Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

You can not have more than 4096 VLAN on single node as explained by @vthapar.

Neutron uses OVS' VLAN and Tunnel to offer tenant isolation.

VLAN is layer 2 with a size of 12 bits hence 4096 which is not unique across hosts!!.

while its tunnel which is layer3(GRE,VXLAN) is 24 bits hence 2^24 bits( a large number) and is unique across hosts,so that you can have that many number of tenants.OVS then send l2 frames over l3.

Each tenant network on compute nodes will have a unique vlan tag,this will be different from what you see on network node for the same tenant.So with this if you create multiple network nodes ,vlan tag on one network node for the same tenant might be different on other network node it can even be same as its applicable only to that node.

In my environment my compute node uses VLAN 3 to isolate tenant A,its corresponding VLAN tag on network node 1 is VLAN 2 and on second network node also its VLAN 2.

Since These tags are stripped off before sending to physical network it doesnot matter which tag you use locally.Purpose is to isolate each tenants network created on nodes.