Creating a Virtual System and Allocating Resources

This section describes how to create a virtual system and allocate resources to it.

Context

A resource class must be specified for a virtual system to allocate resources, such as policy and concurrent sessions quota.

In addition, public IP addresses, interfaces, VLANs and VXLANs must be allocated as required after a virtual system has been added.

Procedure

Choose System > Virtual System > Virtual System.

Click Add. Then click the Basic Settings tab and configure necessary parameters.

Parameter	Description
Name	Name of the virtual system.
Description	Description of the virtual system. The description must clearly indicate the function of the virtual system so that virtual systems can be easily searched for.
Resource Class	Resource class to be bound. Values are as follows: If no resource class is selected, or if NONE is selected, the virtual system preempts resources, such as concurrent sessions and policy quota, from the public system. If the public system does not have any resource available, the virtual system will have no resource to use. Select New Resource Class to create a new resource class and bind it to the virtual system. Select a resource class and bind it to the virtual system.

Parameter

Description

Name

Name of the virtual system.

Description

Description of the virtual system.

The description must clearly indicate the function of the virtual system so that virtual systems can be easily searched for.

Resource Class

Resource class to be bound. Values are as follows:

If no resource class is selected, or if NONE is selected, the virtual system preempts resources, such as concurrent sessions and policy quota, from the public system. If the public system does not have any resource available, the virtual system will have no resource to use.
Select New Resource Class to create a new resource class and bind it to the virtual system.
Select a resource class and bind it to the virtual system.

Allocate interfaces, VLANs or public IP addresses for the added virtual system.
- Click the Interface Settings tab. Then allocate the interfaces for the virtual system as required.
  
  The interface must be an available Layer-3 Ethernet interfaces, Layer-3 Ethernet subinterfaces, Layer-3 Eth-Trunk interfaces, Layer-3 Eth-Trunk subinterfaces, Tunnel interfaces, WAN interfaces, Loopback interfaces, or Virtual-Template interfaces. When you configure bandwidth management, you need to set an interface as the public interface in the public system to collect traffic statistics of virtual systems.
- Click the VLAN tab. Then allocate the VLANs for the virtual system as required.
  
  The VLANIF interface corresponding to the VLAN is also assigned to the virtual system.
- Click the VXLAN tab. Then allocate the VXLANs for the virtual system as required.
  
  The Vbdif interface corresponding to the VXLAN is also assigned to the virtual system.
- Click the Public IP Address tab. Then allocate the public IP addresses for the virtual system as required.
  
  The public IP address allocated to the virtual system is applied to the NAT, NAT Server, and interface.
  
  Exclusive IP Address Ranges: The public IP address assigned to a virtual system cannot be assigned to other virtual systems.
  
  Shared IP Address Ranges: The public IP address assigned to a virtual system can still be assigned in share mode only to other virtual systems.
  
  After a public IP address is assigned in exclusive or share mode to a virtual system, the public system cannot use the address any more.
- Click the L2TP Resource tab and allocate L2TP resources to the virtual system.
  
  The number of L2TP resources refers to the total number of L2TP resources (LNS and LAC L2TP resources) available in a virtual system, that is, the maximum number of VT interfaces that can be bound to the virtual system.
  
  A maximum of 10 VT interfaces can be bound to a virtual system. If this item is not specified, the default value is 0. That is, no VT interface is bound to the virtual system.
Configure usage permissions of content security features (antivirus, intrusion prevention, and URL filtering) for the virtual system based on service operation requirements.
Click the Security Feature Settings tab and enable or disable the antivirus, intrusion prevention, or URL filtering function.

By default, the virtual system has the antivirus, intrusion prevention, and URL filtering functions enabled. After you disable a function, configurations related to this function in the virtual system become invalid. However, the system retains this function on the web UI and all configuration information. You can delete the existing but not the default profile. In addition, you can no longer add, copy, or modify a profile.

After configuring the usage permission of URL Filtering for the virtual system, the virtual system can also obtain the usage permission of DNS Filtering function.

To configure usage permissions of a feature for the virtual system, the administrator that logs in to the root system must have the read and write permissions of this feature.
Set a guaranteed value for the log buffer on a virtual system.
Click the Other tab. In Guaranteed Log Buffer, enter a guaranteed value.

By default, the guaranteed value of a log buffer on a virtual system is not set, indicating that the log buffer size of a virtual system is not guaranteed.

The configured guaranteed value takes effect for both system logs and service logs. Based on the guaranteed value, the device assigns log buffer resources that cannot be preempted for system logs and service logs for the virtual system. These resources are exclusive to the virtual system.
Click OK.

Follow-up Procedure

After configurations are complete, perform the following operations:

Check the created virtual system and system resources allocated to it in Virtual System List.
Select a virtual system in Virtual System List and click Resource Usage to view the usage of the resources allocated to the virtual system.
Select a virtual system and click to access the virtual system configuration page.

To delete a virtual system, select the virtual system in the Virtual System List, and click Delete. Then, click OK in the dialog box that is displayed. All configurations of the deleted virtual system are cleared, and all resources allocated to the virtual system are reclaimed.