osdir.com

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Basic networking setup


Yep, you're right, all service traffic in one VLAN,
all guest traffic in another one for pod or all zone.

You are welcome.

2018-05-29 17:09 GMT+07:00 Jon Marshall <jms.123@xxxxxxxxxxxxx>:

> So everything on one subnet/vlan except guest traffic which has it's own.
>
>
> Man thanks for that.
>
>
> ________________________________
> From: Ivan Kudryavtsev <kudryavtsev_ia@xxxxxxxxx>
> Sent: 29 May 2018 10:49
> To: users
> Subject: Re: Basic networking setup
>
> Hello, Jon,
>
> Basically following schema is used for a basic zone:
> 1. system VMs and hardware servers (heads, secondary storages, hypervisors)
> use a fake net like 10.0.0.0/16 (I also do NAT all those nodes thru heads
> to avoid public IPs, or separate security appliance can be used);
> 2. guest network - separate CIDR used;
>
> I still think that the sentence you cite is correct. Every pod has
> dedicated CIDR (pt2) which assigned to guest VMs, the same stuff (actually)
> is true for management, but this is another CIDR (pt1).
>
> Some people also suggest using a separate network for storage, but I don't
> see advantages for small and medium deployments.
>
> Cheers.
>
> 2018-05-29 16:12 GMT+07:00 Jon Marshall <jms.123@xxxxxxxxxxxxx>:
>
> > From the 4.11 documentation -
> >
> >
> > "When basic networking is used, CloudStack will assign IP addresses in
> the
> > CIDR of the pod to the guests in that pod. The administrator must add a
> > Direct IP range on the pod for this purpose. These IPs are in the same
> VLAN
> > as the hosts."
> >
> >
> > It may be the way it is written but the above suggests that the IP subnet
> > used for guest VM traffic is the same IP subnet used for the actual hosts
> > themselves.
> >
> >
> > But in the same documentation it says it recommends the use of separate
> > NICs for management and guest traffic.
> >
> >
> > I have setup CS using separate subnets for management, Guest VMs and
> > storage so 3 separate NICs each in a different vlan using a different IP
> > subnet. (the NICs are not vlan aware, just connecting to ports in
> different
> > vlans on the switch).
> >
> >
> > Should I be using just the one IP subnet for all NICs and simply
> > connecting them all to the same bridge instead ?
> >
> >
> > Jon
> >
> >
> >
>
>
> --
> With best regards, Ivan Kudryavtsev
> Bitworks Software, Ltd.
> Cell: +7-923-414-1515
> WWW: http://bitworks.software/ <http://bw-sw.com/>
> Bitworks Software — custom software development for fast ...<
> http://bitworks.software/>
> bitworks.software
> Welcome to Bitworks Software. We update our web-site currently. Our
> estimate of coming back is middle of May, 2018. Currently available
> resources:
>
>
>
>


-- 
With best regards, Ivan Kudryavtsev
Bitworks Software, Ltd.
Cell: +7-923-414-1515
WWW: http://bitworks.software/ <http://bw-sw.com/>