Network¶
BMS provides five types of networks: VPC, high-speed network, enhanced high-speed network, user-defined VLAN, and IB network. They are isolated from each other.
VPC and high-speed network interfaces are VLAN sub-interfaces created after system maintenance VLAN NICs are bonded. You can manage and configure NICs of user-defined VLANs and IB networks.
The QingTian architecture improves the network performance and VPC NIC bonding provides high reliability.
Note
In the preceding figure, ToR indicates the cabling mode in the server cabinet. The access switch is placed on top of the rack and the server is placed beneath it. HB indicates a high-speed network. QinQ indicates an 802.1Q tunnel.
VPC and high-speed network interfaces are generated by the system and cannot be changed. They are configured in the same NIC bond.
BMSs can communicate with ECSs through VPCs or IB networks (if any).
Only VPC supports security groups, EIPs, and ELB.
For a high-speed network and user-defined VLAN, BMSs in the same network communicate with each other only through layer-2 connections.
VPC¶
A VPC is a logically isolated, configurable, and manageable virtual network. It helps improve the security of cloud resources and simplifies network deployment. You can create security groups and VPNs, configure IP address ranges, and specify bandwidth sizes in your VPC. With a VPC, you can easily manage and configure internal networks and change network configurations. You can also customize access rules to control BMS access within a security group and across different security groups to enhance BMS security.
For more information, see Virtual Private Cloud User Guide.
High-Speed Network¶
A high-speed network is an internal network between BMSs. It provides high bandwidth for connecting BMSs in the same AZ. If you want to deploy services that require high throughput and low latency, you can create high-speed networks. Currently, the BMS service supports high-speed networks with a maximum bandwidth of 10 Gbit/s.
For more information, see Overview.
User-defined VLAN¶
You can use the 10GE Ethernet NICs that are not being used by the system to configure a user-defined VLAN. The QinQ technology is used to isolate networks and provide additional physical planes and bandwidths. You can create VLANs to isolate network traffic. User-defined VLAN NICs are in pairs. You can configure NIC bonding to achieve high availability. User-defined VLANs in different AZs cannot communicate with each other.
Note
QinQ is a layer 2 tunnel protocol based on IEEE 802.1Q encapsulation. It adds a public VLAN tag to a frame with a private VLAN tag and allows the frame with double VLAN tags to be transmitted over the service provider's backbone network based on the public VLAN tag. This provides a layer 2 VPN tunnel for customers.
IB Network¶
An IB network features low latency and high bandwidth and is used in a number of High Performance Computing (HPC) projects. It uses the 100 Gbit/s Mellanox IB NIC, dedicated IB switch, and controller software UFM to ensure network communication and management, and uses the Partition Key to isolate IB networks of different tenants (similar to VLANs in an Ethernet).
Note
Unified Fabric Manager (UFM) is the IB switch controller of an IB network based on OpenSM software and provides northbound interfaces. It is deployed in active/standby mode.