subject:"\\\[ovirt\\\-users\\\] management interface"

Re: [ovirt-users] management interface

2016-08-08 Thread Fernando Fuentes

Edy,

Just wanted to report back that I made all changes and all worked
as expected.
I took your advice and left the ovritmgmt interface alone and didn't tag
it. All I did was move it to another interface and re-ip it. The
interface was tagged at the chassis.

Thanks again.

Regards,

--
Fernando Fuentes
ffuen...@txweather.org
http://www.txweather.org



On Fri, Aug 5, 2016, at 12:50 PM, Edward Haas wrote:
>
>
> On Thu, Aug 4, 2016 at 11:50 PM, Fernando Fuentes
>  wrote:
>> __
>> Edward,
>>
>> I am sorry that the diagram was not clear enough.
>>
>> There is two bonds (4 phisical nic's, each pair is LACP). One for
>> mgmt traffic only and one to carry untag and tag traffic.
>> But I do understand your point.
>> I will try to separate this and have everything on its own
>> access port.
>>
>> To move my current ovirtmgmt interface to a new one all I have to do
>> is create one and assign it and remove the old one correct?
>> Thanks again!
>
> Separating the management to its own bond and everything else to a
> second bond sounds reasonable.
> So in this case, it will be less risky to just leave the ovirtmgmt as
> is and move the other networks to the other bond.
> If the current ovirtmgmt is on a non-vlan network, just set the switch
> that connects to this bond slaves as access ports of vlan 35.
> It is preferable not to play too much with the management network, as
> you may loose the host (although VDSM has a safety
> process in place that will revert the change in case Engine-Host
> connectivity is lost).
> If you prefer to move ovirtmgmt, make sure you perform the network
> detach and attach steps (including any VLAN changes)
> in one transaction (change what you need and then do an apply for
> everything).
> Thanks,
> Edy.
>
>>
>>
>>
>> Regards,
>>
>>
>>
>> --
>> Fernando Fuentes
>> ffuen...@txweather.org
>> http://www.txweather.org
>>
>>
>>
>>
>> On Thu, Aug 4, 2016, at 02:07 AM, Edward Haas wrote:
>>> Hi Fernando,
>>> From what I could understand, you would like to have 3 networks, all
>>> on the same bond:
>>> (I do not understand from the diagram that you have two bonds, you
>>> mentioned only bond0)
>>> - ovirtmgmt - vlan35@bond0
>>> - dmz vm network - vlan42@bond0
>>> - default vm network - untag@bond0
>>>
>>> Based on the tag, traffic that enters bond0 will be forwarded to the
>>> relevant network.
>>> Any traffic that enters bond0 and is either untag or has a tag that
>>> does not correspond to the defined vlans,
>>> will be forwarded to the non-vlan network (default vm in this case).
>>> Note that when packets pass a vlan interface, they are stripped of
>>> their tag.
>>>
>>> I personally consider a mix of tag and untag on the same iface/port
>>> as bad practice, but there may be reasons to
>>> choose it. If you can, try having all networks with vlans, and set
>>> the switch ports correctly to reflect that.
>>> Any other device on the network, like the router, can be connected
>>> to the switch to an access port (say of vlan 100),
>>> so traffic there is untag, and when traffic goes to the ovirt host,
>>> it will go tagged 100.
>>> Thanks,
>>> Edy.
>>>
>>> On Tue, Aug 2, 2016 at 9:22 PM, Fernando Fuentes
>>>  wrote:
 __
 I answer my own question.
 "I think" lol

 I am going to create a new ovirtmgmt logical network with a vlan
 tag and than move my hosts in to it for management. This interface
 is not part of the vm network.

 The rest of the logical networks with vlans will be tagged and part
 of the vm network.
 I think that logic is right.
 Thoughts?


 Regards,


 --
 Fernando Fuentes
 ffuen...@txweather.org
 http://www.txweather.org




 On Sun, Jul 31, 2016, at 11:43 PM, Fernando Fuentes wrote:
> Right now as we stand boht ovirt management and LAN data crosses
> the same interface.
> I have two bonds. I want to move ovirt management to its own bond
> and tag it with vlan id 35.
>
> Than I wan to move my LAN which has no tag and my dmz that does
> have a tag in to my secondary bond.
>
> The switch is all configured what I am not sure is when making the
> logical network do I make the LAN a "VM Network"?
> And the same question for my dmz tagged vlan...
>
> I attached a small diagram that explains what I am trying to
> accomplish... I hope :D
>
>
> Thanks for the help.
>
> Regards,
>
>
> --
> Fernando Fuentes
> ffuen...@txweather.org
> http://www.txweather.org
>
>
>
> On Sun, Jul 31, 2016, at 12:50 PM, Edward Haas wrote:
>>
>>
>> On Sun, Jul 31, 2016 at 7:19 PM, Fernando Fuentes
>>  wrote:
>>> Team,
>>>
>>> Is it possible to move the ovirt management interface to a
>>> separate vlan
>>> and keep it from been on the same interface as my LAN?
>>
>> Networks, including

Re: [ovirt-users] management interface

2016-08-04 Thread Fernando Fuentes

Edward,

I am sorry that the diagram was not clear enough.

