[pve-devel] proxmox 2018 : add support for "virtual" network and network plugins ?
Alexandre DERUMIER
aderumier at odiso.com
Fri Jan 26 09:24:15 CET 2018
>>I have read your openstack doc, they are another model.
>>distributed gateway for inter-vxlan routing + central external gateway to public acces (where nat1:1 and s-nat is done).
>>I think this can work with classic vxlan.
>>(vm-->local anycast router--->route to central router---> internet)
seem that in last openstack
https://docs.openstack.org/newton/networking-guide/deploy-ovs-ha-dvr.html
only s-nat is done on network node, to avoid to have 1 public ip on each compute node for the s-nat
for floating ip (nat 1:1), the public ip is migrate from 1 compute to another compute at the same time that the vm.
dhcp is distributed too.
So basicaly, if you don't have enough public ip for each proxmox host,you need the central gateway for s-nat.
openstack have a new implementation called "dragonflow"
https://wiki.openstack.org/wiki/Dragonflow
which distributed s-nat,dhcp,floating-ip on all computes nodes
----- Mail original -----
De: "Alexandre Derumier" <aderumier at odiso.com>
À: "pve-devel" <pve-devel at pve.proxmox.com>
Envoyé: Vendredi 26 Janvier 2018 07:53:13
Objet: Re: [pve-devel] proxmox 2018 : add support for "virtual" network and network plugins ?
>>This depend which model you want to implement:
>>
>>1 central gateway (with failover if possible): works with simple layer2 network, vlan network, ovn.
>>
>>1 distributed gateway:(same ip/mac on same vmbr on all host, works with ovn dvr, vxlan-ebgp out of the box, and maybe vxlan without bgp but I'm not sure how routing is done from external network)
I have read your openstack doc, they are another model.
distributed gateway for inter-vxlan routing + central external gateway to public acces (where nat1:1 and s-nat is done).
I think this can work with classic vxlan.
(vm-->local anycast router--->route to central router---> internet)
----- Mail original -----
De: "Alexandre Derumier" <aderumier at odiso.com>
À: "dietmar" <dietmar at proxmox.com>
Cc: "pve-devel" <pve-devel at pve.proxmox.com>
Envoyé: Vendredi 26 Janvier 2018 07:37:36
Objet: Re: [pve-devel] proxmox 2018 : add support for "virtual" network and network plugins ?
>>Sorry, too much information for me. Please can you explain why we need
>>a floating IP?
floating ip are simply public ip which are used to do nat 1:1. (internet->public ip -->nat 1:1-> private ip)
(they call them floating, because you can reassign them to another private ip on the fly ..but it's just nat).
>>I thought we can use a special static IP on each
>>virtual bridge, something like:
>>
>>https://networkop.co.uk/blog/2016/10/13/os-dvr/
>>
>>Requires to block some ARP traffic on the vxlan.
This depend which model you want to implement:
1 central gateway (with failover if possible): works with simple layer2 network, vlan network, ovn.
1 distributed gateway:(same ip/mac on same vmbr on all host, works with ovn dvr, vxlan-ebgp out of the box, and maybe vxlan without bgp but I'm not sure how routing is done from external network)
(personnaly, distributed gateway is more sexy, no spof, no failover)
----- Mail original -----
De: "dietmar" <dietmar at proxmox.com>
À: "Alexandre Derumier" <aderumier at odiso.com>, "pve-devel" <pve-devel at pve.proxmox.com>
Envoyé: Vendredi 26 Janvier 2018 06:48:27
Objet: Re: [pve-devel] proxmox 2018 : add support for "virtual" network and network plugins ?
> I have look at ovn documentation and gateway
Sorry, too much information for me. Please can you explain why we need
a floating IP? I thought we can use a special static IP on each
virtual bridge, something like:
https://networkop.co.uk/blog/2016/10/13/os-dvr/
Requires to block some ARP traffic on the vxlan.
_______________________________________________
pve-devel mailing list
pve-devel at pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
_______________________________________________
pve-devel mailing list
pve-devel at pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
More information about the pve-devel
mailing list