[ovs-discuss] Q: network(s) isolation

Alexey I. Froloff raorn at altlinux.org
Wed Apr 7 13:32:19 UTC 2010


On Fri, Apr 02, 2010 at 02:47:59PM -0700, Dan Wendlandt wrote:
> > Open vSwitch can provide 4095 VLANs, while our router/switch
> > hardware can only allow maximum of 1005 VLANs to be configured.
> > First of all I was expecting to find any configuration
> > examples/guides on Open vSwitch configuration, unfortunately,
> > manpages are not enough.
> http://openvswitch.org/ovs-vswitchd.conf.db.5.pdf ).  The "Port Table" is
> the one you would use to set VLAN configuration.  If you have questions on
> how to modify the database, feel free to post them on the open vswitch
> mailing list.
I have read the manuals, but I don't understand how to convert
interfaces, vlans and bridges into Open vSwitsh ports.  My
current workflow:

NODE and ROUTER have physical interfaces eth1, sharing same
ethernet segment.  When I need to put new VM into virtual network
I do following:

On NODE:

 1) create eth1.NETID VLAN interface
 2) create netbrNETID bridge
 3) add eth1.NETID into netbrNETID
 4) pass netbrNETID to libvirt, so VM's tap interface is added
    into this bridge

When adding more VMs into existing network steps 1-3 are skipped.

On ROUTER:

 1) create eth1.NETID VLAN interface
 2) create netbrNETID bridge
 3) add eth1.NETID into netbrNETID
 4) assign IP address on netbrNETID interface, add NAT and
    filtering rules to iptables

All this is done with vconfig and brctl commands.

Now I have ovsdb-server and ovs-vswitchd initialized and running.
I guess, my next step is to run ovs-controller somewhere, so both
ovs-vswitchd can see each other?  Can I have several controllers
that operates as "cluster"?

How do I implement steps 1-3 on Open vSwitch without exposing
VLAN tags into network?  Will

ovs-vsctl add-br netbrNETID -- add-port netbrNETID eth1 tag=NETID

do what I want, or do I need to use "fake bridge"?

I am using RHEL 5.4/5.5 (x86_64), libvirt and kvm (it's not
XenServer).

-- 
Regards,    --
Sir Raorn.   --- http://thousandsofhate.blogspot.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20100407/f64e21d7/attachment.sig>


More information about the discuss mailing list