Re: Understanding isolated networks
You should acquire a new public ip for the isolated network. Then you can configure firewall, portforwarder or loadbalancer on that ip. You are not limited to use a single public ip in isolated network. On Wed, Jun 2, 2021, 13:39 Jeremy Hansen wrote: > I’m working through my initial setup of Cloudstack. I added a second vm > host so I could test live migration. Worked out the vlan kinks and that’s > now working great. > > I launched a second guest and noticed it did not allocate a new public > IP. My expectation was that it would allocate another public IP from the > range I defined and the second instance would have its own virtual > router/firewall/port forwarding, etc, but that doesn’t seem to be the > case. I can configure the firewall on the existing virtual router to port > forward to the second instance, but I’d prefer it just allocate another > public IP from the range and allow me to configure each instance as a > separate entity without port conflicts. Is this possible? > > Thanks > -jeremy >
Re: Understanding isolated networks
Isolated network = VR connected to both Public and Guest network (singe network), plus 1 or more instances behind that VR, in that SINGLE network VPC = VR (as above) + 1 or MORE networks, with instances in each network If you want to really assign Public IP to your instances (old school VPS style hosting) - you would want (as cloud admin) to create a Shared Guest network on a dedicated VLAN, with a dedicated Public IP range (technically can be any private/public range, doesn't matter - but you want public) - and then when DIFFERENT TENANTS/users see this network, they can deploy a VM in it (so, different tenants are sharing the common network = security problem...), while there is also a VR for that network that does ONLY dhcp/dns (userdata/metadata also) - the instances' gateway is some physical routing device outside of ACS (not the VR <-- which is the case for VMs in Isolated and VPC networks) Hope that helps Andrija On Wed, 2 Jun 2021 at 11:09, Jeremy Hansen wrote: > I’m working through my initial setup of Cloudstack. I added a second vm > host so I could test live migration. Worked out the vlan kinks and that’s > now working great. > > I launched a second guest and noticed it did not allocate a new public > IP. My expectation was that it would allocate another public IP from the > range I defined and the second instance would have its own virtual > router/firewall/port forwarding, etc, but that doesn’t seem to be the > case. I can configure the firewall on the existing virtual router to port > forward to the second instance, but I’d prefer it just allocate another > public IP from the range and allow me to configure each instance as a > separate entity without port conflicts. Is this possible? > > Thanks > -jeremy > -- Andrija Panić
Understanding isolated networks
I’m working through my initial setup of Cloudstack. I added a second vm host so I could test live migration. Worked out the vlan kinks and that’s now working great. I launched a second guest and noticed it did not allocate a new public IP. My expectation was that it would allocate another public IP from the range I defined and the second instance would have its own virtual router/firewall/port forwarding, etc, but that doesn’t seem to be the case. I can configure the firewall on the existing virtual router to port forward to the second instance, but I’d prefer it just allocate another public IP from the range and allow me to configure each instance as a separate entity without port conflicts. Is this possible? Thanks -jeremy