openstack team mailing list archive

[Andrew Holway <a.holway@xxxxxxxxxxxx>]

Hi Vish,

Manually creating vlans would be quite tiresome if you are using a vlan per project and I'm not sure flatdhcp is good for serious use in multi tenanted production environments. (thoughts?)

I tested the vlan manager functionality and this is *really* great for when you want to keep a customer on its own logical network with its own subnet but if you want to have a instance on more than one network your seem kinda screwed. This starts to be a problem when you think about DMZ's and proxys and stuff.

Thanks,

Andrew


On Dec 20, 2012, at 6:35 PM, Vishvananda Ishaya wrote:

> There is no need for nova to create the vlans, you could use flatdhcp and manually create the vlans and specify the vlans when you create your networks:
> 
> nova-manage network-create --bridge br0101 --bridge_interface eth0.101
> nova-manage network-create --bridge br1101 --bridge_interface eth1.101
> 
> Note that exposing two networks to the guest can be tricky, so most people just use the the first bridge and do the public addresses with floating ips:
> 
> nova-manage floating-create --ip_range <ip_range> --interface eth1.101
> 
> (no bridge is needed in this case)
> 
> Vish
> 
> 
> On Dec 20, 2012, at 6:56 AM, Andrew Holway <a.holway@xxxxxxxxxxxx> wrote:
> 
>> Hi,
>> 
>> I am thinking about the following network setup:
>> 
>> 
>>                   +-------------------------+
>>                   |       vlan101(eth0)     |
>>                   +-------------------------+
>>                   +-------------------------+
>>                   |          br0101         |
>>                   +-------------------------+
>>                       |        |         |
>>                   +------+ +-------+ +------+
>>                   |      | |       | |      |
>>                   |  vm  | |  vm   | |  vm  |
>>                   |      | |       | |      |
>>                   +------+ +-------+ +------+
>>                       |        |         |
>>                   +-------------------------+
>>                   |          br1101         |
>>                   +-------------------------+
>>                   +-------------------------+
>>                   |       vlan101(eth1)     |
>>                   +-------------------------+
>> 
>> Basically public IP addresses will go over eth1 and private stuff over eth0. This would mean that openstack would have to create two vlans and two bridges. Is this possible?
>> 
>> "please create this vlanned network on eth0 (10.141) and create this other one(10.142) on eth1"
>> 
>> Thanks,
>> 
>> Andrew
>> 
>> _______________________________________________
>> Mailing list: https://launchpad.net/~openstack
>> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~openstack
>> More help   : https://help.launchpad.net/ListHelp
>