git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Multiple Physical Networks in Basic Networking (KVM)



On 06/08/2018 03:32 PM, Dag Sonstebo wrote:
> Hi Ivan,
> 
> Not quite – “advanced zone with security group” allows you to have multiple “basic” type networks isolated within their own VLANs and with security groups isolation between VMs / accounts. The VR only does DNS/DHCP, not GW/NAT.
> 

Hmm, yes, that was actually what we/I is/are looking for. The main
reason for Basic Networking is the shared services we offer on a public
cloud.

A VR dies as soon as there is any flood, so that's why we have our
physical routers do the work.

I thought that what you mentioned is "DirectAttached" networking.

But that brings me to the question why we still have Basic Networking
:-) In earlier conversations I had with people I think that on the
longer run Basic Networking can be dropped/merged in favor of Advanced
Networking with Security Groups then, right?

Accounts/VMs are deployed Inside the same VLAN and isolation is done by
Security Groups.

Sounds right, let me dig into that!

Wido

> Regards,
> Dag Sonstebo
> Cloud Architect
> ShapeBlue
> 
> On 08/06/2018, 14:26, "Ivan Kudryavtsev" <kudryavtsev_ia@xxxxxxxxx> wrote:
> 
>     Hi, Dag. Not exactly. Advanced zone uses VR as a GW with SNAT/DNAT which is
>     not quite good for public cloud in my case. Despite that it really solves
>     the problem. But I would like to have it as simple as possible, without VR
>     as a GW and xNAT.
>     
>     пт, 8 июн. 2018 г., 15:21 Dag Sonstebo <Dag.Sonstebo@xxxxxxxxxxxxx>:
>     
>     > Wido / Ivan – I’m probably missing something – but is the feature you are
>     > looking for not the same functionality we currently have in “advanced zones
>     > with security groups”?
>     >
>     > Regards,
>     > Dag Sonstebo
>     > Cloud Architect
>     > ShapeBlue
>     >
>     > On 08/06/2018, 14:14, "Ivan Kudryavtsev" <kudryavtsev_ia@xxxxxxxxx> wrote:
>     >
>     >     Hi Wido, I also very interested in similar deployment, especially
>     > combined
>     >     with the capability of setting different network bandwidth for
>     > different
>     >     networks, like
>     >     10.0.0.0/8 intra dc with 1g bandwidth per vm and white ipv4/ipv6 with
>     >     regular bandwidth management. But it seem it takes very big redesign
>     > of VM
>     >     settings and VR redesign is also required.
>     >
>     >     When I tried to investigate if it possible with ACS basic network,
>     > didn't
>     >     succeed with any relevant information.
>     >
>     >
>     >     пт, 8 июн. 2018 г., 14:56 Wido den Hollander <wido@xxxxxxxxx>:
>     >
>     >     > Hi,
>     >     >
>     >     > I am looking into supporting multiple Physical Networks inside onze
>     >     > Basic Networking zone.
>     >     >
>     >     > First: The reason we use Basic Networking is the simplicity and the
>     > fact
>     >     > that our (Juniper) routers can do the routing and not the VR.
>     >     >
>     >     > ALL our VMs have external IPv4/IPv6 addresses and we do not use NAT
>     >     > anywhere.
>     >     >
>     >     > But right now a Hypervisor has a single VLAN/POD going to it
>     > terminated
>     >     > on 'cloudbr0' using vlan://untagged.
>     >     >
>     >     > But to better utilize our physical hardware it would be great it
>     > Basic
>     >     > Networking would support multiple physical networks using VLAN
>     > separation.
>     >     >
>     >     > For example:
>     >     >
>     >     > - PhysicalNetwork1: VLAN 100
>     >     > - PhysicalNetwork2: VLAN 101
>     >     > - PhysicalNetwork3: VLAN 102
>     >     >
>     >     > I've been looking into DirectAttached with Advanced Networking, but I
>     >     > couldn't find any reference to it on how that exactly works.
>     >     >
>     >     > Right now for our use-case Basic Networking with multiple Physical
>     >     > Networks would work best for us.
>     >     >
>     >     > Has anybody looked at this or has any insight of the problems we
>     > might
>     >     > run in to?
>     >     >
>     >     > Wido
>     >     >
>     >
>     >
>     >
>     > Dag.Sonstebo@xxxxxxxxxxxxx
>     > www.shapeblue.com
>     > 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
>     > @shapeblue
>     >
>     >
>     >
>     >
>     
> 
> 
> Dag.Sonstebo@xxxxxxxxxxxxx 
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
> @shapeblue
>   
>  
>