Virtual networks
The managing PowerVM® option includes the Add Virtual Network wizard that guides you through the steps to create the virtual network. A PowerVM virtual network allows connectivity between partitions on a server or, if bridged, across servers. You can create multiple virtual networks on a managed system and then connect partitions to those networks.
A virtual local area network (VLAN) allows the physical network to be logically segmented. You can connect partitions to virtual Ethernet adapters, and then connect those adapters to VLANs. Traffic on the VLANs can be routed through virtual switches.
A VLAN is a method to logically segment a physical network so that layer 2 connectivity is restricted to members that belong to the same VLAN. This separation is achieved by tagging Ethernet packets with their VLAN membership information and then restricting delivery to members of that VLAN. VLAN is described by the IEEE 802.1Q standard.
The VLAN tag information is referred to as VLAN ID (VID). Ports on a switch are configured as being members of a VLAN designated by the VID for that port. The default VID for a port is referred to as the Port VID (PVID). The VID can be added to an Ethernet packet either by a VLAN-aware host, or by the switch in the case of VLAN-unaware hosts. Therefore, ports on an Ethernet switch must be configured with information that indicates whether the host connected is VLAN-aware.
For VLAN-unaware hosts, a port is set up as untagged and the switch tags all packets that enter through that port with the Port VLAN ID (PVID). The switch also untags all packets that exit that port before delivery to the VLAN unaware host. A port that is used to connect VLAN-unaware hosts is called an untagged port, and it can be a member of only a single VLAN identified by its PVID. Hosts that are VLAN-aware can insert and remove their own tags and can be members of more than one VLAN. These hosts are typically attached to ports that do not remove the tags before the packets are delivered to the host. However, it inserts the PVID tag when an untagged packet enters the port. A port allows only packets that are untagged or tagged with the tag of one of the VLANs that the port belongs to. These VLAN rules are in addition to the regular media access control (MAC) address-based forwarding rules followed by a switch. Therefore, a packet with a broadcast or multicast destination MAC is also delivered to member ports that belong to the VLAN that is identified by the tags in the packet. This mechanism ensures the logical separation of the physical network that is based on membership in a VLAN.
Virtual Ethernet adapters
A virtual Ethernet adapter allows client partitions to send and receive network traffic without a dedicated physical Ethernet adapter. A virtual Ethernet adapter is created when you connect a partition to a virtual network. You can change and connect the virtual Ethernet adapters to virtual networks. TCP/IP communications over these virtual networks are routed through the server firmware at high speed.
Virtual Ethernet adapters allow logical partitions within the same system to communicate without having to use physical Ethernet adapters. Within the system, virtual Ethernet adapters are connected to an IEEE 802.1Q virtual Ethernet switch. Using this switch function, logical partitions can communicate with each other by using virtual Ethernet adapters and assigning VIDs. With VIDs, virtual Ethernet adapters can share a common logical network. The system transmits packets by copying the packet directly from the memory of the sender logical partition to the receive buffers of the receiver logical partition without any intermediate buffering of the packet.
You can use virtual Ethernet adapters without using the Virtual I/O Server, but the logical partitions cannot communicate with external systems. However, in this situation, you can use another device, called a Host Ethernet Adapter (or Integrated Virtual Ethernet) to facilitate communication between logical partitions on the system and external networks.