VLAN

Imagine an OpenStack cloud that consists of a single vlan provider network with the segmentation ID 100. Three instances have been connected to the network. As a result, the network architecture within the compute node resembles the following:

Figure 4.1

In Figure 4.1, three virtual machine instances are connected to a Linux bridge named brqXXXX via their respective tap interfaces. When the first instance was launched and connected to the network, Neutron created the bridge and a virtual interface named eth1.100 and automatically connected the interface to the bridge. The eth1.100 interface is bound to physical interface eth1. As traffic from instances traverses the Linux bridge and out toward the physical interface, interface eth1.100 tags that traffic as VLAN 100 and drops it on eth1. Likewise, ingress traffic toward the instances through eth1 is inversely untagged by eth1.100 and sent to the appropriate instance connected to the bridge.

Using the brctl show command, the preceding diagram can be realized in the Linux CLI as the following:

The bridge id in the output is dynamically generated based on the parent NIC of the virtual VLAN interface. In this bridge, the parent interface is eth1.

The bridge name, beginning with the brq prefix, is generated based on the ID of the corresponding Neutron network it is associated with. In a Linux bridge architecture, every network uses its own bridge. Bridge names should be consistent across nodes for the same network.

On the physical switch, the necessary configuration to facilitate the networking described here will resemble the following:

vlan 100
    name VLAN_100

interface Ethernet1/3
    description Provider_Interface_eth1
    switchport
    switchport mode trunk
    switchport trunk allowed vlan add 100
    no shutdown

When configured as a trunk port, the provider interface can support multiple VLAN networks. If more than one VLAN network is needed, another Linux bridge will be created automatically that contains a separate VLAN interface. The new virtual interface, eth1.101, is connected to a new bridge, brqYYYY, as seen in Figure 4.2:

Figure 4.2

On the compute node, the preceding diagram can be realized as the following brctl show output:

On the physical switch, the necessary configuration to facilitate the networking described here will resemble the following:

vlan 100
    name VLAN_100 
vlan 101 
    name VLAN_101 
 
interface Ethernet1/3
    description Provider_Interface_eth1
    switchport
    switchport mode trunk
    switchport trunk allowed vlan add 100-101
    no shutdown
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset