[GitHub] [cloudstack] rvalle commented on issue #4270: Multiple purposes for Public IPs in VPCs.

[GitBox <gi...@apache.org>]

rvalle commented on issue #4270:
URL: https://github.com/apache/cloudstack/issues/4270#issuecomment-692533624


   after having worked a bit with VPCs I can see what @andrijapanicsb meant in the mailing list with architectural constraints to supporting the same IP public address for many different tasks.
   
   New IPs are acquired for different tiers x tasks. They way that IPs are used in VPCs is either consistent with IPV6 or Private Addressing, but not public IP4.
   
   For us public IPV4 efficient use is a hard requirement, but I think ACS is flexible enough to be able to, somehow, model an VPC with just one IPV4.
   
   I am working on modelling an VPC + an isolated network as DMZ, one tier of the VPC, which I call frontend, deploys instances with 2 network interfaces one of them facing the DMZ another the VPC.
   
   The VPC's virtual router is then considered Account's corporate network (private addressing).... but this part I don't know well how to model, for the time being I have created an vlan-ip-range reserved for this Account with private IPs from my datacenter..... but there should be a better way. In fact with this model an Account should connect its VPC/s to an isolated network with a site-to-site VPN to their corporate net. This could be the way in for maintenance + intranet access.
   
   At this point I think I would benefit a lot from a section of "networking patterns", in ACS docs. because of how the different features can be combined is not trivial. 


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org