On 06/08/2018 03:32 PM, Dag Sonstebo wrote:
> Hi Ivan,
>
> Not quite – “advanced zone with security group” allows you to have multiple
> “basic” type networks isolated within their own VLANs and with security
> groups isolation between VMs / accounts. The VR only does DNS/DHCP, not
> GW/NAT.
>
Hmm, yes, that was actually what we/I is/are looking for. The main
reason for Basic Networking is the shared services we offer on a public
cloud.
A VR dies as soon as there is any flood, so that's why we have our
physical routers do the work.
I thought that what you mentioned is "DirectAttached" networking.
But that brings me to the question why we still have Basic Networking
:-) In earlier conversations I had with people I think that on the
longer run Basic Networking can be dropped/merged in favor of Advanced
Networking with Security Groups then, right?
Accounts/VMs are deployed Inside the same VLAN and isolation is done by
Security Groups.
Sounds right, let me dig into that!
Wido
> Regards,
> Dag Sonstebo
> Cloud Architect
> ShapeBlue
>
> On 08/06/2018, 14:26, "Ivan Kudryavtsev" <kudryavtsev...@bw-sw.com> wrote:
>
> Hi, Dag. Not exactly. Advanced zone uses VR as a GW with SNAT/DNAT which
> is
> not quite good for public cloud in my case. Despite that it really solves
> the problem. But I would like to have it as simple as possible, without VR
> as a GW and xNAT.
>
> пт, 8 июн. 2018 г., 15:21 Dag Sonstebo <dag.sonst...@shapeblue.com>:
>
> > Wido / Ivan – I’m probably missing something – but is the feature you
> are
> > looking for not the same functionality we currently have in “advanced
> zones
> > with security groups”?
> >
> > Regards,
> > Dag Sonstebo
> > Cloud Architect
> > ShapeBlue
> >
> > On 08/06/2018, 14:14, "Ivan Kudryavtsev" <kudryavtsev...@bw-sw.com>
> wrote:
> >
> > Hi Wido, I also very interested in similar deployment, especially
> > combined
> > with the capability of setting different network bandwidth for
> > different
> > networks, like
> > 10.0.0.0/8 intra dc with 1g bandwidth per vm and white ipv4/ipv6
> with
> > regular bandwidth management. But it seem it takes very big redesign
> > of VM
> > settings and VR redesign is also required.
> >
> > When I tried to investigate if it possible with ACS basic network,
> > didn't
> > succeed with any relevant information.
> >
> >
> > пт, 8 июн. 2018 г., 14:56 Wido den Hollander <w...@widodh.nl>:
> >
> > > Hi,
> > >
> > > I am looking into supporting multiple Physical Networks inside
> onze
> > > Basic Networking zone.
> > >
> > > First: The reason we use Basic Networking is the simplicity and
> the
> > fact
> > > that our (Juniper) routers can do the routing and not the VR.
> > >
> > > ALL our VMs have external IPv4/IPv6 addresses and we do not use
> NAT
> > > anywhere.
> > >
> > > But right now a Hypervisor has a single VLAN/POD going to it
> > terminated
> > > on 'cloudbr0' using vlan://untagged.
> > >
> > > But to better utilize our physical hardware it would be great it
> > Basic
> > > Networking would support multiple physical networks using VLAN
> > separation.
> > >
> > > For example:
> > >
> > > - PhysicalNetwork1: VLAN 100
> > > - PhysicalNetwork2: VLAN 101
> > > - PhysicalNetwork3: VLAN 102
> > >
> > > I've been looking into DirectAttached with Advanced Networking,
> but I
> > > couldn't find any reference to it on how that exactly works.
> > >
> > > Right now for our use-case Basic Networking with multiple Physical
> > > Networks would work best for us.
> > >
> > > Has anybody looked at this or has any insight of the problems we
> > might
> > > run in to?
> > >
> > > Wido
> > >
> >
> >
> >
> > dag.sonst...@shapeblue.com
> > www.shapeblue.com
> > 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> > @shapeblue
> >
> >
> >
> >
>
>
>
> dag.sonst...@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
