You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by Fedi Ben Ali <be...@gmail.com> on 2015/07/02 16:31:38 UTC
Cloudstack physical network on xenserver
Hello,
On my deploiement cloudstack 4.4 and xenservers 6.2. i have configured
multiple networks each one for a specific traffic type
(Public,management,storage,guest).
these networks are isolated and vlan tagged ,so on my xenservers i have
the 4 networks each with a specific name label and pointing to a Vlan.
when i added the public ip range ,i did not mention the VLAN number of my
public network.
Can this cause issues or not ?
and what is the pupose of putting the vlan number on the ip ranges ?
Thx.
Re: Cloudstack physical network on xenserver
Posted by Fedi Ben Ali <be...@gmail.com>.
Hi,
i'm not talking about guest network,because i'm using gre for guests,my
problrem is with the public network used by virtual routers and system
VM's, i'm loosing the network configuration of the public network (the Vlan
id and the correspond bond name) on the host when i remove all the virtual
routers and system vm's from that host.
2015-07-03 15:00 GMT+01:00 Vadim Kimlaychuk <Va...@elion.ee>:
> Hi,
>
> Cloudstack does the following:
>
> 1. When you configure physical networking of you cloud this should match
> name of the physical network name-label on you XenServer host (let me say
> guest-net). You can check it with "xe network-list"
> 2. When you configure guest networks CS asks you for range of VLANs it
> will configure by itself. Let me say you put 500-600
> 3. When first guest comes, CS registers new VLAN taking ID randomly (upon
> first VM is registered). You can check it by "xe vlan-list" on your host.
> CS connects VLAN ID to guest network uuid and physical network uuid.
>
> To work properly you should configure all guest VLANs on your switch and
> enable VLAN ID transitions from one to another. For instance if your
> public VLAN id = 5 and guest VLAN ID=505 you must change it while routing
> from one VLAN to another. Of course if you remove client from Cloudstack
> -- you should see that corresponding VLAN is removed from you host
> automatically
>
> Vadim
> ________________________________________
> From: Fedi Ben Ali <be...@gmail.com>
> Sent: Friday, July 3, 2015 15:11
> To: users@cloudstack.apache.org
> Subject: Re: Cloudstack physical network on xenserver
>
> Hi,
>
> Yes i'm working on an advanced zone, each one of the clients have it's own
> network so his own virtual router. When i delete the clients accounts i do
> remove all his ressources so the virtual router.
>
> on my switches the public network is tagged.
>
> is there any possibility that cloudstack is removing the network
> configuration on my xenservers ?
> because i dont know the event that is tiggring this action so i can't
> troubelshoot properly.
>
> Thx.
>
>
> 2015-07-03 9:35 GMT+01:00 Vadim Kimlaychuk <Va...@elion.ee>:
>
> > That does not brake entire logic :)
> >
> > Vadim.
> >
> > -----Original Message-----
> > From: Remi Bergsma [mailto:remi@remi.nl]
> > Sent: Friday, July 03, 2015 11:24 AM
> > To: users@cloudstack.apache.org
> > Subject: Re: Cloudstack physical network on xenserver
> >
> > Hi Vadim,
> >
> > That depends on your upstream provider. In our case, we get a VLAN from
> > upstream provider and send tagged packets (they take care of it from
> > there). So, in that case the VLAN tagging is handy/required. If you need
> to
> > send it untagged, then tagging it wont’t work indeed.
> >
> > Regards,
> > Remi
> >
> > > On 3 jul. 2015, at 09:08, Vadim Kimlaychuk <Va...@Elion.ee>
> > wrote:
> > >
> > > Hello Fedi,
> > >
> > > Public traffic must me "untagged" because the next switch after
> > yours will not recognize it if it is tagged. You need to untag public
> > traffic before sending out. To route internally - you need to tag it. I
> > also have public traffic tagged internally and assign tag on ingress and
> > remove tag on egress traffic. This is done by switch configuration.
> > >
> > > VLAN is used for isolation. You can have same ip ranges on the
> > same physical networks without networks to be overlapped.
> > >
> > > Vadim.
> > >
> > > -----Original Message-----
> > > From: Fedi Ben Ali [mailto:ben.ali.fedi1@gmail.com]
> > > Sent: Thursday, July 02, 2015 5:32 PM
> > > To: users@cloudstack.apache.org
> > > Subject: Cloudstack physical network on xenserver
> > >
> > > Hello,
> > >
> > > On my deploiement cloudstack 4.4 and xenservers 6.2. i have configured
> > multiple networks each one for a specific traffic type
> > (Public,management,storage,guest).
