Mailing-List: contact users-help@cloudstack.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@cloudstack.apache.org
Received-SPF: pass (athena.apache.org: domain of iyoung@ratespecial.com
 designates 209.85.215.41 as permitted sender)
MIME-Version: 1.0
In-Reply-To: <862D10A0-53A8-4758-863F-00E522C271DF@shapeblue.com>
References: 
 <CAO0CpcRk4+uA+QaH0Sv3ZAD2P5rDxhwp8KdbKFRaUtcg8+6VJA@mail.gmail.com>
	<CAO0CpcSd=GrZQh7XffK3bvRGmpesS3Et0hSVRX-JWGtKRG9KrA@mail.gmail.com>
	<CAGQtxvafSUQXDWf3TzEutjqSVTspiG_NoBL-3d0-ME8cXOW+0Q@mail.gmail.com>
	<8a6bd81e0eec4cd086f20ba7bd4b8d50@AMXPR07MB070.eurprd07.prod.outlook.com>
	<CAO0CpcTVteMG8xGo46QNGR2+hQVXzKqSkC=KD1p-vC5Wk8+awA@mail.gmail.com>
	<CAO0CpcQ6-XEPArT0bvVCuj3fsgK0iXnGH0tCOBGxeSj134mwYw@mail.gmail.com>
	<862D10A0-53A8-4758-863F-00E522C271DF@shapeblue.com>
Date: Mon, 28 Jul 2014 18:08:52 -0700
Message-ID: 
 <CAO0CpcSWYP9PJPCu8+6j0BWx0Joh8YLECh0smEf0yf=y_Ff+NQ@mail.gmail.com>
Subject: Re: dual NIC VLAN configuration
From: Ian Young <iyoung@ratespecial.com>
To: users@cloudstack.apache.org
Content-Type: multipart/alternative; boundary=001a11347f46cc58dc04ff4aae7d

--001a11347f46cc58dc04ff4aae7d
Content-Type: text/plain; charset=UTF-8

Is private traffic the same thing as management/storage traffic?


On Fri, Jul 25, 2014 at 11:17 PM, Geoff Higginbottom <
geoff.higginbottom@shapeblue.com> wrote:

