In PowerVM's virtual networking environment, you know what a Virtual Ethernet adapter is, and why

a VM needs Virtual Ethernet adapter mapped against a physical adapter. You know how to bridge the
traffic coming out from a VM owning the Virtual Ethernet adapter onto physical network but also
recognize the complexity involved in configuring a SEA on a VIOS to achieve this.

It doesn’t end there.

The traffic from the client VM shouldn’t get dropped if the physical adapter backing the SEA fails, or
the VIOS itself doesn’t respond. This calls for a fail-over setup. Now, you create another trunk adapter
on another VIOS (…and assuming you selected right trunk priority) and create a SEA using this new
trunk adapter and a physical adapter on second VIOS. (Oops, did you make sure the physical adapter
you are trying to use for creating the SEA is not used by other devices, may be by another SEA or
LinkAggregation?)

So far so good!

Did you observe the 10GbE network adapter that you bought and configured SEA with, on the second
VIOS, is sitting idle!

Ok, let’s make the best use of both adapters. You configured more trunk adapters on each of the
VIOS’s and assigned them to SEAs on each of the VIOSs to balance the load across the SEAs. (Hope
you configured/distributed the VLANs properly across the trunk adapters for optimal balancing of
traffic across SEAs, and assuming you selected the right trunk priority while adding the new trunk
adapters).

Throughout the process, hope you made sure to use the right SEA PVID and the right default virtual
adapter to avoid surprises - Good!

Ah, finally!! You did it! The network virtualization works well and bridges the client VM traffic to
physical network through SEA(s) configured on VIOS(s).

We were just thinking about the effort you have put in configuring the virtual networking for your
VMs and the manual errors you were hitting here and there and the time you spent in identifying and
correcting the configuration.

With Enhanced UI, we simplified the virtual network management experience and designed a simple
and fresh model that helps you configure networking to the VMs with few simple steps avoiding the
chances of user errors (and all that from a single console). With the newer model, configuring network
adapter for a VM is as simple as creating a network on the system and adding VM to that network
(thats it!).

All that the user has to do is create a Virtual Network on the system, then go to the Partition
management and add that partition to the created virtual network (or any other network from the list of
configured networks on the system).

To simplify the user experience to such an extent, we needed to work on introducing a completely
newer network object model on HMC. (Remember, this is only changing the usage model from HMC
to simplify user experience. The effective configuration created on the client partitions, VIOS/SEAs
remains the same.)

Before jumping into the configuration walk-through, we will introduce you to the newer network
objects, terminology and provide you their relative legacy equivalent object(s):

Virtual Switch
Same as legacy model, it is the Hypervisor’s implementation of Layer-2 physical switch.

Virtual Network
Virtual Network is a unique representation of VLAN ID and VSwitch combination within a system.

The virtual networks are classified into below categories:

Bridged and Internal Network

A Virtual Network can be configured either as Bridged or Internal network.

Bridged Network, as the name suggests, allows the traffic from VMs to be bridged onto external
physical network through SEA(s) configured on the VIOSs. When selected as Bridged, you need to
provide the appropriate VIOS and Adapter details that bridge the traffic from this virtual network to
the physical network.

An Internal Network is not bridged. It is used for communication between the VMs within the
server.

Tagged and Untagged Network

The Tagged/Untagged property is applicable when the network is bridged.

If the virtual network is untagged, that means the traffic from all the partitions that are connected to
this network are routed to the external physical network without the VLAN tagging (Equivalent to
PVID of the SEAs).

If the virtual network is tagged, that means the traffic from all the partitions that are connected to this
network are routed to the external physical network with the VLAN tag (Equivalent to additional
VLAN IDs of the trunk adapters associated with SEA).
Network Bridge
NetworkBridge is a wrapper object around the existing Shared Ethernet Adapter (SEA) and provides a
unique way of managing the network bridge functionality for all configurations like: Failover,
LoadBalancing and Non-Failover. When a Virtual Network is created as Bridged, it can either be
added to one of the existing bridges' on the managed system or a new Network Bridge is created to
bridge the traffic of this network to the external physical network.

