Please take a look at
http://s.apache.org/k8w
Slides 32-39 explain the networking layout in security groups in basic
networking.
The VR (one per pod) simply dispenses DHCP and user data. It is not a
firewall.
The firewall is implemented at the hypervisor level. This is what allows
it to scale
O
Justin,
As Chiradeep mentioned, 'basic zone' is solution you should be trying out.
With basic zone, you could associate guest subnet per pod, there is no
VLAN's required in the zone. Your L2 broadcast domain is restricted to
POD. POD becomes unit of scale in basic zone, so east-west traffic acros
I looked at Security groups and I am not sure how this solves my problems. Sure
it provides guest isolation but that is through the virtual router correct? The
underlying physical network --outside of cloudstack-- is still layer 2? That is
what I am concerned with. When defining what IPs my gues
You can do bonded nics in basic zone. The limitation with basic zone is
that the Vms cannot have multiple nics. Did you need multiple nics for
your vms?
If you need advanced network services such as static NAT and load
balancing, advanced networking is probably your best bet (currently,
unless you
We have 2 pairs of bonded 10g nics on each box. Wouldn't that require an
advanced network? Is it possible to do the security groups with small L2
networks in advanced networking?
Justin
Sent from my iPhone
On Apr 9, 2013, at 12:38 AM, Chiradeep Vittal
wrote:
> Have you considered using a b
Have you considered using a basic zone?
With security groups you can have *lots* (thousands of) with very small L2
networks.
On 4/8/13 10:28 PM, "Justin Grudzien" wrote:
>My team has been working for three weeks with CloudStack architecture
>design and we are struggling to put together a network
