Here's the readable version, so others waste less time on this. Mate you really need to learn how to format emails, if you expect any kind of positive response.
====== Hi all, I've decided to go with the advanced network. I have some questions: 1. Should the HV management interface be on a public IP or is it sufficient to have it on the private management network? 2. I have 2 NICs on each HV to be split between Public, Guest & Management traffic (Storage traffic has its own 10GbE switch). Should I split them as: a. 2 NICs connected to a L3 switch with trunked ports for P,G&M VLANs or b. 1 NIC connected to a L3 switch for P&M VLANs and 1 NIC to a L2 switch with only G VLANs 3. Is it advisible to mix Dell (Cisco style bulk VLAN trunking) switches with HP switches (HP style tagging each individual VLAN to ports) 4. This article suggests a separate switch for the management server farm. Can I place the management server directly on the zone level L3 switch? Same for the secondary storage server. Should the hardware firewall be in front of the management server or in front of the zone level L3 switch? http://servermanagement24x7.com/wp-content/jk27/2013/07/Cloudstack-Networking-in-a-Zone.png5 What VLANs should each machine have access to? Thanks! Josh ====== And now some answers: 1. Management can be private, though it might need some sort of NAT for certain things. For example I think the management server probes template/iso URLs when you add them, so it needs to be able to reach them. 2. I would keep management completely separate, if you end up having high traffic (genuine or attacks) on Public or Guest nets, then management server might not be able to reach the HV for status checks in time and think it's down and start to do crazy things. I would add another NIC in the server for this purpose; if it's not possible then mix public and guest on a single NIC - think of the impact on performance. No reason comes to mind as to why you shouldn't be able to add management and secondary storage zone wide; but I think at this point in time only KVM supports zone-wide sec storage, so depends which HV you are using. HTH -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro ----- Original Message ----- > From: "Josh Davis" <cloudstackh...@outlook.com> > To: users@cloudstack.apache.org > Sent: Sunday, 28 February, 2016 12:21:50 > Subject: Advanced network configuration > Hi all, > I've decided to go with the advanced network. I have some questions: > 1. Should the HV management interface be on a public IP or is it sufficient to > have it on the private management network?2. I have 2 NICs on each HV to be > split between Public, Guest & Management traffic (Storage traffic has its own > 10GbE switch). Should I split them as:a. 2 NICs connected to a L3 switch with > trunked ports for P,G&M VLANs orb. 1 NIC connected to a L3 switch for P&M > VLANs > and 1 NIC to a L2 switch with only G VLANs3. Is it advisible to mix Dell > (Cisco > style bulk VLAN trunking) switches with HP switches (HP style tagging each > individual VLAN to ports)4. This article suggests a separate switch for the > management server farm. Can I place the management server directly on the zone > level L3 switch? Same for the secondary storage server. Should the hardware > firewall be in front of the management server or in front of the zone level L3 > switch?http://servermanagement24x7.com/wp-content/jk27/2013/07/Cloudstack-Networking-in-a-Zone.png5. > What VLANs should each machine have access to? > Thanks!Josh
