Hi Mike, I'd like to say that though setting ovirtmgmt as non vm as a default should be nice, it won't be enough as it won't allow to use mixed traffic in other interfaces either, so the way I see it, the fix should be to add this ability to ovirt. I can't make my mind to think what a big corporation may need in security restrictions, but as a small company, I'm willing to take the risk of a hardly probable security breach in favor of been able to use untagged and tagged vlans on the same nic. Regards,
On 26/01/14 11:40, Mike Kolesnik wrote: > ----- Original Message ----- >> On 01/23/2014 08:34 PM, Juan Pablo Lorier wrote: >>> Hi Itamar, >>> >>> I don't know if I get your post right, but to me, it seems that if so >>> many users hit the same rock, it should mean that this should be >>> documented somewhere visible and in my opinion, push on getting bug >>> 1049476 <https://bugzilla.redhat.com/show_bug.cgi?id=1049476> solved asap. >>> Regards, >> 1. yes, too many issues on this one, hinting we should provide better >> text explaining this in the UI. >> >> 2. the bug you referenced[1] >> Bug 1049476 - [RFE] Mix untagged and tagged Logical Networks on the same NIC >> >> is actually supported, as long as the untagged logical network is not a >> VM network (so VMs associated with it would not be able to see/create >> other logical networks traffic). >> >> 3. considering how prevalent this is, maybe we should allow doing this, >> even for VM networks, with a big red warning, rather than block it, >> which seems to be failing everyone. > Besides that it's technically not possible in the way we currently use the > Linux Bridge [1], > I'm not sure what's to gain from representing a single "flat" network with > multiple representations. > > Seems to me like there may be a couple different points here: > * ovirtmgmt is VM network by default - should be configurable on setup and/or > DC creation. > If it's such a prevalent issue, we should consider a default of non VM > network (users can create a flat network and use it quite easily anyway, if > they want). > * if people want to represent different L3 networks on the same L2 network, > it is worthwhile to design a proper solution > > Either way, I wouldn't push for allowing multiple bridged networks on the > same physical interface (or bond). > > [1] and also not allowed in OpenStack Neutron IIUC. > >> cc-ing some more folks for their thoughts. >> >> >> [1] in the future, please use number-name formatso not everyone would >> have to open it to understand >> >> _______________________________________________ >> Users mailing list >> Users@ovirt.org >> http://lists.ovirt.org/mailman/listinfo/users >> _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users