VLANs are commonly configured to implement virtual subnets in a shared physical interconnect. Unfortunately, VLANs also may share backplane and link bandwidth with other traffic and are not the true dedicated interconnect preferred for a Sun Ray environment. Because Sun Ray appliances are not on an isolated and private interconnect (the ideal environment), traffic on other VLANs could adversely affect the bandwidth and latency requirements for Sun Ray appliance traffic. In the worst case this could result in artifacts (visible to the user) on the screen, reduced painting rates or even session-on discounts.

Auto-Negotiation
The Ethernet port on the Sun Ray appliance relies on auto-negotiation. To obtain the highest speed and duplex settings, the Extreme Ethernet switch port connected to the Sun Ray appliance should be left at auto-negotiate (the default setting). If you configure an Extreme Ethernet switch with a specified port setting of 100 or 10 megabits, auto-negotiation is disabled on that port. This action forces the Sun Ray appliance to rely on auto-sensing. As a result, the Sun Ray appliance assumes the interface is half-duplex because it is not possible to reliably detect (from auto-sensing) whether an interface is half- or full-duplex.

Note - If auto-negotiation is disabled on the port connected to the Sun Ray appliance, the appliance cannot reliably detect whether an interface is half- or full-duplex mode.

Note - All ports connected to Sun Ray appliances should be configured to auto-negotiate.

Note - You cannot hard code the speed/duplex rate on the Sun Ray appliances.

Note - To check on the speed and duplex settings that have been negotiated, use the "show port configuration" comment on the Extreme switch.

The most common of these capabilities is enabling the spanning tree protocol on a port connecting the Sun Ray appliance. The spanning tree protocol is a Layer 2 protocol, designed to detect and compensate for loops or redundant paths in the network. This protocol checks for loops and disables all redundant paths automatically, so that one path exists between the two devices. In this case, the initial "listening and learning" of the spanning tree protocol used to detect possible loops also prevents the Sun Ray from immediately becoming operational after power-up.

When utilizing Extreme Ethernet switches spanning tree should be disabled for ports connected directly to Sun Ray appliances since a Sun Ray appliance connecting to a switch does not cause a physical loop. Enabling spanning tree on ports connected to Sun Ray appliances might, in a worst-case scenario, create sufficient delay in the connection process to cause appliances to time out and reset themselves. If spanning tree is disabled for ports connected directly to Sun Ray appliances and the power-up time is still excessive, contact the Extreme Technical Assistance Center to determine if there could be other factors interfering with the Sun Ray appliance.

Bandwidth Limitations and Packet Loss
The Sun Ray appliance is designed for a nominal office environment, with Ethernet installed where the typical interconnect bit error rate is less than 10-9 . The interconnect should be designed to avoid congestion such that packets are not dropped at a rate greater than this assumed error rate.

Typically, this is not a problem in smaller LAN environments because the average utilization of most networks is quite low and there are not points of over-subscription in the network design. Also, dropped packets are recovered by higher-level protocols requesting retransmission of the information. In a seriously over-subscribed environment, the performance of the Sun Ray appliance might be affected to a degree where it becomes unsatisfactory. However in larger LAN environments there are very likely over-subscription ports in the network design, or non-Extreme network devices, which are not capable of full bandwidth. This can impact bandwidth and latency.

Another possible cause of packet loss might be a misconfigured speed and/or duplex settings for the Sun Ray appliance’s server. If there is an auto-negotiation problem between the Sun Ray appliance server and the switch (for example, the server does not auto-negotiate a full-duplex connection with the switch), both the server and the switch might have to be set manually to operate at full duplex 100 Mbps or 1 Gbps.

Latency
The Sun Ray architecture relies on latency from the client to the server and return to be less than approximately 100 milliseconds. Beyond this level, users can begin to notice the delay. In a nominal network, typical latency times are on the order of tens of microseconds, so this is usually not an issue unless there are a series of over-subscription ports in the network design.

Extreme's Policy-Based Quality of Service and Sun Ray Traffic
In a dedicated interconnect, if all traffic in the LAN is dedicated to the Sun Ray server then we can refer to all of the traffic as Sun Ray traffic, controlled and limited by the Sun Ray servers. This reduces the potential for over-subscribing switches and links since the server compensates for traffic loss.

Implementing a Sun Ray interconnect through VLANs creates a logical dedicated connection, but also introduces the sharing of physical resources with uncontrolled non-Sun Ray appliance traffic. Consequently, other traffic may consume these same resources. These resources could be a link between switches that carry multiple VLANs, as shown in Figure 1. Using Policy- Based Quality of Service (QoS) on Extreme switches preserves the bandwidth and latency requirements for Sun Ray traffic when there are multiple over-subscription ports in the network design.

Figure 1:Illustration of Shared Physical Resources in Multiple VLANs Configurations

Click here to enlarge

With Extreme Networks switches connected in a dedicated interconnect, no configuration or management is required once the spanning tree protocol has been disabled on the ports connected to Sun Ray appliances. Switches can simply be connected together (carefully watching bandwidth requirements) to implement a larger interconnect. A typical heterogeneous network contains multiple VLANs with shared interconnection links and over-subscription ports in the network. It is here that Extreme switches can maintain the necessary bandwidth and latency required to keep both the Sun Ray devices and the rest of the network performing optimally.

Recommendations for Configuring VLANs and Policy-Based QoS
Design in Sufficient Bandwidth
When designing the network, the switch interconnects carry the critical latency sensitive VLAN traffic. Over-subscription is acceptable if there is at least sufficient bandwidth for critical applications. While this is less of an issue for Ethernet switches than others, over-subscription within a switch can result when too many edge ports source packets are destined for a single egress port. Methods such as link aggregation can be employed to avoid this condition.

