Re: CS VLAN configuration in a Cisco 3560 switch

Hi Luis, just to extend a little more: basically the configuration posted by Simon should work. Some more explanations. There are some important considerations: - All VLANs you want to use need to exist on the switch. That’s why they need to be created using the vlan 100-200 statement - The

Re: Creating a Network inside a vpc which isnt attached to the routervm

Hi, we are hitting the same limitation, except that we can use 10 NICs on VMware. The fact that we also use the Private Gateway functionality addes another NIC, besides the management and outside NIC which is present as well. I wonder that is the reason for one NIC per tier? Why not just use

Re: Creating a Network inside a vpc which isnt attached to the routervm

Hi Dag, thank you for your answer. As far as I know, the end user never has direct access to the virtual router. I am not talking about adding a VLAN tag at the user VM, only at the VPR, where the limit most likely comes into play when creating a number of tiers in a VPC. We could do both:

Re: Creating a Network inside a vpc which isnt attached to the routervm

Hi Dag, you would need to do that with the Linux dot1q kernel module, yes. This way you can create virtual interfaces with VLAN tags and bind them to one NIC. We are routing and firewalling in software anyway, I do not see any considerable additional overhead here. Instead of “physical” NICs,

Upgrade Router via API after CP Upgrade

Hi all, we are currently planning an update of CP, which also includes an upgrade of the System VMs. We are upgrading from 4.5 to 4.7. I wrote a python script to check VPN connections and other parameters. Some upgrades can be performed right after the CP upgrade, some other routers must not

Re: Modifying a service offering in the cloudstack DB

Hi Dag, Hi Ivan, thanks to both of you for your reply. I would like to build on the question of my colleague Christian. Can you elaborate what would happen if we’d just change the service offering in the database? From my understanding the main problem is, that during VM creation the old and

Re: Modifying a service offering in the cloudstack DB

Hi Dag, thanks again. We modified the DB last Friday and so far, this seems to work. We could move VMs to the new Hosts and new VMs are provisioned there as well. Thank you again for your help. Regards Daniel Am 21.07.17, 11:26 schrieb "Dag Sonstebo" : Hi

Increase CIDR list parameter length limit of API when creating VPN customer gateway

Dear all, one of our customer has the requirement to tunnel all traffic from a VPC back to his site, even normal Internet traffic. As it is not possible to use “0.0.0.0/0” as CIDR (since CloudStack complains that this is overlapping with the VPC network, which I do not really understand as

Re: Increase CIDR list parameter length limit of API when creating VPN customer gateway

Ah, I forgot to mention in my previous mail: We’re still on CloudStack 4.5 Regards Daniel Am 24.07.17, 12:34 schrieb "daniel.herrm...@zv.fraunhofer.de" : Dear all, one of our customer has the requirement to tunnel all traffic from a VPC back to

Re: Upgrade Router via API after CP Upgrade

Hi Dag, aah, the global setting was the missing piece in the puzzle, that makes total sense now. Thank you. I am currently using the Python CS module for coding the script, I will use that for the task at hand. And yes, you are right, this is actually CloudPlatform. We are currently at 4.5

Re: [DISCUSS] Redundant Virtual Routers on VMware?

Hi, We are not running ACS but ACP, currently in version 4.7.11. We’d love to run rVR on VMWare with ESXi, but as you pointed out it is currently not supported. Regards Daniel -- Daniel Herrmann Network Engineer – Fraunhofer Private Cloud CCIE #55056 (Routing and Switching) Cisco CCDP, CCIP;

Re: Network ACL Lists

Hi Benjamin, Hi Dag, I think, in some environment that could make perfect sense. We are using the software in a private cloud environment and have some centrally managed lists of IP networks which are allowed to access internal services. Right now, every service using our private cloud has to

Re: Customer Backup with CS 4.7 and VMWare

Hi Sebastián, Thank you for your answer. This is exactly the same problem we are facing. Some customers have >1TB volumes, and it just takes ages to complete them. Which by the way would not be the actual problem, but sometimes CS does not even create the snapshot from the recurring snapshot

Re: CentOS7 Packages

Hi, I'd like to add a question here - in the 4.11 documentation, CentOS 6 is still the recommended release - CentOS 6 is quite old now and CentOS7 out for a while. Is there a specific reason why we stick to the CentOS 6 recommendation? Regards Daniel On 12.02.18, 10:04, "Dag Sonstebo"

Re: CentOS7 Packages

Hi Paul, There are actually multiple occurrences. Two of which I can think right now: Minimum System Requirements in "Installation overview": http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.11/overview/index.html "Operating system: Preferred: CentOS/RHEL 6.3+ or Ubuntu

Re: Configure cisco switch for advance networking

Hi Shyam, I have no idea what a CISCO WSC456 switch might be, I've never heard of it. In general: cisco switches can send tagged/untagged frames, but the logic is quite a bit different. Let's say you've created three VLANs: --- snip --- vlan 10 name vlan-10 vlan 20 name vlan-20 vlan 30

Customer Backup with CS 4.7 and VMWare

Hi All, We are using CS 4.7.1 with VMWare Hypervisor and advanced networking in a private cloud environment. Currently, most of our (internal) customers hosting internal services within this environment are using volume snapshots to facilitate backups of their virtual machines. Besides the

Re: Change VPC CIDR - and some Mailing List issues

Hi, As far as I know, when creating a site 2 site VPN, you can only specify the remote networks. The local network is always set to the whole VPC CIDR. Or am I wrong? Regards Daniel On 07.03.18, 12:39, "Rafael Weingärtner" wrote: I agree with you. I was not

Re: Change VPC CIDR - and some Mailing List issues

Hi, Maybe we could link to the Apache search system at the page listing the Cloudstack Mailing-Lists: https://cloudstack.apache.org/mailing-lists.html If you click on the list there, you get to http://mail-archives.apache.org/mod_mbox/cloudstack-users/. Then there is markmail linked and the

Change VPC CIDR - and some Mailing List issues

Hi all, First of all: when trying to search the lists on MarkMail (https://cloudstack.apache.org/mailing-lists.html) I get a warning that the entered information will be transmitted insecurely (no HTTPs). If I accept that, MarkMail redirects back to HTTPs but does not present a valid

Automated testing of our environment

Hi all, We’d like to automatically run some tests again our live environment on regular basis. Something like: “Deploy a VM with a specific template, assign an IP address, enable static NAT, and check if the SSH password and keys work” While researching, I came across the Marvin

Customizing SystemVM Template

Hi all, While still working on the automated testing, I got another request. We want to modify our system-VM template to include for example a monitoring tool (zabbix agent) to help us monitoring the router. Is there a guide on how to modify the template? I can download the OVA, start

Re: Customizing SystemVM Template

Hi Boris, Yes, I did. However, I don't want to build it from scratch, I just want to add some stuff to an existing OVA template. My naïve approach would be to start it in virtualbox, do what I want to do and export it again. Not sure however if it really is that easy. Regards Daniel On

Re: Customizing SystemVM Template

Thanks you. I'll try in our staging environment. Only VRs is perfectly fine for us, as those are the guys making the most trouble (rebooting and losing all their interfaces, crashing due to out-of-ram problems when too many FW entries (not ACL entries) are deployed, and so on) which is why we

Re: Automated testing of our environment

Hi Rene, Hi Boris, Thanks @Boris for the information about Marvin. I guess in our case (running automated test against our prod environment) that would not be the ideal choice. > This would be very easy to do with ansible. > > It would even allow to log in to the deployed VM and run tasks on