[Users] networking: basic vlan help

Juan Pablo Lorier jplorier at gmail.com
Mon Jan 27 15:37:39 UTC 2014


Hi Mike,

I'd like to say that though setting ovirtmgmt as non vm as a default
should be nice, it won't be enough as it won't allow to use mixed
traffic in other interfaces either, so the way I see it, the fix should
be to add this ability to ovirt. I can't make my mind to think what a
big corporation may need in security restrictions, but as a small
company, I'm willing to take the risk of a hardly probable security
breach in favor of been able to use untagged and tagged vlans on the
same nic.
Regards,

On 26/01/14 11:40, Mike Kolesnik wrote:
> ----- Original Message -----
>> On 01/23/2014 08:34 PM, Juan Pablo Lorier wrote:
>>> Hi Itamar,
>>>
>>> I don't know if I get your post right, but to me, it seems that if so
>>> many users hit the same rock, it should mean that this should be
>>> documented somewhere visible and in my opinion, push on getting bug
>>> 1049476 <https://bugzilla.redhat.com/show_bug.cgi?id=1049476> solved asap.
>>> Regards,
>> 1. yes, too many issues on this one, hinting we should provide better
>> text explaining this in the UI.
>>
>> 2. the bug you referenced[1]
>> Bug 1049476 - [RFE] Mix untagged and tagged Logical Networks on the same NIC
>>
>> is actually supported, as long as the untagged logical network is not a
>> VM network (so VMs associated with it would not be able to see/create
>> other logical networks traffic).
>>
>> 3. considering how prevalent this is, maybe we should allow doing this,
>> even for VM networks, with a big red warning, rather than block it,
>> which seems to be failing everyone.
> Besides that it's technically not possible in the way we currently use the Linux Bridge [1],
> I'm not sure what's to gain from representing a single "flat" network with multiple representations.
>
> Seems to me like there may be a couple different points here:
> * ovirtmgmt is VM network by default - should be configurable on setup and/or DC creation.
>   If it's such a prevalent issue, we should consider a default of non VM network (users can create a flat network and use it quite easily anyway, if they want).
> * if people want to represent different L3 networks on the same L2 network, it is worthwhile to design a proper solution
>
> Either way, I wouldn't push for allowing multiple bridged networks on the same physical interface (or bond).
>
> [1] and also not allowed in OpenStack Neutron IIUC.
>
>> cc-ing some more folks for their thoughts.
>>
>>
>> [1] in the future, please use number-name formatso not everyone would
>> have to open it to understand
>>
>> _______________________________________________
>> Users mailing list
>> Users at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>




More information about the Users mailing list