load balancing as needed and configure the Network load balancing period. The system will rebalance the port load periodically based on the configured load conditions.

Linux Bond mode

  • active-backup: In this mode, only one port is active, which is used for sending and receiving all traffic. The remaining ports serve as backup ports. When the active port fails, the system will immediately switch to the backup port.

  • 802.3ad: In this mode, the virtual distributed switch uses LACP (Link Aggregation Control Protocol) to forward traffic through multiple ports simultaneously. When a port fails, other ports can automatically take over the failed port to share the traffic, thus achieving port load balancing. When using this mode, the physical switch must have LACP dynamic link aggregation enabled.

  • balance-xor: In this mode, the virtual distributed switch will calculate the hash value according to the packets' source MAC address and destination MAC address, and then select different physical network ports to forward different traffic according to different hash values, thus achieving network port load balancing. When using this mode, the physical switch connected to the virtual distributed switch needs to be configured with a static EtherChannel to avoid MAC address drift.

VLAN

VLAN is a technology that divides a Layer 2 network into multiple different virtual local area networks in a logical way, thereby achieving Layer 2 network isolation. In actual business scenarios, if you need to isolate the networks for different services from each other, you can configure different VLAN IDs for the VM networks providing the services.

The following two VLAN types are supported for virtual networks:

  • Access: The VM network and system network support VLANs of the Access type. You can only configure one VLAN ID, and the traffic flowing in and out of the ports on virtual machines does not carry any VLAN tags.

  • Trunk: The VM network supports VLANs of the Trunk type. You can configure one or more VLAN IDs and allow data packets of the corresponding VLAN to pass. Traffic flowing in and out of the ports on virtual machines will carry VLAN tags that help to identify the VLAN to which it belongs. The ports on virtual machines can receive and recognize the VLAN tags in other network packets as well.

    Note:

    When the VM network is of the Trunk type, you need to configure the corresponding VLAN subinterface in the virtual machine. Meanwhile, you also need to set the physical switch port connected to the NIC uplinked to the virtual distributed switch corresponding to the VM network to the Trunk mode, and configure the appropriate VLAN ID range to ensure proper connectivity between the VM network and the physical network.

QoS policy

QoS (Quality of Service) is a technology that configures different bandwidths and priorities for different service traffic, thus ensuring that critical services can provide better performance despite limited network resources.

You can enable the QoS policy for the VM networks and system networks. The configuration parameters are as follows:

  • Priority and weight: The bandwidth allocation priority of the virtual networks on the virtual distributed switch, including High (100), Medium (60), Low (30), and Custom weight (0-100).

  • Reserved bandwidth: The bandwidth guaranteed to be reserved for the virtual networks on the virtual distributed switch. The total reserved bandwidth of all virtual networks on the virtual distributed switch cannot exceed 75% of the total bandwidth.

  • Bandwidth limit: The upper limit of the bandwidth that the virtual networks can reach.

    • Max bandwidth: When the bandwidth limit is enabled, you can limit the maximum bandwidth that the network can reach.

    • Max burst size: After enabling the bandwidth limit, you can set an upper limit for the amount of data that can be transferred when the virtual network communicates at a rate exceeding the maximum bandwidth.

In this article