Assign VLANs on Port Basis
VLANs are typically defined on a port basis. VLAN membership is determined by assigning a VLAN ID to a group of ports. A port is typically a member of only one port-based VLAN, unless IEEE 802.1Q tagging is applied to the port. 802.1Q tagging adds four additional bytes to the Ethernet packet. The first two bytes identify that the packet has an 802.1Q tag, while the last two bytes contain the packet priority information (if used) and the VLAN ID. With tagging, the device that receives the tagged packet can then determine which VLAN the packet belongs to. Typically, the only ports needing 802.1Q tagging are those carrying multiple VLANs, such as switch interconnection ports.

Figure 2 shows an example of when to tag the ports in a Sun Ray interconnect. The ports connecting the Sun Ray appliances and the Sun Ray appliance servers are untagged, because they are in only one port-based VLAN. The ports on the link between the two switches are tagged, because they are in multiple VLANs (VLANs 101 & 102). The link carries information from multiple VLANs. The tag information dictates to which VLAN the packet belongs. The VLAN configuration should be done strictly within the switch infrastructure; there is no configuration required on the Sun Ray server or Sun Ray clients.

Using Figure 2, both Summit48i switches will use VLAN101 for their non-Sun Ray VLAN, and VLAN102 for their Sun Ray VLAN.

The top Summit48i switch (A) will use the following VLAN configuration:

With this configuration, port 50 is used to connect both switches together with Gigabit Ethernet. VLAN tagging is used to allow both VLANs to share this link. All legacy systems can be attached to any of the ports numbered 1 through 24, and any of the Sun Ray appliances can be attached to ports 25 to 48. The Sun Ray server can be attached to the Gigabit Ethernet port number 49.

The bottom Summit48i switch (B) could be configured in the same manner except for the extra Gigabit Ethernet port, which would either be unused or reconfigured for one of the two VLANs if necessary. If needed, the port assignment above could be modified to add port 49 to VLAN101 without tagging by using the following commands in place of the 6th and 7th command lines above:

Confirm the settings using the commands "show vlan vlan101" and "show vlan vlan102" Remember to save your changes with the "save" command.

Figure 2:Tagged and Untagged Ports in Port-Based VLANs

Click here to enlarge

Configuring Policy-Based QoS for a Sun Ray VLAN
If there is a noticeable amount of Sun Ray appliance traffic loss at interconnect links, the VLAN carrying Sun Ray traffic can be given allocated bandwidth which will minimize loss and bound latency.

Utilizing Extreme Ethernet switches, you can modify the VLANs Quality of Service (QoS) profile in order to provide high-priority bandwidth to Sun Ray appliances. By default all VLANs are placed in the lowest priority setting unless reconfigured. In order to configure the priority on the Sun Ray VLAN in a Summit 48i, first we "classify" the Sun Ray traffic, putting it into a different queue based on its VLAN. Then we configure the "treatment" for the queue using the following command:

To confirm correct setting use the command:

Adding Bandwidth Capacity of Over-assembled Links
If the capacity of the interconnect links become significant bottlenecks and cause the loss of Sun Ray appliance traffic, the bandwidth of the links should be increased either by connecting a higher bandwidth link or by aggregating multiple links together, as shown in Figure 3.

Note: If you choose to aggregate links, do not select a round-robin approach. This could result in out-of-order Sun Ray packets that are treated as dropped packets.

Figure 3:Aggregate Multiple Individual Links to Increase Bandwidth

Click here to enlarge

In Figure 3, assuming we will use four 100Mbps ports for link aggregation, configure each switch with the following command:

To confirm correct configuration use the command:

Add Parallel Switches for Redundancy and Additional Capacity
Enterprise networks, when architected properly, are hierarchical from both a topology and a network-addressing stance. While this paper deals only with Layer 2 topologies and does not address IP addressing schemes or IP routing considerations, it still makes sense to address redundancy and how additional capacity can be added to the interconnect.

To eliminate potential single points of failure in shared network resources, you can have redundant servers connected to parallel redundant switches in the data center. These data center switches should be connected in turn to parallel redundant switches in the central wiring closet. The switches in the distribution wiring closets should also be dual attached to switches in the central wiring closet. Depending upon the size of your network, there may also be intermediate closets. Extreme Networks offers redundancy features such as Extreme Standby Router Protocol (ESRP) and Equal Cost Multipath Routing. When using Extreme switches, the redundant switches can also load-balance traffic between the switches, when both are operational.

Figure 4 shows examples of how to configure each switch in the design with the following commands.

Data Center Switches (assuming Extreme Alpine 3804 switches with 2 Gigabit modules in slots 1 & 2):

Central Wiring Closet (assuming BlackDiamond 6808 switches with Gigabit modules in slots 1 & 2):

On the switch that you designate to be the ESRP master (the normally active switch), add the following commands:

If you wish to load-balance VLANs across both switches one switch can have a higher priority of 5 on the first VLAN and the default setting of 0 on the second VLAN. The other switch can be reversed so that it will have the higher priority of 5 on the second VLAN and the default setting of 0 for the first VLAN.

To confirm settings, use the commands "show vlan detail" and "show esrp detail". For detailed information on ESRP, refer to Extreme Networks documentation, ExtremeWare Software User Guide version 6.1 or go to http://www.extremenetworks.com/services/.

Distribution Wiring Closet Switches (assuming Summit 48i stackable switches):

From the factory defaults, no additional configuration is necessary.

Note: The above recommendations are generic in nature. It is expected that any customer implementing VLANs is experienced and knowledgeable in the area of networking administration and maintenance. For details on specific switches, please refer to technical documentation.

Figure 4:Redundant Sun Ray Servers and Switches

Click Here to enlarge