Network Bridge can be configured with following options:

Non failover

For Non failover configuration, Network Bridge represents a single SEA. In this mode, a single VIOS
and a physical adapter on that VIOS are selected to configure a SEA.

Failover enabled

A Failover Network Bridge represents a pair of SEAs configured on two VIOSs. With Failover, HMC
provides the option to choose two VIOSs and a network adapter each on those two VIOSs. In failover
configuration, the primary SEA will bridge the traffic from virtual to physical network. In case the
primary SEA (or VIOS) fails, the traffic is bridged through the secondary SEA.

Load Sharing Enabled

HMC provides an option to enable Load Sharing on the NetworkBridge. By enabling Load Sharing,
the network traffic from a subset of virtual networks is shared among the SEAs within the Bridge.

With Enhanced UI, user only needs to select whether they want a failover or non-failover bridge for
the network. HMC will create equivalent SEA configurations on the selected VIOSs and hide the
complexity of the configuration from user.

Load Group
To further simplify the load sharing configuration of VLANs bridged by SEA pair, the new Network
Model introduced the concept of LoadGroup within the Network Bridge. Load Group is a pair of
Trunk Adapters with the same VLAN and Vswitch configuration created on two VIOSs within the
SEA pair. Two trunk adapters with overlapping VLAN IDs and different trunk priorities makes a pair
within the bridged setup. This pair is represented as single LoadGroup in the new user model.

A user creating a new virtual network on the managed system has the option to either create new
NetworkBridge for that network or add the network to an existing NetworkBridge. While adding the
network to an existing NetworkBridge, the user can choose the LoadGroup to which the network
needs to be added. In Load Sharing scenario, the virtual networks are shared among the SEAs at Load
Group level. Set of Networks associated with a LoadGroup (a trunk adapter pair) are bridged by one
SEA and set of networks associated with another LoadGroup are bridged by second SEA within the
NetworkBridge.

The table below summarizes the relationships of the newer objects with existing legacy model:
Enhanced UI Model Equivalent Legacy Model
Virtual Switch Virtual Switch
Virtual Network (New) -
Network Bridge
Single SEA (non-failover) OR

Pair of SEAs (failover/load balancing)

Load Group
Trunk Adapter on SEA (non failover)

OR

Pair of Trunk Adapters with exact same configuration across two failover/load balancing SEAs

Virtual Network Management through Enhanced GUI

This section provides the overview of Bridged Virtual Network configuration on the managed system
with the simplified UI.

View Virtual Networks in the system

The screen below shows the list of virtual networks and associated Network Bridges in the system. In
the example screen below, we have one virtual network (not Bridged). The highlighted button (green
box) provides the option to add a new virtual network in the system.

Figure 1. System level virtual networks view

Create a Bridged Virtual Network

When “Add Virtual Network” is selected from the above page, you will be asked to provide some of
the minimal network details as shown in screen below.

As highlighted below, you have the option to select the Network type: Bridged or Internal, Tagged or
Untagged, and select the VSwitch and VLAN ID with which the Network needs to be configured.

Figure 2. Add virtual network - virtual network parameters

While creating the Untagged Virtual Network, the VLAN ID of the Virtual Network is used as the
PVID of the Network Bridge (which is the PVID of SEA). In the case of Tagged Virtual Network, you
need to specify the PVID of the Bridge (which is used as PVID of SEA). In this case, the VLAN ID of
the Tagged Virtual Network is configured as an additional VLAN ID on the SEAs Trunk Adapter.
When Selected as Bridged Network, appropriate Bridge details will be provided in the next step. If
user opted for an Internal Network, no Network Bridge details need to be provided. With Advanced
setting shown in the above figure, you can select a different VSwitch (than the auto selected Default
Switch or create a new VSwitch)

Network Bridge details

Once the Virtual Network Type, VLAN ID and VSwitch are selected in above screen, you will be
prompted for the NetworkBridge properties.

