This is an automated email from the ASF dual-hosted git repository. andrijapanic pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/cloudstack-documentation.git
The following commit(s) were added to refs/heads/master by this push: new 002893c Extend PVLAN documentation (#86) 002893c is described below commit 002893cc3bd7fbab41aaa4c594278492e5a49b72 Author: Nicolas Vazquez <nicovazque...@gmail.com> AuthorDate: Fri May 22 04:46:04 2020 -0300 Extend PVLAN documentation (#86) * Extend PVLAN documentation * Commnity type note * Update source/adminguide/networking/isolation_in_advanced_zone_with_vlan.rst * Update source/adminguide/networking/isolation_in_advanced_zone_with_vlan.rst Co-authored-by: Andrija Panic <45762285+andrijapani...@users.noreply.github.com> --- .../isolation_in_advanced_zone_with_vlan.rst | 38 +++++++++++++++------- 1 file changed, 26 insertions(+), 12 deletions(-) diff --git a/source/adminguide/networking/isolation_in_advanced_zone_with_vlan.rst b/source/adminguide/networking/isolation_in_advanced_zone_with_vlan.rst index 33fda6f..745facc 100644 --- a/source/adminguide/networking/isolation_in_advanced_zone_with_vlan.rst +++ b/source/adminguide/networking/isolation_in_advanced_zone_with_vlan.rst @@ -40,9 +40,9 @@ Supported Secondary VLAN types ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Of the three types of Private VLAN (promiscuous, community and isolated), -CloudStack supports **one promiscuous** PVLAN and **one isolated** PVLAN **per -primary VLAN**. Ergo, community PVLANs are not currently supported. -PVLANs are only currently supported on shared networks. +CloudStack supports **one promiscuous** PVLAN, **one isolated** PVLAN and **multiple community** PVLANs **per +primary VLAN**. +PVLANs are currently supported on shared and layer 2 networks. The PVLAN concept is supported on KVM (when using OVS), XenServer (when using OVS), and VMware hypervisors .. note:: @@ -50,6 +50,9 @@ The PVLAN concept is supported on KVM (when using OVS), XenServer (when using OV CloudStack managed to simulate PVLAN on OVS for XenServer and KVM by modifying the flow table. + .. note:: + Community PVLANs are only currently supported on VMware hypervisors. + Prerequisites ~~~~~~~~~~~~~ @@ -77,23 +80,34 @@ Prerequisites - Before you use PVLAN on XenServer and KVM, enable Open vSwitch (OVS). -Creating a PVLAN-Enabled Shared Network -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Creating a PVLAN-Enabled Network +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +PVLAN-enabled networks can be either shared or layer 2 networks. -For a general description of how to create a shared netowrk see `"configuring a shared guest network" <#configuring-a-shared-guest-network>`_. +For a general description of how to create a shared network see `"configuring a shared guest network" <#configuring-a-shared-guest-network>`_. -On top of the parameters required to create a *normal* shared network, the following +On top of the parameters required to create a *normal* shared or layer 2 network, the following parameters must be set: - **VLAN ID**: The unique ID of the primary VLAN that you want to use. -- **Secondary Isolated VLAN ID**: +- **Secondary Isolated VLAN ID**: The PVLAN ID to use within the primary VLAN. + +- **PVLAN Type**: The PVLAN type corresponding to the PVLAN ID to use within the primary VLAN. + +Creating a PVLAN-enabled network can be done in multiple ways depending on the PVLAN type: + + - For a **promiscuous** PVLAN: + - Set the secondary VLAN ID to the same VLAN ID as the primary VLAN that the promiscuous PVLAN will be inside (available only via API, not UI), or + - Set the PVLAN type to "Promiscuous" and do not set the secondary VLAN ID. - - For a **promiscuous** PVLAN, set this to the same VLAN ID as the primary VLAN - that the promiscuous PVLAN will be inside. - - For an **isolated** PVLAN, set this to the PVLAN ID which you wish to use - inside the primary VLAN. + - For an **isolated** PVLAN: + - Set the secondary VLAN ID to the PVLAN ID which you wish to use inside the primary VLAN (available only via API, not UI), or + - Set the PVLAN type to "Isolated" and set the secondary VLAN ID to the PVLAN ID which you wish to use inside the primary VLAN. + - For a **community** PVLAN: + - Set the PVLAN type to "Community" and set the secondary VLAN ID to the PVLAN ID which you wish to use inside the primary VLAN. .. |pvlans.png| image:: /_static/images/pvlans.png :alt: Diagram of PVLAN communications