# Revision history [back]

### neutron: network segmentation tenants vs inside tenant

Hello Team,

I have a question regarding: 1. How can i segment/isolate traffic between tenants. If i do understand correctly it's via gre, vlan or vxlans. So every tenant can use different network with different type of encapsulation, for example: neutron net-create tenant1-net1 --provider:network_type vlan --provider:segmentation-id 100 --tenant-id Tenant1

Will create a network used by tenant1 with vlan segmentation. Which i understand will use 802.1q encapsulation for traffic leaving ovs (and going to physical switch). This way we will be able to differentiate tenants.

1. How can i segment traffic between different segments for the same tenant. Let's say tenant1 has application and database vms and i would like to put them in different network segment (vlan) ?

Thanks, Michal

### neutron: network segmentation tenants vs inside tenant

Hello Team,

I have a question regarding: 1. How can i segment/isolate traffic between tenants. If i do understand correctly it's via gre, vlan or vxlans. So every tenant can use different network with different type of encapsulation, for example: neutron net-create tenant1-net1 --provider:network_type vlan --provider:segmentation-id 100 --tenant-id Tenant1

Will create a network used by tenant1 with vlan segmentation. Which i understand will use 802.1q encapsulation for traffic leaving ovs (and going to physical switch). This way we will be able to differentiate tenants.

1. How can i segment traffic between different segments for the same tenant. Let's say tenant1 has application and database vms and i would like to put them in different network segment (vlan) ?

Thanks, Michal

### neutron: network segmentation tenants vs inside tenant

Hello Team,

I have a question regarding: 1. regarding:

1. How can i segment/isolate traffic between tenants. If i do understand correctly it's via gre, vlan or vxlans. So every tenant can use different network with different type of encapsulation, for example: example:

neutron net-create tenant1-net1 --provider:network_type vlan --provider:segmentation-id 100 --tenant-id Tenant1

Will create a network used by tenant1 with vlan segmentation. Which i understand will use 802.1q encapsulation for traffic leaving ovs (and going to physical switch). This way we will be able to differentiate tenants.

1. How can i segment traffic between different segments for the same tenant. Let's say tenant1 has application and database vms and i would like to put them in different network segment (vlan) ?

Thanks, Michal

### neutron: network segmentation tenants vs inside tenant

Hello Team,

I have a question regarding:

1. a. How can i segment/isolate traffic between tenants. If i do understand correctly it's via gre, vlan or vxlans. So every tenant can use different network with different type of encapsulation, for example:

neutron net-create tenant1-net1 --provider:network_type vlan --provider:segmentation-id 100 --tenant-id Tenant1Tenant1


Will create a network used by tenant1 with vlan segmentation. Which i understand will use 802.1q encapsulation for traffic leaving ovs (and going to physical switch). This way we will be able to differentiate tenants.

1. b. How can i segment traffic between different segments for the same tenant. Let's say tenant1 has application and database vms and i would like to put them in different network segment (vlan) ?

Thanks, Michal