> > >
> > > these networks are isolated and vlan tagged ,so on my xenservers i
> have
> > the 4 networks each with a specific name label and pointing to a Vlan.
> > >
> > > when i added the public ip range ,i did not mention the VLAN number of
> > my public network.
> > >
> > > Can this cause issues or not ?
> > >
> > > and what is the pupose of putting the vlan number on the ip ranges ?
> > >
> > > Thx.
> >
> >
>
Re: Cloudstack physical network on xenserver
Posted by Vadim Kimlaychuk <Va...@Elion.ee>.
Hi,
Cloudstack does the following:
1. When you configure physical networking of you cloud this should match name of the physical network name-label on you XenServer host (let me say guest-net). You can check it with "xe network-list"
2. When you configure guest networks CS asks you for range of VLANs it will configure by itself. Let me say you put 500-600
3. When first guest comes, CS registers new VLAN taking ID randomly (upon first VM is registered). You can check it by "xe vlan-list" on your host. CS connects VLAN ID to guest network uuid and physical network uuid.
To work properly you should configure all guest VLANs on your switch and enable VLAN ID transitions from one to another. For instance if your public VLAN id = 5 and guest VLAN ID=505 you must change it while routing from one VLAN to another. Of course if you remove client from Cloudstack -- you should see that corresponding VLAN is removed from you host automatically
Vadim
________________________________________
From: Fedi Ben Ali <be...@gmail.com>
Sent: Friday, July 3, 2015 15:11
To: users@cloudstack.apache.org
Subject: Re: Cloudstack physical network on xenserver
Hi,
Yes i'm working on an advanced zone, each one of the clients have it's own
network so his own virtual router. When i delete the clients accounts i do
remove all his ressources so the virtual router.
on my switches the public network is tagged.
is there any possibility that cloudstack is removing the network
configuration on my xenservers ?
because i dont know the event that is tiggring this action so i can't
troubelshoot properly.
Thx.
2015-07-03 9:35 GMT+01:00 Vadim Kimlaychuk <Va...@elion.ee>:
> That does not brake entire logic :)
>
> Vadim.
>
> -----Original Message-----
> From: Remi Bergsma [mailto:remi@remi.nl]
> Sent: Friday, July 03, 2015 11:24 AM
> To: users@cloudstack.apache.org
> Subject: Re: Cloudstack physical network on xenserver
>
> Hi Vadim,
>
> That depends on your upstream provider. In our case, we get a VLAN from
> upstream provider and send tagged packets (they take care of it from
> there). So, in that case the VLAN tagging is handy/required. If you need to
> send it untagged, then tagging it wont’t work indeed.
>
> Regards,
> Remi
>
> > On 3 jul. 2015, at 09:08, Vadim Kimlaychuk <Va...@Elion.ee>
> wrote:
> >
> > Hello Fedi,
> >
> > Public traffic must me "untagged" because the next switch after
> yours will not recognize it if it is tagged. You need to untag public
> traffic before sending out. To route internally - you need to tag it. I
> also have public traffic tagged internally and assign tag on ingress and
> remove tag on egress traffic. This is done by switch configuration.
> >
> > VLAN is used for isolation. You can have same ip ranges on the
> same physical networks without networks to be overlapped.
> >
> > Vadim.
> >
> > -----Original Message-----
> > From: Fedi Ben Ali [mailto:ben.ali.fedi1@gmail.com]
> > Sent: Thursday, July 02, 2015 5:32 PM
> > To: users@cloudstack.apache.org
> > Subject: Cloudstack physical network on xenserver
> >
> > Hello,
> >
> > On my deploiement cloudstack 4.4 and xenservers 6.2. i have configured
> multiple networks each one for a specific traffic type
> (Public,management,storage,guest).
> >
> > these networks are isolated and vlan tagged ,so on my xenservers i have
> the 4 networks each with a specific name label and pointing to a Vlan.
> >
> > when i added the public ip range ,i did not mention the VLAN number of
> my public network.
> >
> > Can this cause issues or not ?
> >
> > and what is the pupose of putting the vlan number on the ip ranges ?
> >
> > Thx.
>
>
Re: Cloudstack physical network on xenserver
Posted by Fedi Ben Ali <be...@gmail.com>.
