Versions Compared

Old Version 10

changes.mady.by.user Venkata Siva Vijayendra Bhamidipati

Saved on

compared with

New Version 11

changes.mady.by.user Venkata Siva Vijayendra Bhamidipati

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • The isolated port(I-port) in private vlan concept fit prefect for our requirement. Basically we just need to make every user VM connect to I-port of the switch(vswitch or open vswitch), every dhcp server connect to P-port of the switch, then it would be enough for isolation and communication.
  • But open Open vswitch(used by XenServer and KVM) doesn't have PVLAN support. vSwitch(for VMware) support it by default.
  • So we need extra effort to simulate PVLAN on open vswitch(ovs) for Xen and KVM.
    • We would modify flow table, to:
    • 1. For every traffic leave user VM, tagged with secondary isolate vlan tag.
    • 2. Allow secondary isolated vlan tagged traffic reach DHCP server, by change the vlan tag to primary vlan tag.
    • 3. The gateway should know nothing about PVLAN, and the switch connect to the gateway should translate all the secondary vlan to primary vlan for communicating with gateway.

...