+1 the more isolation methods, the better.
On Thu, May 2, 2013 at 1:31 PM, Chip Childers <chip.child...@sungard.com>wrote: > On Wed, May 01, 2013 at 04:58:12PM -0400, Toshiaki Hatano wrote: > > Hi all, > > > > I’d like to add Linux native VXLAN support on KVM hypervisor. > > > > Currently, advanced zone with VLAN isolation can hold only 4k networks > (= accounts) in a zone due to the VLAN ID limitation. > > 4k accounts per zone is not enough for IaaS provider like us. > > Furthermore, VPC will allow single account to consume multiple networks. > > > > Linux kernel 3.7 or later supports VXLAN as part of its ordinal > networking function. > > VXLAN enable Layer 2 tunneling over UDP/IP with VLAN-like encapsulation > and allow 16M isolated networks in the domain. > > So, by using linux native VXLAN support, we can extend network limits > without introducing unnecessary complexity. > > (But in other words, it’s not as flexible as Open vSwitch. Only thing > Linux native VXLAN provides is multipoint L2 tunneling.) > > > > Any thoughts about this? > > > > > > P.S. > > > > I’m currently working on this as my internship project. > > As proof of concept, I’ve modified “modifyvlan.sh” script which is > actual VLAN create/delete manipulation script called from cloud-agent, to > create and to use VXLAN interface instead of VLAN interface. > > Modified script is tested with CloudStack 4.0.1 and 3 KVM hypervisors > based on CentOS 6.4 + 3.8.6 kernel. > > And it looks working. (But I’m still testing) > > > > > > P.S.2. > > > > FYI: OpenStack already started process [1] to support Linux native VXLAN. > > [1] https://review.openstack.org/#/c/26516/ > > > > > > Best Regards, > > -- > > Toshiaki Hatano > > I note that no one has replied to this thread yet, but I'll give you my > general +1 on the idea. > > Can some of the network-centric folks on the dev list please speak up on > the proposal? > > -chip >