In this step the user has the option to select the Network Bridge configuration. It provides the option to
choose whether the Failover, Load Sharing, etc. is required. It also provides certain interface specific
attributes to be configured on the created SEA like: QoS, Jumbo Frames, etc.

In case that Load Sharing is enabled, you need to provide the second LoadGroup details, as
highlighted in Green below. The first Load Group is created with the NetworkBridge PVID. The
chosen Virtual Network will then be added to the default LoadGroup while creating the
NetworkBridge.

Figure 3. Add virtual network - network bridge parameters

VIOS and Backing Ethernet Adapter details

Based on the configuration selected in the previous page (either failover enabled or not), this page
provides the user an option to choose either single or dual VIOSs along with the Physical Network
device on each. As highlighted below, HMC also provides an option to configure the Network
interfaces of the created SEAs with the provided IP details. In this page, HMC will list only those
physical adapters which are available for creating the SEA. This will avoid user verifying the usage of
each of those adapters by any other SEA or LinkAggregation devices.

Figure 4. Add virtual network - vios and physical adapter selection

Configuration Summary
The final page of the wizard shows the summary of the configuration selected by the user. You can
switch the view between Adapter and Virtual Network view (via the button highlighted below) to
configure the virtual adapter details for the VIOS. HMC uses default attributes for the virtual ethernet
adapters that will be created as a result of this configuration deployment. You can use the adapter view
to work with the finer or granular details like adapter slot number, etc.

Clicking on Finish will configure the Virtual Network setup on the Hypervisor and both VIOSs. The
configuration result in the following actions:

Creates a Virtual Network on the system

Creates Trunk Adapter(s) on each of the VIOSs (either one or two based on the load sharing selection)
Creates the Shared Ethernet Adapter(s) on each of the VIOSs with the selected Physical Adapter as the
backing device.
Configures the created SEAs with the IP details provided.
All this is achieved from HMC console and the user doesn't need to switch between HMC and VIOS
consoles.

Figure 5. Add virtual network - vios and physical adapter selection

The screen below shows the resultant Virtual Networks view with newly created Virtual Network and
Network bridge. The Virtual Networks table shows the newly created Virtual Network (highlighted in
green) along with the associated Network Bridge and LoadGroup. The Network Bridges table shows
the created Network Bridge (highlighted in green) and the associated VIOSs it is configured on.

Figure 6. Virtual Networks view after the new network addition

Modify NetworkBridge
You can modify the Network Bridge properties by right clicking on the Network Bridge as highlighted
in Red in above Figure 6.

The modify Network Bridge panel provides the option to change the backing physical network adapter
and set some of the SEA specific attributes like QoS etc. as highlighted in Figure 7.

Figure 7. Modify network bridge properties

While the above Virtual Network creation flow is referring to creating a new Network Bridge, you can
choose to add the Virtual Network to one of the existing Bridges.

The section below covers the procedure for creating and adding the virtual network to an existing
Network Bridge.

Create a Bridged Network with Existing Network Bridge

While creating a new virtual network, if a Network Bridge already exists in the system, you will have
option to either add network to one of the existing bridges or create a new bridge. We can create a
Virtual Network with existing bridges only if we are creating a tagged network with existing virtual
switches. To create a virtual network with one of the existing bridges, we create a Tagged Network
with existing virtual switch and provide VLAN ID for the network, and click on Next to select bridge
from the existing bridges.
Figure 8. Add virtual network with existing bridge

Figure 9. Add virtual network - select the bridge

After selecting the Network Bridge and clicking on Next, you will be taken to the Load Sharing
option. (Since the Network Bridge is already existing, you will not be prompted to select the VIOS
and Adapters for creating SEAs)

Figure 10. Add virtual network - select the load group

As shown in above screen, you have the option to either select one of the existing Load Groups (a
Trunk adapter pair in legacy terms) to which the newly created network will be added, or you can
choose to create a new LoadGroup by providing a PVID. In the later case, a trunk adapter pair gets
created on both SEAs with specified PVID and the network is added as additional an VLAN ID into
these trunk adapters. The complexity involved in creating trunk adapters, updating the same with
additional VLAN IDs and associating the new trunk adapters with SEAs is all handled by the HMC in
the background. All you need to do is select the LoadGroup to which the network needs to be added.

