On 29.11.2013 10:12, Andrija Panic wrote:
Hi,
I have been requested to try to reduce number of vlans that are
configured
on PHYSICAL switches to minimum (like 4-5 vlans, for mgmt,
storage,guest,
etc....)
From my understanding of CS advanced netwokring, all traffic
isolation/separation is done by means of VLANS.
So for potentialu 1000 clients - I would need 1000 vlans to isolate
traffic between clients VPC/VMs...I don't understand the possiblity to
use
advanced networking and use only few vlans to have traffic isolation
for
that 1000 clients.
Is there any other solution (that I'm not aware of) that minimizes
request
for change on physical network equipment and reduces vlan usag to few
vlans?
You can either use just one big zone with security groups, so just 1
vlan is used and customers are separated by iptables/ebtables (my
favourite) or you can use GRE tunnels (less mature and more overhead
afaik), there is also support coming for VXLAN which will become sort of
a standard imho. Nicira NVP SDN is another possibility if you can afford
it which is tested and works.
HTH
Lucian
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
