Basic Concepts of VSs
Virtualization of the control plane: Each VS runs its own control protocol processes. A process error in one VS does not affect processes in other VSs. For example, if the STP process fails in a VS, STP processes run normally in other VSs, as shown in Figure 2-2.
Virtualization of the management plane: Each VS maintains its own configuration file and can be managed by different administrators.
Virtualization of the forwarding plane: Each VS maintains its own forwarding table and protocol stacks. Traffic is processed independently on each VS. Data flows are isolated between VSs to ensure service isolation and security.
Admin-VS
Admin-VS: the administrative VS. Each PS has an Admin-VS that retains in running state. The Admin-VS cannot be created, deleted, or shut down. An administrator enters the Admin-VS after logging in to the PS. In the Admin-VS, the administrator can create, delete, or allocate resources to VSs.
Administrator
PS administrator: the only user that can perform operations in the Admin-VS. A PS administrator has the highest privilege level and can create, delete, or allocate resources to VSs. The PS administrator can also enter a non-Admin-VS.
VS administrator: manages only a local VS. A VS administrator can configure services in the local VS but cannot perform operations related to the entire PS, such as resetting boards and backing up electrical labels.
MAC Address
Each VS including the Admin-VS is automatically assigned a MAC address. The MAC address cannot be changed.
File System
Each VS has an independent file system and manages its configuration files and log files. A VS administrator is only allowed to perform file operations on the local file system. Operations on one VS do not affect other VSs, so security is guaranteed.
