On Wed, Jun 10, 2015 at 03:13:54PM -0400, Russell Bryant wrote: > Provider Networks > ================= > > OpenStack Neutron currently has a feature referred to as "provider > networks". This is used as a way to define existing physical networks > that you would like to integrate into your environment. > > In the simplest case, it can be used in environments where they have no > interest in tenant networks. Instead, they want all VMs hooked up > directly to a pre-defined network in their environment. This use case > is actually popular for private OpenStack deployments. > > Neutron's current OVS agent that runs on network nodes and hypervisors > has this configuration entry: > > bridge_mappings = physnet1:br-eth1,physnet2:br-eth2[...] > > This is used to name your physical networks and the bridge used to > access that physical network from the local node. > > Defining a provider network via the Neutron API via the neutron > command looks like this: > > $ neutron net-create physnet1 --shared \ > > --provider:physical_network external \ > > --provider:network_type flat > > A provider network can also be defined with a VLAN id: > > $ neutron net-create physnet1-101 --shared \ > > --provider:physical_network external \ > > --provider:network_type vlan \ > > --provider:segmentation_id 101
I'm trying to understand what degree of sophistication these provider networks have. Are they just an interface to a MAC-learning switch (possibly VLAN-tagged)? Or do provider networks go beyond that, with the features that one would expect from an OVN logical network (e.g. port security, ACLs, distributed routing and firewalling, ...)? _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
