No, in Advanced Zone with SG - just like in Basic zone - there is no per customer VLAN; there are no firewall, load balancer or additional NICs; there is also no IPv6.
A VM will just get a public IP via DHCP and that's it, the customers are isolated via "security groups" which is a fancy name for iptables rules. Hope this clears it up. -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro ----- Original Message ----- > From: "Tejas Sheth" <tshet...@gmail.com> > To: users@cloudstack.apache.org > Sent: Wednesday, 26 November, 2014 10:14:11 > Subject: Re: security group and xenserver query > Thanks for simplification, > so it means that each account will have seprate VLAN with its own subnet > and those VLANs will be created and configured in physical switch? > > if architecture is above mentioned way configured then how can we achieve > NAT and loadbalancing? > > Thanks > Tejas > > > On Wed, Nov 26, 2014 at 3:28 PM, Geoff Higginbottom < > geoff.higginbot...@shapeblue.com> wrote: > >> I like to think of Advanced Network with SG as simply multiple Basic >> Networks, each on its own VLAN. You have the same features (or rather lack >> of) as you would with a Basic Zone, but you have multiple Guest Networks. >> >> Regards >> >> Geoff Higginbottom >> >> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 >> >> geoff.higginbot...@shapeblue.com >> >> -----Original Message----- >> From: Tejas Sheth [mailto:tshet...@gmail.com] >> Sent: 26 November 2014 09:53 >> To: users@cloudstack.apache.org >> Subject: Re: security group and xenserver query >> >> so NAT and loadbalancers are not possible if we use security group? >> >> so it meanse there will be no internal and external IPs for VMs. is it >> correct? >> >> On Wed, Nov 26, 2014 at 3:14 PM, Jayapal Reddy Uradi < >> jayapalreddy.ur...@citrix.com> wrote: >> >> > For SG networks there is no public network. >> > We configure public ips for the guest network. >> > >> > -Jayapal >> > >> > On 26-Nov-2014, at 12:00 PM, Tejas Sheth <tshet...@gmail.com> >> > wrote: >> > >> > > Hello, >> > > >> > > I have made the bridge configuration, but when i am selecting >> > > advance zone. it is not showing public network configuration. only >> > > guest and management is availabel. also internal CIDR ip >> > > configuration is also not available. >> > > i think it is cinverting to basic zone if we select security group >> > > and xenserver as hypervisor. >> > > >> > > Thanks >> > > Tejas >> > > >> > > On Tue, Nov 25, 2014 at 9:16 PM, Jayapal Reddy Uradi < >> > > jayapalreddy.ur...@citrix.com> wrote: >> > > >> > >> >> > >> For 6.2 you no need to install CSP. My typo mistake in last mail. >> > >> sysctl.conf is fine. >> > >> >> > >> >> > >> Thanks, >> > >> Jayapal >> > >> >> > >> On 25-Nov-2014, at 8:45 PM, Tejas Sheth <tshet...@gmail.com> >> > >> wrote: >> > >> >> > >>> Thanks, >> > >>> >> > >>> So can i take it as confirmation and proceed with only following >> > >>> bridge configuration in xenserver 6.2? >> > >>> >> > >>> # xe-switch-network-backend bridge >> > >>> >> > >>> # vi /etc/sysctl.conf >> > >>> net.bridge.bridge-nf-call-iptables = 1 >> > >>> net.bridge.bridge-nf-call-ip6tables = 0 >> > >>> net.bridge.bridge-nf-call-arptables = 1 >> > >>> >> > >>> # sysctl -p /etc/sysctl.conf >> > >>> >> > >>> Require confirmation for sysctl.cnf configuration part. >> > >>> >> > >>> Thanks and regards, >> > >>> Tejas >> > >>> >> > >>> On Tue, Nov 25, 2014 at 8:31 PM, Vadim Kimlaychuk < >> > >> vadim.kimlayc...@elion.ee >> > >>>> wrote: >> > >>> >> > >>>> XenServer does not need any package to be expicitly installed. >> > >>>> When >> > you >> > >>>> add host to CS it copies some files to the host itself and you >> > >>>> don't >> > >> need >> > >>>> to bother about them usually. >> > >>>> >> > >>>> Vadim. >> > >>>> >> > >>>> -----Original Message----- >> > >>>> From: Tejas Sheth [mailto:tshet...@gmail.com] >> > >>>> Sent: Tuesday, November 25, 2014 4:52 PM >> > >>>> To: users@cloudstack.apache.org >> > >>>> Subject: security group and xenserver query >> > >>>> >> > >>>> Hello Jayapal, >> > >>>> >> > >>>> Thanks for reply, I have understood the bridge configuration part >> > >>>> but can you clarify CSP package part. >> > >>>> >> > >>>> if CSP package comes with xenserver 6.2 then do we need to >> > >>>> install it explicitly? >> > >>>> >> > >>>> It would be really helpful if you can send link to install CSP in >> > >>>> xenserver 6.2 because CS 4.3 document do not have description for >> > >> xenserver >> > >>>> 6.2 CSP installation. >> > >>>> ---------------------------------------------------------------- >> > >>>> Hi Tejas, >> > >>>> >> > >>>> The network mode set to 'bridge' mode. >> > >>>> #xe-switch-network-backend bridge >> > >>>> >> > >>>> I think Xenserver 6.2 comes with the CSP package, so you need to >> > install >> > >>>> it explicitly. >> > >>>> >> > >>>> >> > >>>> Thanks, >> > >>>> Jayapal >> > >>>> >> > >>>> >> > >>>> On 25-Nov-2014, at 4:47 PM, Tejas Sheth <tshet...@gmail.com> >> > >>>> wrote: >> > >>>> >> > >>>>> Hello, >> > >>>>> >> > >>>>> We are configuring advanced zone in cloudstack 4.3 in xenserver >> 6.2. >> > >>>>> we want to configure security group in advance zone. do we have >> > >>>>> to do any special configuration in xenserver 6.2. >> > >>>>> >> > >>>>> xenserver has default networking configuration. >> > >>>>> >> > >>>>> Thanks and regards, >> > >>>>> Tejas >> > >>>> >> > >> >> > >> >> > >> > >> Find out more about ShapeBlue and our range of CloudStack related services >> >> IaaS Cloud Design & Build< >> http://shapeblue.com/iaas-cloud-design-and-build//> >> CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/> >> CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/> >> CloudStack Software Engineering< >> http://shapeblue.com/cloudstack-software-engineering/> >> CloudStack Infrastructure Support< >> http://shapeblue.com/cloudstack-infrastructure-support/> >> CloudStack Bootcamp Training Courses< >> http://shapeblue.com/cloudstack-training/> >> >> This email and any attachments to it may be confidential and are intended >> solely for the use of the individual to whom it is addressed. Any views or >> opinions expressed are solely those of the author and do not necessarily >> represent those of Shape Blue Ltd or related companies. If you are not the >> intended recipient of this email, you must neither take any action based >> upon its contents, nor copy or show it to anyone. Please contact the sender >> if you believe you have received this email in error. Shape Blue Ltd is a >> company incorporated in England & Wales. ShapeBlue Services India LLP is a >> company incorporated in India and is operated under license from Shape Blue >> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil >> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is >> a company registered by The Republic of South Africa and is traded under >> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