Hi,
Yes i'm working on an advanced zone, each one of the clients have it's own
network so his own virtual router. When i delete the clients accounts i do
remove all his ressources so the virtual router.
on my switches the public network is tagged.
is there any possibility that cloudstack is removing the network
configuration on my xenservers ?
because i dont know the event that is tiggring this action so i can't
troubelshoot properly.
Thx.
2015-07-03 9:35 GMT+01:00 Vadim Kimlaychuk <Va...@elion.ee>:
> That does not brake entire logic :)
>
> Vadim.
>
> -----Original Message-----
> From: Remi Bergsma [mailto:remi@remi.nl]
> Sent: Friday, July 03, 2015 11:24 AM
> To: users@cloudstack.apache.org
> Subject: Re: Cloudstack physical network on xenserver
>
> Hi Vadim,
>
> That depends on your upstream provider. In our case, we get a VLAN from
> upstream provider and send tagged packets (they take care of it from
> there). So, in that case the VLAN tagging is handy/required. If you need to
> send it untagged, then tagging it wont’t work indeed.
>
> Regards,
> Remi
>
> > On 3 jul. 2015, at 09:08, Vadim Kimlaychuk <Va...@Elion.ee>
> wrote:
> >
> > Hello Fedi,
> >
> > Public traffic must me "untagged" because the next switch after
> yours will not recognize it if it is tagged. You need to untag public
> traffic before sending out. To route internally - you need to tag it. I
> also have public traffic tagged internally and assign tag on ingress and
> remove tag on egress traffic. This is done by switch configuration.
> >
> > VLAN is used for isolation. You can have same ip ranges on the
> same physical networks without networks to be overlapped.
> >
> > Vadim.
> >
> > -----Original Message-----
> > From: Fedi Ben Ali [mailto:ben.ali.fedi1@gmail.com]
> > Sent: Thursday, July 02, 2015 5:32 PM
> > To: users@cloudstack.apache.org
> > Subject: Cloudstack physical network on xenserver
> >
> > Hello,
> >
> > On my deploiement cloudstack 4.4 and xenservers 6.2. i have configured
> multiple networks each one for a specific traffic type
> (Public,management,storage,guest).
> >
> > these networks are isolated and vlan tagged ,so on my xenservers i have
> the 4 networks each with a specific name label and pointing to a Vlan.
> >
> > when i added the public ip range ,i did not mention the VLAN number of
> my public network.
> >
> > Can this cause issues or not ?
> >
> > and what is the pupose of putting the vlan number on the ip ranges ?
> >
> > Thx.
>
>
RE: Cloudstack physical network on xenserver
Posted by Vadim Kimlaychuk <Va...@Elion.ee>.
That does not brake entire logic :)
Vadim.
-----Original Message-----
From: Remi Bergsma [mailto:remi@remi.nl]
Sent: Friday, July 03, 2015 11:24 AM
To: users@cloudstack.apache.org
Subject: Re: Cloudstack physical network on xenserver
Hi Vadim,
That depends on your upstream provider. In our case, we get a VLAN from upstream provider and send tagged packets (they take care of it from there). So, in that case the VLAN tagging is handy/required. If you need to send it untagged, then tagging it wont’t work indeed.
Regards,
Remi
> On 3 jul. 2015, at 09:08, Vadim Kimlaychuk <Va...@Elion.ee> wrote:
>
> Hello Fedi,
>
> Public traffic must me "untagged" because the next switch after yours will not recognize it if it is tagged. You need to untag public traffic before sending out. To route internally - you need to tag it. I also have public traffic tagged internally and assign tag on ingress and remove tag on egress traffic. This is done by switch configuration.
>
> VLAN is used for isolation. You can have same ip ranges on the same physical networks without networks to be overlapped.
>
> Vadim.
>
> -----Original Message-----
> From: Fedi Ben Ali [mailto:ben.ali.fedi1@gmail.com]
> Sent: Thursday, July 02, 2015 5:32 PM
> To: users@cloudstack.apache.org
> Subject: Cloudstack physical network on xenserver
>
> Hello,
>
> On my deploiement cloudstack 4.4 and xenservers 6.2. i have configured multiple networks each one for a specific traffic type (Public,management,storage,guest).
>
> these networks are isolated and vlan tagged ,so on my xenservers i have the 4 networks each with a specific name label and pointing to a Vlan.
>
> when i added the public ip range ,i did not mention the VLAN number of my public network.
