Hi Jithin, The more I thought about it, the more it made sense to me that the Public IP addresses should be accessible on all hypervisors within the same zone so I modified our installation method such that it matched this and after that everything worked yes. :) Thanks!
Kind regards, Jeroen Kleijer On Tue, Nov 26, 2024 at 6:07 AM Jithin Raju <jithin.r...@shapeblue.com> wrote: > Hi Jeroen, > > Public traffic/IP addresses and the VLANs associated with them have a Zone > ‘scope’ in CloudStack. You can use a single bridge on the KVM hosts but > ensure the VLAN/s is usable within the entire Zone/ across Pods. > > -Jithin > > From: Jeroen Kleijer <jeroen.klei...@gmail.com> > Date: Sunday, 24 November 2024 at 12:01 AM > To: users@cloudstack.apache.org <users@cloudstack.apache.org> > Subject: Strange issue with public and private traffic > Hi all, > > I'm running into an issue I don't yet know how to resolve. > I have a single zone with two PODs conveniently named POD1 and POD2. > These two PODs have their own network ranges: > POD1: 192.168.1.0/24 > POD2: 192.168.2.0/24 > For the public ranges for POD1, I assign the range of 192.168.1.20 through > 192.168.1.23 > For the public ranges for POD2, I assign the range of 192.168.2.20 through > 192.168.2.23 > For the private ranges for POD1, I assign the range of 192.168.1.24 through > 192.168.1.27 > For the private ranges for POD2, I assign the range of 192.168.2.24 through > 192.168.2.27 > > Now, when it starts spinning up System VMs, it seems to take a public IP > address from _any_ of the Public IP ranges, grab another IP from any of the > Private IP ranges and then assigns it to a System VM that hosted randomly > on any of the hosts in one of the PODs. > > I've now seen it happen multiple times where it takes a public IP address > from the Public range for POD1, grabs a private IP address from the private > range of POD2 and assigns it to a System VM that will be hosted on a host > in POD2. Given that it's assigned a Public IP address from POD1, it won't > work on POD2. (that particular VLAN with that range is not enabled on POD2) > > Given that I've seen this happen multiple times, does this mean that the > public range really needs to be an IP range that's available / usable on > _all_ PODs? I have management and public traffic going over the same > cloudbr0 interface which is a tagged bridge interface on all of the hosts > on the PODs. On hosts in POD1, it'll get tagged with VLAN ID x and on hosts > in POD2 it'll get tagged with VLAN ID y. > > Would this mean that for the public traffic, I would need a separate > cloudbr interface with a VLAN that's available to both PODs? > > Kind regards, > > Jeroen Kleijer > > > >
