Hi Jeff, please see my responses inline, prefixed by [SL].
Jeff Forbes <[email protected]> wrote: > I have set up the openvswitch demo for isolating VM traffic using VLANs. > The setup works as expected. The difficulty I am having is with using > DHCP to assign the IPs. The two VLANs have IP ranges of 10.0.0.x and > 10.0.1.x and the netmasks are 255.255.0.0. I have been able to get > dnsmasq to assigned IPs for one of the VLANs by assigning an internal > openvswitch port on the DHCP server the ip of 10.0.0.1 and the tag of > one of the VLANs. [SL] Based on the network addresses and subnet mask provided, you have a situation where you have two VLANs (which are Layer 2 broadcast domains) inside a single IP network (which is a Layer 3 broadcast domain). This can produce some unexpected (and typically undesired) results. Generally, you'll align your VLANs with your IP subnets, since systems can't communicate across VLANs without passing through a Layer 3 device anyway. > The goal is to be able to have multiple vlans with IPs in the 10.0.x.y > range and have them assigned IPs based on the VMs MAC address. > What is the best way to have the DHCP daemon recognize the different > VLANs? [SL] DHCP itself is not VLAN-aware and operates within a Layer 2 broadcast domain (a VLAN). Without assistance, a single DHCP server in one VLAN won't be able to provide IP address leases to systems outside its own VLAN. That assistance comes in the form of a DHCP relay, which takes DHCP requests on one VLAN and forwards them across a router to the DHCP server in the other VLAN. > I tried to use the trunk directive, but dnamasq did not respond to the > broadcast DHCP request. > > The reason for using the 10.0.x.y address space is that we would like to > be able to have some of the VLANs be able to communicate between each > other without changing the VLAN tag. Is there a way of doing this? [SL] Systems in different VLANs can't communicate with systems in other VLANs without passing through a Layer 3 device (a router). Can you share a bit more on exactly *what* you're trying to achieve with this particular environment, so that we can try to provide some guidance as to how to achieve it? -- Scott _______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
