Hi Jon, On Sep 27, 2012, at 10:39 , Jon Hudson <[email protected]> wrote:
>> However, in Data Center, a closed used group have many VMs or servers. >> Although an NVO instance provides a communication for the VMs in the group, >> some VMs may not need to communicate with some other VMs. > > True, and desirable. If VM_A_01 only needs to talk to VM_A_02-07, then I > don't want it to be able to touch VM_A_08 or VM_B_x. Two very different things: Lucy said: "some VMs may not need to communicate" … but that could change, and is not dictated by policy, but rather by current need. IMO, what you are asking calls for VM_A_01 and VM_A_02-07 to be in (say) VN_A, and VM_A_08 and VM_B_x in different VN(s) (not sure what the numbering means, but I'm just going with the flow.) If one were to put VM_A_01 and VM_A_08 in the same VN, one would have to hand-craft the intra-VN policies. Doable, but not scalable (administratively). For example, what happens if a new VM, VM_A_22 shows up (elasticity) … who can it talk to? KIreeti. _______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
