[c-nsp] Large networks
Shaun R.
mailinglists at unix-scripts.com
Wed Aug 26 20:07:44 EDT 2009
David,
Well it is possible to do with Xen too. We just use ebtables to filter
traffic from each VPS. We restrict what comes in and out by the address and
mac. Using vlans, at least for us, per VPS would be killer. We would have
thousands of vlans already just for virtual servers. Right now our gear has
a 4096 vlan limit, not sure if there's gear that support higher numbers than
that. My learning/expereince with this stuff is by implementing it when i
need it :)
~Shaun
"David Hughes" <david at hughes.com.au> wrote in message
news:67FA6A8A-69EB-4F4A-B453-AA93674D5C4A at hughes.com.au...
>
> On 26/08/2009, at 11:58 PM, Gert Doering wrote:
>
>> Which is why we are VERY happy with "every customer has a different L3
>> subnet" - and yes, this is wasting a few IPv4 addresses, but since our
>> customers usually have more than one machine, it's not "75%". Even so,
>> the time of IPv4 is past, and we should stop worrying about it.
>
> I'm with Gert on this. Our hosting networks are all configured this way.
> And, regarding the OP's comment about VPS, why view a virtual server any
> differently? Each customer with either physical or virtual servers gets
> a vlan and IP allocation for those servers. The virtuals quite happily
> vmotion around the network to their hearts content. Each ESX cluster
> node gets to see the vlans for all the VM's on that cluster. No big
> deal - it's just a dot1q trunk after all.
>
>
> David
> ...
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list