Thanks, I pushed this to master.
On Fri, Aug 03, 2012 at 05:20:08PM -0700, Justin Pettit wrote: > That's a great description. Thanks! > > --Justin > > > On Aug 3, 2012, at 4:34 PM, Ben Pfaff <b...@nicira.com> wrote: > > > Signed-off-by: Ben Pfaff <b...@nicira.com> > > --- > > FAQ | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > 1 files changed, 54 insertions(+), 0 deletions(-) > > > > diff --git a/FAQ b/FAQ > > index bdd96ce..4658bb9 100644 > > --- a/FAQ > > +++ b/FAQ > > @@ -302,6 +302,60 @@ A: Yes. ovs-vswitchd.conf.db(5) is a comprehensive > > reference. > > VLANs > > ----- > > > > +Q: What's a VLAN? > > + > > +A: At the simplest level, a VLAN (short for "virtual LAN") is a way to > > + partition a single switch into multiple switches. Suppose, for > > + example, that you have two groups of machines, group A and group B. > > + You want the machines in group A to be able to talk to each other, > > + and you want the machine in group B to be able to talk to each > > + other, but you don't want the machines in group A to be able to > > + talk to the machines in group B. You can do this with two > > + switches, by plugging the machines in group A into one switch and > > + the machines in group B into the other switch. > > + > > + If you only have one switch, then you can use VLANs to do the same > > + thing, by configuring the ports for machines in group A as VLAN > > + "access ports" for one VLAN and the ports for group B as "access > > + ports" for a different VLAN. The switch will only forward packets > > + between ports that are assigned to the same VLAN, so this > > + effectively subdivides your single switch into two independent > > + switches, one for each group of machines. > > + > > + So far we haven't said anything about VLAN headers. With access > > + ports, like we've described so far, no VLAN header is present in > > + the Ethernet frame. This means that the machines (or switches) > > + connected to access ports need not be aware that VLANs are > > + involved, just like in the case where we use two different physical > > + switches. > > + > > + Now suppose that you have a whole bunch of switches in your > > + network, instead of just one, and that some machines in group A are > > + connected directly to both switches 1 and 2. To allow these > > + machines to talk to each other, you could add an access port for > > + group A's VLAN to switch 1 and another to switch 2, and then > > + connect an Ethernet cable between those ports. That works fine, > > + but it doesn't scale well as the number of switches and the number > > + of VLANs increases, because you use up a lot of valuable switch > > + ports just connecting together your VLANs. > > + > > + This is where VLAN headers come in. Instead of using one cable and > > + two ports per VLAN to connect a pair of switches, we configure a > > + port on each switch as a VLAN "trunk port". Packets sent and > > + received on a trunk port carry a VLAN header that says what VLAN > > + the packet belongs to, so that only two ports total are required to > > + connect the switches, regardless of the number of VLANs in use. > > + Normally, only switches (either physical or virtual) are connected > > + to a trunk port, not individual hosts, because individual hosts > > + don't expect to see a VLAN header in the traffic that they receive. > > + > > + None of the above discussion says anything about particular VLAN > > + numbers. This is because VLAN numbers are completely arbitrary. > > + One must only ensure that a given VLAN is numbered consistently > > + throughout a network and that different VLANs are given different > > + numbers. (That said, VLAN 0 is usually synonymous with a packet > > + that has no VLAN header, and VLAN 4095 is reserved.) > > + > > Q: VLANs don't work. > > > > A: Many drivers in Linux kernels before version 3.3 had VLAN-related > > -- > > 1.7.2.5 > > > > _______________________________________________ > > dev mailing list > > dev@openvswitch.org > > http://openvswitch.org/mailman/listinfo/dev > _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
