cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Simon Weller <swel...@ena.com>
Subject Re: Usage of public IP space
Date Wed, 20 Jan 2016 15:01:47 GMT
Cloudstack does enforce networking boundaries and in any production setup, that's honestly
what you want it to do. 

Since you're getting delegated a network, it sounds as if your upstream network folks are
expecting you to manage and subnet said networks as you see fit.

I'm assuming the /24 you have is routable public space and not RFC 1918 space, correct?

If so, what are you doing in terms of protecting assets? Do you have a firewall in front of
it that can do layer 3 routing?

- Si
________________________________________
From: Stavros Konstantaras <s.konstantaras@uva.nl>
Sent: Wednesday, January 20, 2016 8:07 AM
To: users@cloudstack.apache.org
Subject: Re: Usage of public IP space

Ok that’s one option. I could use the head node as a router/gateway with some VLAN translation
but this will increase the complexity of the setup and will add some administration overhead
(we use CS to make our lives simpler, correct? ).

Shall I assume that there is no other way to solve that easily inside?

Cheers
Stavros

> On 20 Jan 2016, at 14:51, Simon Weller <sweller@ena.com> wrote:
>
> Stavros,
>
> One option you have is to place a linux (or *bsd)  box between your router and Cloudstack
and use that to break out your subnets). You could then hand off routed vlans to CS.
>
> - Si
>
>
> ________________________________________
> From: Stavros Konstantaras <s.konstantaras@uva.nl>
> Sent: Wednesday, January 20, 2016 7:47 AM
> To: users@cloudstack.apache.org
> Subject: Re: Usage of public IP space
>
> Hi Simon,
>
> Thought of it already but I can’t touch the router of my network to make and register
subnets on it. So I need to work around CS to make it work.
>
> Regards
> Stavros
>
>> On 20 Jan 2016, at 14:40, Simon Weller <sweller@ena.com> wrote:
>>
>> Can't you subnet it out to a /27?
>>
>>
>>
>> ________________________________________
>> From: Stavros Konstantaras <s.konstantaras@uva.nl>
>> Sent: Wednesday, January 20, 2016 7:13 AM
>> To: users@cloudstack.apache.org
>> Subject: Usage of public IP space
>>
>> Hi all,
>>
>> I have a question regarding the public network on CS 4.6.
>>
>> Currently, I have a /24 network of public & routable IP addresses. I want to
assign the first 30 of them to Cloudstack’s public network for using it in the system VMs
while keeping the rest of this space for my instances.
>>
>> However, I don’t see it possible as I get the following exception when I register
the rest of the space in shared networks: "The IP range with tag: vlan://869 in zone NewZone
has overlapped with the subnet. Please specify a different gateway/netmask.”
>>
>> Does anyone know a trick to make this happen? Thanks in advance
>>
>> Kind Regards
>> Stavros Konstantaras
>>
>> ----------------------------
>> Stavros Konstantaras
>> Science faculty Research IT support (FEIOG)
>> University of Amsterdam, Science Park 904, 1098 XH
>>
>> Fingerprint: E5E5 9B19 D1CD 88CD 4763  3465 A8DC 7C92 330F D59A
>>
>


Mime
View raw message