Hi Jeroen, Public traffic/IP addresses and the VLANs associated with them have a Zone ‘scope’ in CloudStack. You can use a single bridge on the KVM hosts but ensure the VLAN/s is usable within the entire Zone/ across Pods.
-Jithin From: Jeroen Kleijer <jeroen.klei...@gmail.com> Date: Sunday, 24 November 2024 at 12:01 AM To: users@cloudstack.apache.org <users@cloudstack.apache.org> Subject: Strange issue with public and private traffic Hi all, I'm running into an issue I don't yet know how to resolve. I have a single zone with two PODs conveniently named POD1 and POD2. These two PODs have their own network ranges: POD1: 192.168.1.0/24 POD2: 192.168.2.0/24 For the public ranges for POD1, I assign the range of 192.168.1.20 through 192.168.1.23 For the public ranges for POD2, I assign the range of 192.168.2.20 through 192.168.2.23 For the private ranges for POD1, I assign the range of 192.168.1.24 through 192.168.1.27 For the private ranges for POD2, I assign the range of 192.168.2.24 through 192.168.2.27 Now, when it starts spinning up System VMs, it seems to take a public IP address from _any_ of the Public IP ranges, grab another IP from any of the Private IP ranges and then assigns it to a System VM that hosted randomly on any of the hosts in one of the PODs. I've now seen it happen multiple times where it takes a public IP address from the Public range for POD1, grabs a private IP address from the private range of POD2 and assigns it to a System VM that will be hosted on a host in POD2. Given that it's assigned a Public IP address from POD1, it won't work on POD2. (that particular VLAN with that range is not enabled on POD2) Given that I've seen this happen multiple times, does this mean that the public range really needs to be an IP range that's available / usable on _all_ PODs? I have management and public traffic going over the same cloudbr0 interface which is a tagged bridge interface on all of the hosts on the PODs. On hosts in POD1, it'll get tagged with VLAN ID x and on hosts in POD2 it'll get tagged with VLAN ID y. Would this mean that for the public traffic, I would need a separate cloudbr interface with a VLAN that's available to both PODs? Kind regards, Jeroen Kleijer