>
> Can this cause issues or not ?
>
> and what is the pupose of putting the vlan number on the ip ranges ?
>
> Thx.
Re: Cloudstack physical network on xenserver
Posted by Remi Bergsma <re...@remi.nl>.
Hi Vadim,
That depends on your upstream provider. In our case, we get a VLAN from upstream provider and send tagged packets (they take care of it from there). So, in that case the VLAN tagging is handy/required. If you need to send it untagged, then tagging it wont’t work indeed.
Regards,
Remi
> On 3 jul. 2015, at 09:08, Vadim Kimlaychuk <Va...@Elion.ee> wrote:
>
> Hello Fedi,
>
> Public traffic must me "untagged" because the next switch after yours will not recognize it if it is tagged. You need to untag public traffic before sending out. To route internally - you need to tag it. I also have public traffic tagged internally and assign tag on ingress and remove tag on egress traffic. This is done by switch configuration.
>
> VLAN is used for isolation. You can have same ip ranges on the same physical networks without networks to be overlapped.
>
> Vadim.
>
> -----Original Message-----
> From: Fedi Ben Ali [mailto:ben.ali.fedi1@gmail.com]
> Sent: Thursday, July 02, 2015 5:32 PM
> To: users@cloudstack.apache.org
> Subject: Cloudstack physical network on xenserver
>
> Hello,
>
> On my deploiement cloudstack 4.4 and xenservers 6.2. i have configured multiple networks each one for a specific traffic type (Public,management,storage,guest).
>
> these networks are isolated and vlan tagged ,so on my xenservers i have the 4 networks each with a specific name label and pointing to a Vlan.
>
> when i added the public ip range ,i did not mention the VLAN number of my public network.
>
> Can this cause issues or not ?
>
> and what is the pupose of putting the vlan number on the ip ranges ?
>
> Thx.
RE: Cloudstack physical network on xenserver
Posted by Vadim Kimlaychuk <Va...@Elion.ee>.
Hello Fedi,
Public traffic must me "untagged" because the next switch after yours will not recognize it if it is tagged. You need to untag public traffic before sending out. To route internally - you need to tag it. I also have public traffic tagged internally and assign tag on ingress and remove tag on egress traffic. This is done by switch configuration.
VLAN is used for isolation. You can have same ip ranges on the same physical networks without networks to be overlapped.
Vadim.
-----Original Message-----
From: Fedi Ben Ali [mailto:ben.ali.fedi1@gmail.com]
Sent: Thursday, July 02, 2015 5:32 PM
To: users@cloudstack.apache.org
Subject: Cloudstack physical network on xenserver
Hello,
On my deploiement cloudstack 4.4 and xenservers 6.2. i have configured multiple networks each one for a specific traffic type (Public,management,storage,guest).
these networks are isolated and vlan tagged ,so on my xenservers i have the 4 networks each with a specific name label and pointing to a Vlan.
when i added the public ip range ,i did not mention the VLAN number of my public network.
Can this cause issues or not ?
and what is the pupose of putting the vlan number on the ip ranges ?
Thx.
Re: Cloudstack physical network on xenserver
Posted by Erik Weber <te...@gmail.com>.
I am assuming that you're running with Advanced Networking.
In general, only your VR needs to be on the Public Network, and as such
there is no reason to have it configured on the host(s) if there is no VR
running there.
This is intended.
Why are you deleting it in the first place?
--
Erik
On Fri, Jul 3, 2015 at 1:32 AM, Fedi Ben Ali <be...@gmail.com>
wrote:
> Hi,
>
> My problem is that when i create a virtual router and then delete it ,i
> loose the network configuration on that host (the vlan id and the bond
> name),this loss of configuration does not affect all the pools host but
> only the one where the the vrouter was created,after this i start having
> vm_require_network exception on my management servers log.
>
> This is a weird behaviour ,but i'm asking if there is something that can
> resolve this issue or at least explain it .
>
> 2015-07-02 20:07 GMT+01:00 Remi Bergsma <re...@remi.nl>:
>
> > Hi,
> >
> > Your public network also has a Traffic Label, pointing towards a certain
> > interface/bridge in XenServer. If you specify no vlan, CloudStack will
> > assume it is untagged. You can then still point towards an
> interface/bridge
> > that is tagged with a vlan. The alternative is to point towards a more
> > generic interface/bridge (that has no vlan in XenServer) and specify a
> vlan
> > tag in CloudStack. CloudStack will then create an the interface with the
> > vlan on top of it. Be sure not to create a vlan tag ontop of
> > interface/bridge that already has a vlan (as this will obviously not
> work).