There is two bonds (4 phisical nic's, each pair is LACP). One for mgmt
traffic only and one to carry untag and tag traffic.
But I do understand your point.
I will try to separate this and have everything on its own access port.

To move my current ovirtmgmt interface to a new one all I have to do is
create one and assign it and remove the old one correct?
Thanks again!

Regards,



--
Fernando Fuentes
ffuen...@txweather.org
http://www.txweather.org



On Thu, Aug 4, 2016, at 02:07 AM, Edward Haas wrote:
> Hi Fernando,
> From what I could understand, you would like to have 3 networks, all
> on the same bond:
> (I do not understand from the diagram that you have two bonds, you
> mentioned only bond0)
> - ovirtmgmt - vlan35@bond0
> - dmz vm network - vlan42@bond0
> - default vm network - untag@bond0
>
> Based on the tag, traffic that enters bond0 will be forwarded to the
> relevant network.
> Any traffic that enters bond0 and is either untag or has a tag that
> does not correspond to the defined vlans,
> will be forwarded to the non-vlan network (default vm in this case).
> Note that when packets pass a vlan interface, they are stripped of
> their tag.
>
> I personally consider a mix of tag and untag on the same iface/port as
> bad practice, but there may be reasons to
> choose it. If you can, try having all networks with vlans, and set the
> switch ports correctly to reflect that.
> Any other device on the network, like the router, can be connected to
> the switch to an access port (say of vlan 100),
> so traffic there is untag, and when traffic goes to the ovirt host, it
> will go tagged 100.
> Thanks,
> Edy.
>
> On Tue, Aug 2, 2016 at 9:22 PM, Fernando Fuentes
>  wrote:
>> __
>> I answer my own question.
>> "I think" lol
>>
>> I am going to create a new ovirtmgmt logical network with a vlan tag
>> and than move my hosts in to it for management. This interface is not
>> part of the vm network.
>>
>> The rest of the logical networks with vlans will be tagged and part
>> of the vm network.
>> I think that logic is right.
>> Thoughts?
>>
>>
>> Regards,
>>
>>
>> --
>> Fernando Fuentes
>> ffuen...@txweather.org
>> http://www.txweather.org
>>
>>
>>
>>
>> On Sun, Jul 31, 2016, at 11:43 PM, Fernando Fuentes wrote:
>>> Right now as we stand boht ovirt management and LAN data crosses the
>>> same interface.
>>> I have two bonds. I want to move ovirt management to its own bond
>>> and tag it with vlan id 35.
>>>
>>> Than I wan to move my LAN which has no tag and my dmz that does have
>>> a tag in to my secondary bond.
>>>
>>> The switch is all configured what I am not sure is when making the
>>> logical network do I make the LAN a "VM Network"?
>>> And the same question for my dmz tagged vlan...
>>>
>>> I attached a small diagram that explains what I am trying to
>>> accomplish... I hope :D
>>>
>>>
>>> Thanks for the help.
>>>
>>> Regards,
>>>
>>>
>>> --
>>> Fernando Fuentes
>>> ffuen...@txweather.org
>>> http://www.txweather.org
>>>
>>>
>>>
>>> On Sun, Jul 31, 2016, at 12:50 PM, Edward Haas wrote:


 On Sun, Jul 31, 2016 at 7:19 PM, Fernando Fuentes
  wrote:
> Team,
>
> Is it possible to move the ovirt management interface to a
> separate vlan
> and keep it from been on the same interface as my LAN?

 Networks, including the management one, can be assign as non-vlan
 or as vlan on
 different nics/bonds.
 If you want to assign two or more networks on the same nic/bond,
 only one can remain
 non-vlan, the rest must be set with a vlan.
 Vlan networks require that traffic entering the nic/bond is tagged,
 therefore, the switch port
 that the nic is connected to must be set as a trunk.
 If you have a specific setup in mind, please draw a network diagram
 for us.

