1/4/2018 OpenStack network design for network guys – Part 2 - Kepler's Blog on eFlying Link - Powered by Doteasy.

com

Kepler's Blog on e5link.com

Certified Cisco Instructor since 1998

OpenStack network design for network guys – Part 2

January 23, 2016 09:52:54
Posted By Kepler Lam Search
the Web this site
Continue with my previous blog entry which I have mentioned that OpenStack can make use of
VLANs in physical network for tenant network segregation.

Yet, what is the limitation of VLAN? What is the maximum number of VLANs you can use? Yes, only User Profile
4K, that needs to be shared with all the tenants in your cloud. Also, all your compute nodes’ physical
NIC need to be on the same layer 2 network.

Then what’s the solution? If you have followed my previous blogs, you will figure out that VXLAN is Kepler Lam
one of the promising solutions. As the VNID of VXLAN supports 24 bits addressing space i.e. 16 Hong Kong
million LAN segments. Moreover, by using VXLAN, the compute nodes’ physical NIC need not to be
on the same layer 2, they can be in different subnets of the physical network, so that they can be Read More...
anywhere in your data center.

Besides using VXLAN, there is another option that Neutron provides, which is the traditional GRE
tunnel. GRE is just like VXLAN, both are tunneling technology that making use of IP network to
encapsulate the Ethernet frames. However, GRE is point-to-point in nature, while VXLAN can make Category
use of IP multicast to carry multi-destination Ethernet frames. In GRE header, there is 32 bit key field
that can be used to identify different tenant network number. Network Technology (43)
Personal Sharing (3)
To summary, you have 3 choices:
Cisco ASA (1)
1. Use VLAN, H3C & Cisco (3)
2. Use GRE H3C simulator (3)
3. Use VXLAN. Iptools (17)
Cisco UCS (4)
Let me discuss the detail one by one.
Netapp (1)
If you want to use VLAN, your compute nodes should be reside on the same layer 2 domain of your Cisco IOS (5)
physical network, the physical NIC of your compute nodes need to connected to a trunk port of the BIG IP (2)
uplink switch. And all those trunk ports need to be the same layer 2, i.e. cannot be routed. Just like
Cisco CUCM (5)
the figure below:
Cisco Nexus (5)
Cisco UCCX (1)
Arista (3)
VXLAN (12)
OpenStack (4)

Archives

October, 2017 (1)

March, 2017 (1)
January, 2016 (3)
November, 2015 (1)
October, 2015 (7)
September, 2015 (1)
August, 2015 (3)
June, 2015 (2)
March, 2015 (1)
December, 2014 (1)
October, 2014 (1)
September, 2014 (3)
June, 2014 (3)
April, 2014 (3)
March, 2014 (1)
February, 2014 (2)
January, 2014 (2)
In the traditional Cisco 3-tier data center design, layer 2 domains are resided within the same
aggregation block. As the layer 2 boundary is between the aggregation and the core, unless you December, 2013 (3)
November, 2013 (7)

http://apps.e5link.com/Blog/?e=92792&d=01/23/2016&s=OpenStack%20network%20design%20for%20network%20guys%20%E2%80%93%20Part%… 1/3
1/4/2018 OpenStack network design for network guys – Part 2 - Kepler's Blog on eFlying Link - Powered by Doteasy.com
extend your layer 2 over the core, otherwise, your compute nodes cannot be attached to access
switches in different aggregation blocks.
Visitors

You have 164113 hits.

Latest Comments

This is extremely inform...

You are an awesome write...
I really liked your arti...
Research highly impacts ...
Thank you! Very helpful.
Assets that reference a ...
TAC prescribed a reboot ...
Hi Jag, As discussed ...
Client requires a login ...
刘先生，多謝你的留言(太忙了，沒留
意留言）。能與...

That’s the reason for Cisco Nexus to provide the Fabric Path technology so that you can extend the
layer 2 anywhere in your data center. Similar solution is the Cisco DFA and ACI.

Talking back to the OpenStack, let me discuss the relationship between the tenant network and the
VLAN of your physical network.

When a tenant network is created in any project, Neutron will allocate a unique VLAN number (which
OpenStack refer it as segment ID) for that tenant network. Note that this VLAN number is ONLY
used in the physical network but NOT inside the OVS of the compute node. This is the most
confusing thing, as OpenStack beginners will always have the misconception that the segment ID is
used internally in the compute nodes.

Let me discuss the relationship between the tenant network and the VLAN of your physical network
in next blog entry. Please follow here to the part 3 of this blog.

Permalink Comments (1)

Categories: Network Technology, OpenStack

1 Comment(s):
custom essay writing service said...
Research highly impacts the services offered by any online writing services. It normally observed that writers
who do not investigate can hardly attract the users with their original writings. Effectual identification online
custom writing company offer professional essay writing service.

August 16, 2017 05:00:12

Leave a Comment:
Name: * Email: *

Home Page URL: http://

Comment: *

http://apps.e5link.com/Blog/?e=92792&d=01/23/2016&s=OpenStack%20network%20design%20for%20network%20guys%20%E2%80%93%20Part%… 2/3
1/4/2018 OpenStack network design for network guys – Part 2 - Kepler's Blog on eFlying Link - Powered by Doteasy.com

4000 char left.

Enter the text shown in the image on the left: *

re-generate

Remember Me?
* fields are requried

Preview Save

<< Previous Entry Next Entry >>

Home | klam_Blog | Terms & Conditions | Administrator Sign In | RSS

All blog contents are provided by website administrator. All other trademarks and copyrights are the property of their respective holders.
Copyright © 2018. Doteasy Technology Inc. All Rights Reserved. Blog software owned and powered by Doteasy Web Hosting.

http://apps.e5link.com/Blog/?e=92792&d=01/23/2016&s=OpenStack%20network%20design%20for%20network%20guys%20%E2%80%93%20Part%… 3/3