Hot Topics - Messmer The Brain House
Hot Topics - Messmer The Brain House
Hot Topics - Messmer The Brain House
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
No dynamic routing protocol? No problem!<br />
BY ALFRED CHRISTENSEN AND GUS KASSIMIS<br />
Okay, so you have heard about all the great<br />
benefits of Dynamic Virtual IP Addresses<br />
(DVIPAs) and you’re sold. That is, you want<br />
the availability, scalability and flexibility<br />
that DVIPAs provide. You want to shield<br />
your end users from failures in network<br />
interfaces, applications, and systems or<br />
changes in the network and computing<br />
infrastructure.<br />
<strong>The</strong>re is one obstacle, however: does<br />
deploying DVIPAs mean that you have to<br />
deploy a dynamic routing protocol on your<br />
z/OS systems? And, if the answer is yes,<br />
does that become a deal breaker in your<br />
environment?<br />
If this sounds familiar, read on, there<br />
might be some hope for you yet. While<br />
running a dynamic routing protocol on<br />
z/OS is the recommended approach to<br />
deploying DVIPAs, it is possible to reap<br />
many of the benefits of DVIPAs without<br />
doing so.<br />
Before we go into the details of what<br />
that configuration looks like, let us quickly<br />
review the reasons for the dynamic routing<br />
protocol recommendation. That will help<br />
us better understand the alternative<br />
approach, including its benefits and any<br />
drawbacks.<br />
Why a dynamic routing protocol<br />
is recommended<br />
With a DVIPA, you can virtualize an IP<br />
address and the resources represented<br />
by the IP address. You can use a DVIPA<br />
to provide a virtual view of a system, an<br />
application or even an entire z/OS sysplex.<br />
This means that a VIPA is not tied to<br />
a specific network interface or even a<br />
specific system. This capability provides<br />
for a very flexible configuration, because<br />
a DVIPA can move dynamically from one<br />
system to another within a sysplex, during<br />
planned configuration changes or during<br />
unplanned outages.<br />
Further, a DVIPA can tolerate failures<br />
in network components. Dynamic routing<br />
protocols, such as Open Shortest Path First<br />
(OSPF), and a dynamic routing daemon,<br />
such as the z/OS OMPROUTE daemon,<br />
facilitate this dynamic nature of VIPAs.<br />
OSPF and OMROUTE help to keep the<br />
network infrastructure (such as routers)<br />
aware of the best current network paths to<br />
a DVIPA. As long as the system has some<br />
36 February 2006 z/OS HOT TOPICS Newsletter, Issue 14<br />
form of network connectivity, with at least<br />
one network path to the DVIPA, users can<br />
continue to use the DVIPA. This is true<br />
even if multiple failures occur within the<br />
network infrastructure.<br />
Deploying DVIPAs without a<br />
dynamic routing protocol<br />
Without dynamic routing protocols to<br />
keep routers and z/OS aware of the<br />
whereabouts of DVIPAs and the status of<br />
network adapters and LANs, we need to<br />
rely on a lower level protocol, the address<br />
resolution protocol (ARP), to help us<br />
achieve the availability characteristics we<br />
want. Using ARP for this purpose poses<br />
some restrictions on how we design and<br />
implement the IP network.<br />
What is address resolution<br />
protocol?<br />
Every network adapter that is connected<br />
to a local area network (LAN) has a<br />
hardware address associated with it. This<br />
address is known as the medium access<br />
control (MAC) address. A network adapter<br />
comes with a burnt-in MAC address—a<br />
universally unique MAC address.<br />
When computers attached to a LAN<br />
need to send data to each other over the<br />
LAN, they build LAN frames. <strong>The</strong> frame<br />
header specifies the destination MAC<br />
address to which the frame will go. <strong>The</strong><br />
frame body contains the data to be sent,<br />
such as an IP packet.<br />
So, how does an IP node on a LAN<br />
discover the MAC addresses associated<br />
with other nodes on the same LAN? That’s<br />
where the ARP protocol comes into play.<br />
It allows any IP node on a LAN to ask<br />
for the MAC address associated with any<br />
IP address on the same LAN by sending<br />
broadcast frame containing an ARP<br />
request for that IP address. <strong>The</strong> IP node<br />
that owns that IP address then responds<br />
with an Address Resolution Protocol (ARP)<br />
reply that contains the MAC address for<br />
one of its interfaces that is attached to this<br />
LAN. <strong>The</strong> IP node that receives the reply<br />
would then typically save the reply in an<br />
ARP cache. Caching the reply allows this<br />
information to be reused later if the IP<br />
node needs to send another IP packet to<br />
the same destination IP address.<br />
OSA adapters and ARP processing<br />
With OSA adapters operating in Queued<br />
Direct IO (QDIO) mode, much of the ARP<br />
processing is done by the OSA microcode.<br />
Many TCP/IP stacks can share an OSA<br />
adapter and, as a result, share a single<br />
MAC address.<br />
To help the OSA adapter determine<br />
which TCP/IP stack an incoming IP<br />
packet should be given, the OSA adapter<br />
maintains a table that includes the home<br />
IP addresses of all TCP/IP stacks that<br />
share the adapter. This table is known<br />
as the OSA address table (OAT) and its<br />
content is strictly controlled by the TCP/IP<br />
stacks, which register and deregister<br />
HOME IP addresses as they become active<br />
or inactive.<br />
When an IP address is registered by<br />
a TCP/IP stack in the OAT, the TCP/IP<br />
stack indicates whether the OSA adapter<br />
will do ARP processing for this address.<br />
This allows the TCP/IP stacks to move<br />
ARP responsibility from one OSA adapter<br />
to another.<br />
If an OSA adapter becomes unavailable,<br />
but a TCP/IP stack has another OSA<br />
adapter connected to the same subnet,<br />
the TCP/IP stack requests the other OSA<br />
adapter to take over ARP processing<br />
responsibility for the IP address of the<br />
failing OSA adapter in addition to its<br />
own IP address — or, in a sense, move the<br />
OSA IP address from one OSA adapter<br />
to another. This process is also known as<br />
ARP takeover.<br />
VIPA and ARP processing<br />
This ARP processing is the key to<br />
achieving high availability with DVIPAs