Ivan – not sure how you deal with per-network VM bandwidth (or what your use
case is) so probably worth testing in the lab.
Wido – agree, I don’t see why our current “basic zone” can’t be deprecated in
the long run for “advanced zone with security groups” since they serve the same
purpose and the latter gives more flexibility. There may be use cases where
they don’t behave the same – but personally I’ve not come across any issues.
Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue
On 08/06/2018, 14:44, "Wido den Hollander" <w...@widodh.nl> wrote:
On 06/08/2018 03:32 PM, Dag Sonstebo wrote:
> Hi Ivan,
>
> Not quite – “advanced zone with security group” allows you to have
multiple “basic” type networks isolated within their own VLANs and with
security groups isolation between VMs / accounts. The VR only does DNS/DHCP,
not GW/NAT.
>
Hmm, yes, that was actually what we/I is/are looking for. The main
reason for Basic Networking is the shared services we offer on a public
cloud.
A VR dies as soon as there is any flood, so that's why we have our
physical routers do the work.
I thought that what you mentioned is "DirectAttached" networking.
But that brings me to the question why we still have Basic Networking
:-) In earlier conversations I had with people I think that on the
longer run Basic Networking can be dropped/merged in favor of Advanced
Networking with Security Groups then, right?
Accounts/VMs are deployed Inside the same VLAN and isolation is done by
Security Groups.
Sounds right, let me dig into that!
Wido
> Regards,
> Dag Sonstebo
> Cloud Architect
> ShapeBlue
>
> On 08/06/2018, 14:26, "Ivan Kudryavtsev" <kudryavtsev...@bw-sw.com> wrote:
>
> Hi, Dag. Not exactly. Advanced zone uses VR as a GW with SNAT/DNAT
which is
> not quite good for public cloud in my case. Despite that it really
solves
> the problem. But I would like to have it as simple as possible,
without VR
> as a GW and xNAT.
>
> пт, 8 июн. 2018 г., 15:21 Dag Sonstebo <dag.sonst...@shapeblue.com>:
>
> > Wido / Ivan – I’m probably missing something – but is the feature
you are
> > looking for not the same functionality we currently have in
“advanced zones
> > with security groups”?
> >
> > Regards,
> > Dag Sonstebo
> > Cloud Architect
> > ShapeBlue
> >
> > On 08/06/2018, 14:14, "Ivan Kudryavtsev" <kudryavtsev...@bw-sw.com>
wrote:
> >
> > Hi Wido, I also very interested in similar deployment,
especially
> > combined
> > with the capability of setting different network bandwidth for
> > different
> > networks, like
> > 10.0.0.0/8 intra dc with 1g bandwidth per vm and white
ipv4/ipv6 with
> > regular bandwidth management. But it seem it takes very big
redesign
> > of VM
> > settings and VR redesign is also required.
> >
> > When I tried to investigate if it possible with ACS basic
network,
> > didn't
> > succeed with any relevant information.
> >
> >
> > пт, 8 июн. 2018 г., 14:56 Wido den Hollander <w...@widodh.nl>:
> >
> > > Hi,
> > >
> > > I am looking into supporting multiple Physical Networks
inside onze
> > > Basic Networking zone.
> > >
> > > First: The reason we use Basic Networking is the simplicity
and the
> > fact
> > > that our (Juniper) routers can do the routing and not the VR.
> > >
> > > ALL our VMs have external IPv4/IPv6 addresses and we do not
use NAT
> > > anywhere.
> > >
> > > But right now a Hypervisor has a single VLAN/POD going to it
> > terminated
> > > on 'cloudbr0' using vlan://untagged.
> > >
> > > But to better utilize our physical hardware it would be great
it
> > Basic
> > > Networking would support multiple physical networks using VLAN
> > separation.
> > >
> > > For example:
> > >
> > > - PhysicalNetwork1: VLAN 100
> > > - PhysicalNetwork2: VLAN 101
> > > - PhysicalNetwork3: VLAN 102
> > >
> > > I've been looking into DirectAttached with Advanced
Networking, but I
> > > couldn't find any reference to it on how that exactly works.
> > >
> > > Right now for our use-case Basic Networking with multiple
Physical
> > > Networks would work best for us.
> > >
> > > Has anybody looked at this or has any insight of the problems
we
> > might
> > > run in to?
> > >
> > > Wido
> > >
> >
> >
> >
> > dag.sonst...@shapeblue.com
> > www.shapeblue.com
> > 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> > @shapeblue
> >
> >
> >
> >
>
>
>
> dag.sonst...@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
dag.sonst...@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