> >
> > Long story short: it depends on how your XenServers can plug vifs into
> the
> > public network.
> >
> > Regards,
> > Remi
> >
> >
> > > On 2 jul. 2015, at 16:31, Fedi Ben Ali <be...@gmail.com>
> wrote:
> > >
> > > Hello,
> > >
> > > On my deploiement cloudstack 4.4 and xenservers 6.2. i have configured
> > > multiple networks each one for a specific traffic type
> > > (Public,management,storage,guest).
> > >
> > > these networks are isolated and vlan tagged ,so on my xenservers i
> have
> > > the 4 networks each with a specific name label and pointing to a Vlan.
> > >
> > > when i added the public ip range ,i did not mention the VLAN number of
> my
> > > public network.
> > >
> > > Can this cause issues or not ?
> > >
> > > and what is the pupose of putting the vlan number on the ip ranges ?
> > >
> > > Thx.
> >
> >
>
Re: Cloudstack physical network on xenserver
Posted by Fedi Ben Ali <be...@gmail.com>.
Hi,
My problem is that when i create a virtual router and then delete it ,i
loose the network configuration on that host (the vlan id and the bond
name),this loss of configuration does not affect all the pools host but
only the one where the the vrouter was created,after this i start having
vm_require_network exception on my management servers log.
This is a weird behaviour ,but i'm asking if there is something that can
resolve this issue or at least explain it .
2015-07-02 20:07 GMT+01:00 Remi Bergsma <re...@remi.nl>:
> Hi,
>
> Your public network also has a Traffic Label, pointing towards a certain
> interface/bridge in XenServer. If you specify no vlan, CloudStack will
> assume it is untagged. You can then still point towards an interface/bridge
> that is tagged with a vlan. The alternative is to point towards a more
> generic interface/bridge (that has no vlan in XenServer) and specify a vlan
> tag in CloudStack. CloudStack will then create an the interface with the
> vlan on top of it. Be sure not to create a vlan tag ontop of
> interface/bridge that already has a vlan (as this will obviously not work).
>
> Long story short: it depends on how your XenServers can plug vifs into the
> public network.
>
> Regards,
> Remi
>
>
> > On 2 jul. 2015, at 16:31, Fedi Ben Ali <be...@gmail.com> wrote:
> >
> > Hello,
> >
> > On my deploiement cloudstack 4.4 and xenservers 6.2. i have configured
> > multiple networks each one for a specific traffic type
> > (Public,management,storage,guest).
> >
> > these networks are isolated and vlan tagged ,so on my xenservers i have
> > the 4 networks each with a specific name label and pointing to a Vlan.
> >
> > when i added the public ip range ,i did not mention the VLAN number of my
> > public network.
> >
> > Can this cause issues or not ?
> >
> > and what is the pupose of putting the vlan number on the ip ranges ?
> >
> > Thx.
>
>
Re: Cloudstack physical network on xenserver
Posted by Remi Bergsma <re...@remi.nl>.
Hi,
Your public network also has a Traffic Label, pointing towards a certain interface/bridge in XenServer. If you specify no vlan, CloudStack will assume it is untagged. You can then still point towards an interface/bridge that is tagged with a vlan. The alternative is to point towards a more generic interface/bridge (that has no vlan in XenServer) and specify a vlan tag in CloudStack. CloudStack will then create an the interface with the vlan on top of it. Be sure not to create a vlan tag ontop of interface/bridge that already has a vlan (as this will obviously not work).
Long story short: it depends on how your XenServers can plug vifs into the public network.
Regards,
Remi
> On 2 jul. 2015, at 16:31, Fedi Ben Ali <be...@gmail.com> wrote:
>
> Hello,
>
> On my deploiement cloudstack 4.4 and xenservers 6.2. i have configured
> multiple networks each one for a specific traffic type
> (Public,management,storage,guest).
>
> these networks are isolated and vlan tagged ,so on my xenservers i have
> the 4 networks each with a specific name label and pointing to a Vlan.
>
> when i added the public ip range ,i did not mention the VLAN number of my
> public network.
>
> Can this cause issues or not ?
>
> and what is the pupose of putting the vlan number on the ip ranges ?
>
> Thx.