]
Sent: 18 April 2013 02:00
To: dev@cloudstack.apache.org
Subject: Re: [RFC][FS]PVLAN for isolation within a VLAN
On Wed, Apr 17, 2013 at 05:49:23PM -0700, Sheng Yang wrote:
In fact that's the requirement for this design. We need this very strict
restriction to implement isolation for the VMs. PVLAN
Sheng,
Thanks for the FS. Couple of points in FS that made me curious of the
rational behind it.
Why do you want to all the end user VM's (except for DHCP server VM) in
shared network to be connected only to I-port's. This means that even VM's
of same user can not talk to each other, right?
In fact that's the requirement for this design. We need this very strict
restriction to implement isolation for the VMs. PVLAN is the way we used to
approach this requirement.
Community VLAN is more like normal VLANs, which shared the information in
between. That's not of our concern currently.
On Wed, Apr 17, 2013 at 05:49:23PM -0700, Sheng Yang wrote:
In fact that's the requirement for this design. We need this very strict
restriction to implement isolation for the VMs. PVLAN is the way we used to
approach this requirement.
As a user, the whole point of this type of network is to
