hi, i like to clarify. with vnf we can create inside VM network things like firewall or load balancer.right? can we create inside VM a nic?or this nic is created at VM boot? when vm is booted then ovs will create a tap interface that connect to the nic inside vm.right? we can create firewall inside vm by using vnf or group policy.right? tnx

VNF stands for Virtual Network Function and means a networking feature implemented on virtual machines. This could include firewalls. The VNF term implies that in the past, such features required specialized hardware.

You can add NICs to an OpenStack instance with openstack server add network or openstack server add port. A NIC, however, is not considered a Network Function. Openvswitch doesn’t create TAPs. A Firewall implemented by an instance is a VNF; you don’t deploy it using VNF. You can use Tacker to deploy and manage VNFs.

I don’t know what you mean by group policy.

What means -a firewall implemented by an instance?What instance?

lelunicu

A Nova instance. In the case of VNFs, the instance is a virtual machine.

Bernd Bausch

So inside the VM running on compute i can create a NIC with the 2 commands you written?I know that the NIC inside the VM running on kvm is created by OS based on xml file on linux. In openstack the NIC inside VM is created different as in a linux with kvm ? tnx

lelunicu

You can use virsh attach-interface to add a NIC to a running KVM machine. I suppose Nova does something similar when adding interfaces.

Bernd Bausch