>
> IE: assign a tag to ovirtmanagement and keep another interface as
> untag
> for my LAN to use with the VM's
>
> Thoughts ideas?
>
> TIA!
>
> Regards,
>
> --
>  Fernando Fuentes ffuen...@txweather.org http://www.txweather.org
>  ___
>  Users mailing list Users@ovirt.org
>  http://lists.ovirt.org/mailman/listinfo/users
>>>
>>> _
>>> Users mailing list
>>> Users@ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/users
>>> Email had 1 attachment:


>>>  * vlans.png 353k (image/png)
>>
>>
>> ___
>>  Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] management interface

2016-08-04 Thread Edward Haas

Hi Fernando,

>From what I could understand, you would like to have 3 networks, all on the
same bond:
(I do not understand from the diagram that you have two bonds, you
mentioned only bond0)
- ovirtmgmt - vlan35@bond0
- dmz vm network - vlan42@bond0
- default vm network - untag@bond0

Based on the tag, traffic that enters bond0 will be forwarded to the
relevant network.
Any traffic that enters bond0 and is either untag or has a tag that does
not correspond to the defined vlans,
will be forwarded to the non-vlan network (default vm in this case).
Note that when packets pass a vlan interface, they are stripped of their
tag.

I personally consider a mix of tag and untag on the same iface/port as bad
practice, but there may be reasons to
choose it. If you can, try having all networks with vlans, and set the
switch ports correctly to reflect that.
Any other device on the network, like the router, can be connected to the
switch to an access port (say of vlan 100),
so traffic there is untag, and when traffic goes to the ovirt host, it will
go tagged 100.

Thanks,
Edy.

On Tue, Aug 2, 2016 at 9:22 PM, Fernando Fuentes 
wrote:

> I answer my own question.
> "I think" lol
>
> I am going to create a new ovirtmgmt logical network with a vlan tag and
> than move my hosts in to it for management. This interface is not part of
> the vm network.
>
> The rest of the logical networks with vlans will be tagged and part of the
> vm network.
> I think that logic is right.
> Thoughts?
>
> Regards,
>
>
> --
> Fernando Fuentes
> ffuen...@txweather.org
> http://www.txweather.org
>
>
>
> On Sun, Jul 31, 2016, at 11:43 PM, Fernando Fuentes wrote:
>
> Right now as we stand boht ovirt management and LAN data crosses the same
> interface.
> I have two bonds. I want to move ovirt management to its own bond and tag
> it with vlan id 35.
>
> Than I wan to move my LAN which has no tag and my dmz that does have a tag
> in to my secondary bond.
>
> The switch is all configured what I am not sure is when making the logical
> network do I make the LAN a "VM Network"?
> And the same question for my dmz tagged vlan...
>
> I attached a small diagram that explains what I am trying to accomplish...
> I hope :D
>
>
> Thanks for the help.
>
> Regards,
>
>
> --
> Fernando Fuentes
> ffuen...@txweather.org
> http://www.txweather.org
>
>
>
> On Sun, Jul 31, 2016, at 12:50 PM, Edward Haas wrote:
>
>
>
> On Sun, Jul 31, 2016 at 7:19 PM, Fernando Fuentes 
> wrote:
>
> Team,
>
> Is it possible to move the ovirt management interface to a separate vlan
> and keep it from been on the same interface as my LAN?
>
>
> Networks, including the management one, can be assign as non-vlan or as
> vlan on
> different nics/bonds.
> If you want to assign two or more networks on the same nic/bond, only one
> can remain
> non-vlan, the rest must be set with a vlan.
> Vlan networks require that traffic entering the nic/bond is tagged,
> therefore, the switch port
> that the nic is connected to must be set as a trunk.
> If you have a specific setup in mind, please draw a network diagram for us.
>
>
> IE: assign a tag to ovirtmanagement and keep another interface as untag
> for my LAN to use with the VM's
>
> Thoughts ideas?
>
> TIA!
>
> Regards,
>
> --
> Fernando Fuentes
> ffuen...@txweather.org
> http://www.txweather.org
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
> *___*
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
> Email had 1 attachment:
>
>- vlans.png
>  353k (image/png)
>
>
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] management interface

2016-08-02 Thread Fernando Fuentes

I answer my own question.
"I think" lol

I am going to create a new ovirtmgmt logical network with a vlan tag and
than move my hosts in to it for management. This interface is not part
of the vm network.

The rest of the logical networks with vlans will be tagged and part of
the vm network.
I think that logic is right.
Thoughts?

