Browse Prior Art Database

Virtualised bypass Network Interface Card - VBNIC

IP.com Disclosure Number: IPCOM000199906D
Publication Date: 2010-Sep-21
Document File: 5 page(s) / 67K

Publishing Venue

The IP.com Prior Art Database

Abstract

In the virtualisation of servers all the servers are consolidated but along with these servers the GATEWAY server is also consoliadated. Once the server consolidation happens, all the servers becomes at par and there is no GATEWAY concept retained after server consolidation. This creates a major challenge and it demands a work around for implementing the GATEWAY feature in the VIRTUALISATION environment. To implement the GATEWAY concept the packets coming to the Physical NIC card is captured by the POWER HYP (hypervisor). All these packets are copied into a VLAN1 that is connected to an SVM (or VIO). Again these packets are directed to another VLAN2 connected to the VMs. So there are multiple copies of the same packet in the SMP machine creating overhead on the Virtualisation Machine. Business customer don't want to expend his valuable resources for an inefficient and avoidable packet capturing solution for securitisation of Virtual Machine. PACKET CAPTURING WITHOUT LATENCY FOR SECURITY CHECK IN THE VIRTUALISATION ENVIRONMENT. Create a Virtualisation bypass NIC driver which will pass all the packets inbound / outbound to the SVM. Then whatever comes from SVM will be really made into inbound/outbound. So all the packets traffic through the Physical NIC card is passed through the security check at the SVM. Creating two VSWITCHES and connecting SVM to the SWITCH1 then everything comes to SWITCH1 before going to their destinations all the destination points are connected to SWITCH2. This works but it creates big latency and it consumes the valuable HW resources that can be used to run one more VM. Creating two VLANS instead of SWITCHES and doing the same routing from VLAN1 to VLAN2 connecting SVM to VLAN1 and all other machines to VLAN2. This creates more latency than the VSWITCH solution. Additional Solution: Because the existing solutions are not acceptable for performance levels in Virtualisation Environment to sell our Security products.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 100% of the total text.

Page 1 of 5

Virtualised bypass Network Interface Card - VBNIC

CLOUD

nic

GATE

WAY

SERVER 4

nic

nic

HUB

nic

nic

nic

SERVER 1

SERVER 2

SERVER 3

1

Page 2 of 5

Consolidation of Servers into a VirtualisedMachine

nic

PHYP

VNIC1

VNIC2

VNIC3

VNIC4

VNIC5

SERVER1

GATE

WAY

SERVER2

SERVER3

SERVER4

2

Page 3 of 5

 GATEWAY thru VLANs in a VirtualisationMachine

NIC

VLAN1

PHYP

VLAN2

SERVER1 SERVER2

SERVER3

SERVER4

GATE

WAY

3

Page 4 of 5

     Proposed Solution Virtulisation at Open Firmware/rtas

NIC

OF

PHYP

vnic1

vnic2

vnic3

vnic4

SERVER1

GATE

WAY

SERVER2

SERVER3

SERVER4

This works like if you have two
NIC cards and all the traffic comes to NIC1 and then it goes to NIC2 as if NIC1 sits as a GATEWAY between the System and the CLOUD. We have to alter the micro code in OF to simulate this GATEWAY virtulisation. All the traffic pass

4

Page 5 of 5

through GATEWAY (SVM).

5