Adding Public IP Addresses in Advanced Networking

[Clayton Weise <cw...@iswest.net>]

We haven't run out yet, but we have currently allocated a single /24 for our public network.  In an attempt to plan for the inevitable future when we need to assign more addresses, is it as simple as adding another range or is there additional manipulation that needs to be done.  I'm assuming other users have run into this before so I figured I would look towards other users' experiences.

-Clayton

Re: Adding Public IP Addresses in Advanced Networking

[Alena Prokharchyk <Al...@citrix.com>]

On 8/14/12 11:00 AM, "Clayton Weise" <cw...@iswest.net> wrote:

>> You simply add another block, on the same VLAN or another VLAN if you
>>prefer
>
>While we're not he subject.  How does CS determine when to use the new
>block of addresses (in this case they will be on the same VLAN)?  Does it
>use one block until all of the addresses in the range specified are gone
>and move onto the next?
>



Clayton,

Based on code review, the allocation is random. We retrieve all FREE
public ips in the zone (from all the vlans), and allocate the first one
from the range returned.

This is not the best approach though as at first we should always try to
allocate the public ip address from the Vlan where the network already has
public Ips from; and only when there are no free ips in that vlan, move to
the next block. This approach would prevent us from hitting the Nic limit
on VirtualRouter vm as for every new public vlan a new nic is being
created. And the max number of nics on Xen can't exceed 8.

You can file an enhancement request against cloudStack for this matter.

-Alena.

RE: Adding Public IP Addresses in Advanced Networking

[Clayton Weise <cw...@iswest.net>]

> You simply add another block, on the same VLAN or another VLAN if you prefer

While we're not he subject.  How does CS determine when to use the new block of addresses (in this case they will be on the same VLAN)?  Does it use one block until all of the addresses in the range specified are gone and move onto the next?

Re: Adding Public IP Addresses in Advanced Networking

[Matthew Patton <mp...@inforelay.com>]

On Wed, 15 Aug 2012 12:06:25 -0400, Clayton Weise <cw...@iswest.net>  
wrote:

> This is fine except that with how things are right now the tagging  
> happens on the hypervisor and not the VM

I tried 'vconfig ethN <vlanID>' and then 'brctl addif <bridge> ethN.V'?  
but that doesn't work. You have to add the un-tagged interface (ethN) to  
the bridge. The same holds true for using bonded interfaces which is how I  
do things; add bond0 to the bridge but bond0.V is not added to the bridge.  
Works like a charm.

But when CS does `brctl addif <bridge> vnet0` that's an untagged bridge  
and the virtual machine itself would have to tag the frames within the VM  
for it to work, right?

RE: Adding Public IP Addresses in Advanced Networking

[Clayton Weise <cw...@iswest.net>]

This is fine except that with how things are right now the tagging happens on the hypervisor and not the VM.  So the only way to add additional VLAN'd interfaces to the virtual router is to create a new virtual NIC for it and tie it to a tagged interface on the hypervisor.  That's not to say that tagging couldn't happen on the virtual router instead, but it's just not the way things are currently designed.

I know for us, we have all of our public subnets on a single VLAN so this doesn't pose any kind of an issue for us, but it may for others in which case it would be good for somebody to file a feature request for something like this.

-----Original Message-----
From: Matthew Patton [mailto:mpatton@inforelay.com] 
Sent: Tuesday, August 14, 2012 2:00 PM
To: cloudstack-users@incubator.apache.org
Subject: RE: Adding Public IP Addresses in Advanced Networking

Who cares if there are only 8 virtual NICs. Use ifaliases or define a multitude of VLAN interfaces that are bound to a suitable set of physical interfaces.

For example I have 2 NICs in a bond connected to	16 different public IP subnets. Some have different tags, others have the same tag but different netmasks.

there is no reason why the virtual router can't do the same.

RE: Adding Public IP Addresses in Advanced Networking

[Matthew Patton <mp...@inforelay.com>]

Who cares if there are only 8 virtual NICs. Use ifaliases or define a multitude of VLAN interfaces that are bound to a suitable set of physical interfaces.

For example I have 2 NICs in a bond connected to	16 different public IP subnets. Some have different tags, others have the same tag but different netmasks.

there is no reason why the virtual router can't do the same.

RE: Adding Public IP Addresses in Advanced Networking

[Will Chan <wi...@citrix.com>]

Bear in mind that with each new VLAN added is the potential for an extra vNIC to be created on the VR assuming a single account received a public IP from a different VLAN.  Each hypervisor has a limit to how many vNICs are supported.

> -----Original Message-----
> From: Geoff Higginbottom [mailto:geoff.higginbottom@shapeblue.com]
> Sent: Tuesday, August 14, 2012 10:23 AM
> To: <cl...@incubator.apache.org>
> Subject: Re: Adding Public IP Addresses in Advanced Networking
> 
> Clayton,
> 
> You simply add another block, on the same VLAN or another VLAN if you
> prefer
> 
> Regards
> 
> Geoff
> 
> 
> On 14 Aug 2012, at 18:20, "Clayton Weise" <cw...@iswest.net> wrote:
> 
> We haven't run out yet, but we have currently allocated a single /24 for our
> public network.  In an attempt to plan for the inevitable future when we
> need to assign more addresses, is it as simple as adding another range or is
> there additional manipulation that needs to be done.  I'm assuming other
> users have run into this before so I figured I would look towards other
> users' experiences.
> 
> -Clayton
> 
> ShapeBlue provides a range of strategic and technical consulting and
> implementation services to help IT Service Providers and Enterprises to
> build a true IaaS compute cloud. ShapeBlue’s expertise, combined with
> CloudStack technology, allows IT Service Providers and Enterprises to
> deliver true, utility based, IaaS to the customer or end-user.
> 
> ________________________________
> 
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd. If you are not the intended recipient of
> this email, you must neither take any action based upon its contents, nor
> copy or show it to anyone. Please contact the sender if you believe you
> have received this email in error. Shape Blue Ltd is a company incorporated
> in England & Wales.

Re: Adding Public IP Addresses in Advanced Networking

[Geoff Higginbottom <ge...@shapeblue.com>]

Clayton,

You simply add another block, on the same VLAN or another VLAN if you prefer

Regards

Geoff


On 14 Aug 2012, at 18:20, "Clayton Weise" <cw...@iswest.net> wrote:

We haven't run out yet, but we have currently allocated a single /24 for our public network.  In an attempt to plan for the inevitable future when we need to assign more addresses, is it as simple as adding another range or is there additional manipulation that needs to be done.  I'm assuming other users have run into this before so I figured I would look towards other users' experiences.

-Clayton

ShapeBlue provides a range of strategic and technical consulting and implementation services to help IT Service Providers and Enterprises to build a true IaaS compute cloud. ShapeBlue’s expertise, combined with CloudStack technology, allows IT Service Providers and Enterprises to deliver true, utility based, IaaS to the customer or end-user.

________________________________

This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales.