Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 VM/Advanced Network Services A New Reference Architecture for VM TCP Services David Boyes Sine Nomine Associates Session V29.

Similar presentations


Presentation on theme: "1 VM/Advanced Network Services A New Reference Architecture for VM TCP Services David Boyes Sine Nomine Associates Session V29."— Presentation transcript:

1 1 VM/Advanced Network Services A New Reference Architecture for VM TCP Services David Boyes Sine Nomine Associates Session V29

2 Copyright 2004 SNA 2 Problem Overview Services dated in terms of function and capability Unable to quickly assimilate and deploy new services and functions VM TCP perceived to be complex to set up Linux hosting strategy complicated by host-orientation vs network- orientation

3 Copyright 2004 SNA 3 Impact Perceived as additional barrier to Linux on zSeries adoption Perceived as insecure/antiquated Most VM systems attached to the public Internet are in popular RBLs as risk to public infrastructure Complicates L2 adoption strategy Complicates HW assist implementation Unclear migration strategy for IPv4 and IPv6 services for CMS environment

4 Copyright 2004 SNA 4 Proposal Overview Use Linux-based services to replace existing CMS services Use existing code to support legacy services where public interfaces are not available Add new multi-platform functionality Ship a fully-configured system requiring only minimal setup

5 5 Design Overview

6 Copyright 2004 SNA 6 Physical Connectivity OSA

7 Copyright 2004 SNA 7 VSWITCH Controllers OSA VSWITCHVSWITCH VSWITCHVSWITCH VM TCP VM TCP

8 Copyright 2004 SNA 8 Linux Guest Networking OSA Linux VSWITCHVSWITCH VSWITCHVSWITCH VM TCP VM TCP

9 Copyright 2004 SNA 9 VM TCP Connectivity OSA Linux VSWITCHVSWITCH VSWITCHVSWITCH VM TCP VM TCP Linux NAT Linux NAT GLAN/VSWITCH TCP

10 Copyright 2004 SNA 10 Existing CMS TCP Applications OSA Linux VSWITCHVSWITCH VSWITCHVSWITCH VM TCP Linux NAT Linux NAT GLAN VM/NFS VM TCP IUCV PORTMAP MPROUTE Existing CMS Clients VM TCP Apps IUCV TCP

11 Copyright 2004 SNA 11 Modern Applications OSA Linux VSWITCHVSWITCH VSWITCHVSWITCH VM TCP VM TCP Linux NAT Linux NAT GLAN IUCV VM NFS PORTMAPMPROUTE Existing CMS Legacy TCP Apps FILE+ SMTP+ WWW FTP+ TCP

12 Copyright 2004 SNA 12 New Function Packet Filtering Traffic Shaping Traffic Authentication SMB/NFSv4 Support FTP Checkpoint Grid Services Support Full redundancy in default implementation Robust Cisco-style routing implementation WWW Server “Couple and Go” Support for Guests Spam/virus scanning RBL support Full DNS implementation w/o DB2 Easy implementation of new protocols Kerberos support in tools LDAP Server

13 Copyright 2004 SNA 13 Backward Compatibility Completely backward compatible CMS clients continue to communicate with VM TCP as interim step Support for migration to complete Linux stack when AF_IUCV support completed and tested in Linux NAT appliance Conversion tools to migrate existing configuration partially done  SMTP (100%)  FTP (85%)

14 Copyright 2004 SNA 14 New Services/APIs IPP support (via CUPS/lpr and RSCS) Kerberos 5 LDAP HTTP WWW based configurator TCP services VM management (later) User SNMP proxy/ integration TCPwrappers Outbound SSL (predefined ports) Crypto Engine exploitation (if present) in SSL

15 Copyright 2004 SNA 15 Documentation Current weak point Design: completed Application manuals: 90% complete Messages & Codes: pending Built to Unix standard

16 Copyright 2004 SNA 16 Maintenance Total replacement service Kernel in NSS, /usr in DCSS User configuration data on individual disk attached to service machine Editable from Linux or CMS Working on WWW configurator

17 Copyright 2004 SNA 17 Performance No additional impact to Linux guests attached to VSWITCH CMS users average 3-5% throughput impact due to NAT processing (prototype on MP3K) Approx 10% increase in disk footprint over existing TCP stack (in prototype)

18 Copyright 2004 SNA 18 Completeness GW+90% SMTP+100% FTP+80% FILE+80% LDAP+60% WWW+90% IPP+80% Configurator50% Documentation70%

19 Copyright 2004 SNA 19 Benefits Simplifies VM TCP configuration to supplying a minimum of 1 IP address, netmask, default gw and DNS server Allows shipping completely configured, fully redundant services behind GW servers Promotes “building blocks” support services for Linux farms Provides modern secure services for CMS users w/o significant development

20 Copyright 2004 SNA 20 Processes Possible to ship with z/VM 5.2 as included feature code (still part of product) Support through usual channels

21 Copyright 2004 SNA 21 Next Steps Tell Reed you want it!

22 Copyright 2004 SNA 22 Q&A

23 Copyright 2004 SNA 23 Contact Info David Boyes Sine Nomine Associates +1 703 723 6673 dboyes@sinenomine.net


Download ppt "1 VM/Advanced Network Services A New Reference Architecture for VM TCP Services David Boyes Sine Nomine Associates Session V29."

Similar presentations


Ads by Google