[c-nsp] Large networks

Shaun R. mailinglists at unix-scripts.com
Wed Aug 26 20:07:44 EDT 2009


David,

Well it is possible to do with Xen too.  We just use ebtables to filter 
traffic from each VPS.  We restrict what comes in and out by the address and 
mac.  Using vlans, at least for us, per VPS would be killer.  We would have 
thousands of vlans already just for virtual servers.  Right now our gear has 
a 4096 vlan limit, not sure if there's gear that support higher numbers than 
that.  My learning/expereince with this stuff is by implementing it when i 
need it :)

~Shaun

"David Hughes" <david at hughes.com.au> wrote in message 
news:67FA6A8A-69EB-4F4A-B453-AA93674D5C4A at hughes.com.au...
>
> On 26/08/2009, at 11:58 PM, Gert Doering wrote:
>
>> Which is why we are VERY happy with "every customer has a different L3
>> subnet" - and yes, this is wasting a few IPv4 addresses, but since our
>> customers usually have more than one machine, it's not "75%".  Even  so,
>> the time of IPv4 is past, and we should stop worrying about it.
>
> I'm with Gert on this.  Our hosting networks are all configured this  way. 
> And, regarding the OP's comment about VPS, why view a virtual  server any 
> differently?   Each customer with either physical or  virtual servers gets 
> a vlan and IP allocation for those servers.   The  virtuals quite happily 
> vmotion around the network to their hearts  content.  Each ESX cluster 
> node gets to see the vlans for all the VM's  on that cluster.  No big 
> deal - it's just a dot1q trunk after all.
>
>
> David
> ...
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 




More information about the cisco-nsp mailing list