> Hi Ian,
>
> As you are deploying a Basic network there will be no public traffic.
>
> The private traffic, assuming you allocate an IP range to the POD which is
> in the same CIDR as the Management Server would typically be assigned to
> cloudbr0
>
> private.network.device=cloudbr0
>
> Guest traffic would then be assigned to cloudbr1
>
> guest.network.device=cloudbr1
>
>
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
> D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> +442036030540> | M: +447968161581<tel:+447968161581>
>
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.com>
> | www.shapeblue.com<htp://www.shapeblue.com/> | Twitter:@cloudstackguru<
> https://twitter.com/#!/cloudstackguru>
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N
> 4HS<x-apple-data-detectors://5>
>
>
> On 25 Jul 2014, at 19:18, "Ian Young" <iyoung@ratespecial.com<mailto:
> iyoung@ratespecial.com>> wrote:
>
> So if management/storage traffic is on cloudbr0 and guest VMs are on
> cloudbr1, would these be the correct settings in agent.properties?
>
> guest.network.device=cloudbr1
> private.network.device=cloudbr1
> public.network.device=cloudbr1
>
>
> On Fri, Jul 25, 2014 at 10:11 AM, Ian Young <iyoung@ratespecial.com
> <mailto:iyoung@ratespecial.com>> wrote:
>
> Thank you, Geoff.  That was precisely the answer I was looking for.  I
> knew I was doing something wrong.  I didn't realize the second adapter
> could be used without an IP address explicitly assigned to it.  Yes, this
> is a basic zone (just an internal project so we don't need any public IP
> addresses).  I was planning to set up an NFS server on the
> 192.168.101.0/24 network so this is exactly what I was trying to
> accomplish.  Thanks.
>
>
> On Fri, Jul 25, 2014 at 1:34 AM, Geoff Higginbottom <
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.com>>
> wrote:
>
> Ian,
>
> It looks like you are trying to setup a basic zone and have a Management
> Server on IP 192.168.101.3 and a Host on IP 192.168.101.4.
>
> The second interface on the host does not need any IP configuration on
> the Host as it will not be used by the Host so remove the 192.168.102.4
> mapping..  This interface will be used by the Guest VMs running on the Host
> who will have their own IP schema.
>
> Your Guest IP range will be in the 192.168.102.0/24 CIDR with a gateway
> of 192.168.102.1
>
> The Management Serve will talk to the Host via the 1st Interface, and
> Guest VMs will use the 2nd.
>
> You have not mentioned storage, but assuming you are using NFS for
> Primary and Secondary, put the NFS Server on the 192.168.101.0/24
> network, and then all storage traffic will also go over the 1st interface.
>
> Regards
>
> Geoff Higginbottom
>
> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.com>
>
> -----Original Message-----
> From: Daan Hoogland [mailto:daan.hoogland@gmail.com]
> Sent: 25 July 2014 08:47
> To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org>
> Subject: Re: dual NIC VLAN configuration
>
> Ian, I would imagine that guest traffic can't go out to the net this way.
> Maybe you should swap them. This is only guessing however. What are you
> seeing?
>
> On Fri, Jul 25, 2014 at 2:00 AM, Ian Young <iyoung@ratespecial.com<mailto:
> iyoung@ratespecial.com>>
> wrote:
> Here's the less verbose version:  My hypervisor has two NICs and I've
> set up a label on each.  Traffic to and from cloudbr0 works perfectly.
> Traffic going into cloudbr1 goes out cloudbr0 because that interface
> has a default gateway.  Will this pose a problem when I try to set up
> separate management and guest networks in CloudStack?
>
>
> On Thu, Jul 24, 2014 at 10:56 AM, Ian Young <iyoung@ratespecial.com
> <mailto:iyoung@ratespecial.com>>
> wrote:
>
> I am trying to set up a server with two NICs as a hypervisor.  I
> would like to use the two interfaces to separate management and guest
> traffic, as recommended by the CloudStack installation guide.  This
> server is connected to a managed switch, which is connected to a
> hardware firewall, both of which are set up with tagged VLANs.  Some
> of the ports on the switch are designated as VLAN 6 and some are VLAN
> 7.  I've confirmed the VLANs are set up correctly by configuring eth0
> and eth1 (one at a time) with the appropriate IP address, netmask, and
> gateway.
>
> However, the difficulty arises when I try to configure both
> interfaces simultaneously.  The return traffic tends to go out
> whichever interface is associated with the default gateway, a typical
> issue when using multiple network interfaces.  I've followed numerous
> guides, which all basically say the same thing:  Don't set a default
> gateway; use iproute2 to control the flow of traffic with route-eth0,
> rule-eth0, and rt_tables.  I've tried setting this up numerous times
> to no avail, probably because the guides I'm reading don't involve
> VLANs.  Add to that the the cloudbr0 and cloudbr1 bridges that
> CloudStack requires and now I'm really confused as to how to set up
> the network.  I can't be the first person to have set up CloudStack
> this way; it sounds pretty common.  Can someone explain to me the
> correct way to configure these interfaces?
>
> Here is my network information:
>
> VLAN 6 (management)
> 192.168.101.0/24
> gateway: 192.168.101.1
>
> VLAN 7 (guest)
> 192.168.102.0/24
> gateway: 192.168.102.1
>
> current hypervisor settings:
> eth0: 192.168.101.4
> eth1: 192.168.102.4
>
> current management server settings (this is a separate machine):
> p4p1: 192.168.101.3
>
>
>
>
> --
> Daan
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build<
> http://shapeblue.com/iaas-cloud-design-and-build//>
> CSForge - rapid IaaS deployment framework<http://shapeblue.com/csforge/>
> CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
> CloudStack Infrastructure Support<
> http://shapeblue.com/cloudstack-infrastructure-support/>
> CloudStack Bootcamp Training Courses<
> http://shapeblue.com/cloudstack-training/>
>
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is a
> company incorporated in India and is operated under license from Shape Blue
> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
> a company registered by The Republic of South Africa and is traded under
> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>
>
>
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build<
> http://shapeblue.com/iaas-cloud-design-and-build//>
> CSForge - rapid IaaS deployment framework<http://shapeblue.com/csforge/>
> CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
> CloudStack Infrastructure Support<
> http://shapeblue.com/cloudstack-infrastructure-support/>
> CloudStack Bootcamp Training Courses<
> http://shapeblue.com/cloudstack-training/>
>
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is a
> company incorporated in India and is operated under license from Shape Blue
> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
> a company registered by The Republic of South Africa and is traded under
> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>

--001a11347f46cc58dc04ff4aae7d--