Regards,


--
Fernando Fuentes
ffuen...@txweather.org
http://www.txweather.org



On Sun, Jul 31, 2016, at 11:43 PM, Fernando Fuentes wrote:
> Right now as we stand boht ovirt management and LAN data crosses the
> same interface.
> I have two bonds. I want to move ovirt management to its own bond and
> tag it with vlan id 35.
>
> Than I wan to move my LAN which has no tag and my dmz that does have a
> tag in to my secondary bond.
>
> The switch is all configured what I am not sure is when making the
> logical network do I make the LAN a "VM Network"?
> And the same question for my dmz tagged vlan...
>
> I attached a small diagram that explains what I am trying to
> accomplish... I hope :D
>
>
> Thanks for the help.
>
> Regards,
>
>
> --
> Fernando Fuentes
> ffuen...@txweather.org
> http://www.txweather.org
>
>
>
> On Sun, Jul 31, 2016, at 12:50 PM, Edward Haas wrote:
>>
>>
>> On Sun, Jul 31, 2016 at 7:19 PM, Fernando Fuentes
>>  wrote:
>>> Team,
>>>
>>> Is it possible to move the ovirt management interface to a
>>> separate vlan
>>> and keep it from been on the same interface as my LAN?
>>
>> Networks, including the management one, can be assign as non-vlan or
>> as vlan on
>> different nics/bonds.
>> If you want to assign two or more networks on the same nic/bond, only
>> one can remain
>> non-vlan, the rest must be set with a vlan.
>> Vlan networks require that traffic entering the nic/bond is tagged,
>> therefore, the switch port
>> that the nic is connected to must be set as a trunk.
>> If you have a specific setup in mind, please draw a network diagram
>> for us.
>>
>>>
>>> IE: assign a tag to ovirtmanagement and keep another interface
>>> as untag
>>> for my LAN to use with the VM's
>>>
>>> Thoughts ideas?
>>>
>>> TIA!
>>>
>>> Regards,
>>>
>>> --
>>>  Fernando Fuentes ffuen...@txweather.org http://www.txweather.org
>>>  ___
>>>  Users mailing list Users@ovirt.org
>>>  http://lists.ovirt.org/mailman/listinfo/users
>
> _
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
> Email had 1 attachment:


>  * vlans.png 353k (image/png)
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] management interface

2016-07-31 Thread Edward Haas

On Sun, Jul 31, 2016 at 7:19 PM, Fernando Fuentes 
wrote:

> Team,
>
> Is it possible to move the ovirt management interface to a separate vlan
> and keep it from been on the same interface as my LAN?
>

Networks, including the management one, can be assign as non-vlan or as
vlan on
different nics/bonds.
If you want to assign two or more networks on the same nic/bond, only one
can remain
non-vlan, the rest must be set with a vlan.
Vlan networks require that traffic entering the nic/bond is tagged,
therefore, the switch port
that the nic is connected to must be set as a trunk.

If you have a specific setup in mind, please draw a network diagram for us.

> IE: assign a tag to ovirtmanagement and keep another interface as untag
> for my LAN to use with the VM's
>
> Thoughts ideas?
>
> TIA!
>
> Regards,
>
> --
> Fernando Fuentes
> ffuen...@txweather.org
> http://www.txweather.org
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] management interface

2016-07-31 Thread Kenneth Bingham

Fernando, That is the recommended approach, that ovirtmgmt bridge not also
be used for VMs. This is for the sake of separation of privilege if I
understand correctly, and there's no reason that VMs will not be able to
communicate using that bridge. Whether or not you tag depends on your
network's logical topology. If you don't tag in oVirt manager and your
network uses VLANs, then the packets will be treated as belonging to the
default VLAN, often ID 1, but certainly not always.

On Sun, Jul 31, 2016 at 12:20 PM Fernando Fuentes 
wrote:

> Team,
>
> Is it possible to move the ovirt management interface to a separate vlan
> and keep it from been on the same interface as my LAN?
>
> IE: assign a tag to ovirtmanagement and keep another interface as untag
> for my LAN to use with the VM's
>
> Thoughts ideas?
>
> TIA!
>
> Regards,
>
> --
> Fernando Fuentes
> ffuen...@txweather.org
> http://www.txweather.org
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] management interface

2016-07-31 Thread Fernando Fuentes

Team,

Is it possible to move the ovirt management interface to a separate vlan
and keep it from been on the same interface as my LAN?

IE: assign a tag to ovirtmanagement and keep another interface as untag
for my LAN to use with the VM's

Thoughts ideas?

TIA!

Regards,

-- 
Fernando Fuentes
ffuen...@txweather.org
http://www.txweather.org
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] management interface

Re: [ovirt-users] management interface

Re: [ovirt-users] management interface

Re: [ovirt-users] management interface

Re: [ovirt-users] management interface

Re: [ovirt-users] management interface

[ovirt-users] management interface

7 matches

Site Navigation

Mail list logo

Footer information