Clarification on Tenant and Provider networking using VLAN

asked 2018-02-26 04:28:35 -0600

Anonymous

Hi networking experts,

Can I just clarify my understanding of openstack Tenant/Provider networking using VLANs to be 100% sure,

Admin creates a single Provider Network, VLAN based, on each Compute (bound to a certain NIC) with segmentation range 100:104 (so, 5 VLANs) (and has to provision his TOR accordingly).

I have 2 Tenants in my cloud A and B and Admin configures that Tenant networking using VLANs will be used.

If Tenant-A then creates 4 self-service Tenant nets , can I assume that Tenant-B will then only be able to create 1 tenant net (as all 5 VLANs of the underlying Provider segmentation range will have been used up).

(and yes, if above is true, can see major advantage of using VXLAN for Tenant networking separation, no limit effectively on number of tenant nets (<=16M) )

edit retag flag offensive close merge delete

add a comment

0

answered 2018-03-02 16:39:58 -0600

Peter Slovak

111 ●1 ●2 ●8 https://websupport.sk/

You're right, provided that you had set up non-admin tenants with the privilege to create physical networks (which comprises Flat and VLAN networks), they will be "fighting" for the VLAN pool. The situation will be the same with VXLAN or other tunnelled network, however those typically offer a much wider range of segmentation IDs.

So if the segmentation ID pool size is a concern AND you don't want to modify Neutron's default policies, I'd go with VXLAN.