Hi Nitin,
There are legit reasons for separating VR public pool from SSVM and CPVM.
For instance if you run a private cloud and don't want to have your
cpvm/ssvm publically available, but still want to have the VRs accessible
Erik
tir. 17. jan. 2017 kl. 05.37 skrev Nitin Kumar Maharana <
nitinkumar.mahar...@accelerite.com>:
> Hi Rene,
>
>
>
> The default pool, which means are you mentioning the public IP range?
>
>
>
> If it is a public IP range, user VMs won’t be consuming any IP from there.
>
> Only system VMs(CPVM/SSVM/VR) will be consuming. VRs will be providing
> public access to the user VMs.
>
>
>
>
>
> Thanks,
>
> Nitin
>
> > On 16-Jan-2017, at 8:56 PM, Rene Moser <m...@renemoser.net> wrote:
>
> >
>
> > Hi
>
> >
>
> > We would like to make a change proposal for SSVM/CPVM.
>
> >
>
> > Currently, the SSVM/CPVM get an IP from the "default" pool of
>
> > vlaniprange which is the from the account "system"
>
> >
>
> >
>
> > "vlaniprange": [
>
> > {
>
> > "account": "system",
>
> > "domain": "ROOT",
>
> > "endip": "10.101.0.250",
>
> > "forvirtualnetwork": true,
>
> > "gateway": "10.101.0.1",
>
> > "netmask": "255.255.255.0",
>
> > "startip": "10.101.0.11",
>
> > ...
>
> >
>
> > },
>
> >
>
> >
>
> > "systemvm": [
>
> > {
>
> > "activeviewersessions": 0,
>
> > "gateway": "10.101.0.1",
>
> > "hypervisor": "VMware",
>
> > "id": "d9a8abe5-b1e0-47d6-8f39-01b48ff1e0fa",
>
> > "name": "v-5877-VM",
>
> > "privatenetmask": "255.255.255.0",
>
> > "publicip": "10.101.0.113",
>
> > "publicnetmask": "255.255.255.0",
>
> > "state": "Running",
>
> > ...
>
> > },
>
> >
>
> >
>
> > For security considerations we would like to define a dedicated IP range
>
> > for SSVM/CPVM, which, preferably, should not have any relation to the
>
> > default pool range.
>
> >
>
> > The default pool range should be used for userVMs only. To indicate the
>
> > use I propolse 2 new flags, which only considered for "account=system"
>
> > and indicate if the range can be used for userVMs or/and systemVMs.
>
> >
>
> > For backwards compatibility this would be the default
>
> >
>
> > "foruservms": true,
>
> > "forsystemvms": true,
>
> >
>
> >
>
> > to have a separate range for UserVMs/SystemVMs, it would look like
>
> >
>
> >
>
> > "vlaniprange": [
>
> > {
>
> > "account": "system",
>
> > "domain": "ROOT",
>
> > "foruservms": true,
>
> > "forsystemvms": false,
>
> > "endip": "192.160.123.250",
>
> > "forvirtualnetwork": true,
>
> > "gateway": "192.160.123.1",
>
> > "netmask": "255.255.255.0",
>
> > "startip": "192.160.123.11",
>
> > ...
>
> >
>
> > },
>
> >
>
> > "vlaniprange": [
>
> > {
>
> > "account": "system",
>
> > "domain": "ROOT",
>
> > "foruservms": false,
>
> > "forsystemvms": true,
>
> > "endip": "10.101.0.250",
>
> > "forvirtualnetwork": true,
>
> > "gateway": "10.101.0.1",
>
> > "netmask": "255.255.255.0",
>
> > "startip": "10.101.0.11",
>
> > ...
>
> >
>
> > },
>
> >
>
> >
>
> > Does anyone has see any conflicts with this proposal?
>
> >
>
> > Regards
>
> > René
>
> >
>
>
>
>
>
>
>
>
>
> DISCLAIMER
>
> ==========
>
> This e-mail may contain privileged and confidential information which is
> the property of Accelerite, a Persistent Systems business. It is intended
> only for the use of the individual or entity to which it is addressed. If
> you are not the intended recipient, you are not authorized to read, retain,
> copy, print, distribute or use this message. If you have received this
> communication in error, please notify the sender and delete all copies of
> this message. Accelerite, a Persistent Systems business does not accept any
> liability for virus infected mails.
>
>