Click 'Next' to summarize the configuration and then click ‘Finish’ to add virtual network to the
NetworkBridge.

Manage Network Connections of the Client Partition

Having a Bridged Virtual Network configured on the Managed System, you can now add a Client
Partition to this Virtual Network in simple steps through “Manage Partition”.

Figure 11. Virtual network view of client partition

Clicking on “Manage Network Connections” shown in Figure 11 lists all the virtual networks
configured on the managed system and provides option for selecting the networks to which the
partition needs to be added (as shown in Figure 12). Please note that the "Manage Network
Connections" option is not enabled when there is no active RMC connection on a Running partition.
Figure 12. Virtual network selection for client partition

Select the appropriate Networks to which the Partition needs to be connected and click on 'OK'. This
will create a Client Network Adapter on the Partition with configurations equivalent of the virtual
network selected (Network's VLAN ID and VSwitch as the VEth adapter's PVID and VSwitch
respectively).

In summary, we have made it simple to work with virtual networks by abstracting some of the finer
details and are very interested in hearing your feedback on this simplified model.

Enhanced UI Model Equivalent Legacy Model

Virtual Switch Virtual Switch

Virtual Network (New) -

Single SEA (non-failover) OR

Network Bridge
Pair of SEAs (failover/load balancing)

Trunk Adapter on SEA (non failover)

OR
Load Group
Pair of Trunk Adapters with exact same
configuration across two failover/load
balancing SEAs

Can you help me, there is something that I don't understand.

When you do the virtual network, you set the network bridge with failover and loadsharing, and so
you will have 2 load group( loadgroup_1 and loadgroup_10) but at the end, loadgroup_10 doesn't
appear on the virtual network tab. I expect, the 2 loadgroup link to the network bridge. Is it just the
virtual network tab that I don't understand? Is the loadgroup_10 link to the network bridge or must I
do something else to link it?
Once a Bridged network is created with load balancing enabled, the network table will show two
networks: The original network you created (assuming it with VLAN ID 1) with Network Bridge
(NetworkBridge_1) and Load Group (LoadGroup_1) details in respective columns and another
internal network that got created equivalent of the second Load Group's PVID (In your case VLAN10-
<Switch name> ) with the LoadGroup_10 as the associated LoadGroup in the last column.

Once a Bridged network is created with load balancing enabled, the network table will show two
networks: The original network you created (assuming it with VLAN ID 1) with Network Bridge
(NetworkBridge_1) and Load Group (LoadGroup_1) details in respective columns and another
internal network that got created equivalent of the second Load Group's PVID (In your case VLAN10-
<Switch name> ) with the LoadGroup_10 as the associated LoadGroup in the last column.

Can you please share the version of HMC you are using. In older HMC versions, though the second
Load Group gets created, it might not show-up in the networks table unless there is a network added to
that Load Group exclusively.

You can also see the details of the configured Load Groups from the Virtual Network Bridge view.
1. Expand Virtual Network Bridges
2. Select the Network Bridge
3. Click on the Action menu and select 'View Virtual Network Bridge"
4. Expand "Advanced Settings" of the Network Bridge and you will see all the configured load groups
under "Load group Settings" table.

My hmc version is Version 9 Release 1 Service Pack 930 Build Level 1904220700
Yes, I see the second LoadGroup when I watch the setting of the Virtual Network Bridges, so this is
the virtual network tab which is confusing.
On my opinion, the clearer way to see the network setting is on virtual networking diagram part.
I have an other question. I can't Add virtual network with existing bridge, I can't chose between an
existing bridge or a new one. Is it due to the version of hmc?

To be able to select between existing bridge and a new one, while creating the Virtual Network choose
the "IEEE 802.1Q Tagging
" option. When this option is not selected it is considered as Untagged network and an Untagged
network can be added only to a new Network Bridge.