| VServers in three different networks: veth, venet or mixture? [message #35617] |
Wed, 08 April 2009 14:13  |
divB
Messages: 79
Registered: April 2009
|
Member |
|
|
Hi,
I am going to virtualize servers which are in three different networks and - if possible - should not be able to communicate with each other (if I do not allow it explicitely).
In the server there is an Intel E1000 with three VLANs: vlan2 (private network), vlan3 (public network with public IP addresses (/29-network) ), vlan4 (semipublic network with RF1918 addresses). The VServer itself should only be connected to the vlan2 network, so it's the single device having an IP address. This is the Debian network configuration on the host:
auto lo vlan2 vlan3 vlan4
iface lo inet loopback
# private, LAN (192.168.200.0/24)
iface vlan2 inet static
vlan-raw-device eth0
address 192.168.200.1
netmask 255.255.255.0
gateway 192.168.200.120
# public
iface vlan3 inet manual
vlan-raw-device eth0
up ip link set vlan3 up
down ip link set vlan3 down
# semi-plublic (192.168.0.0/24)
iface vlan4 inet manual
vlan-raw-device eth0
up ip link set vlan4 up
down ip link set vlan4 down
So what's the best way to use OpenVZs network?
My thought would be: Forget about venet (swith it off completely if possible) and just use veth in each VServer.
On the host bridge all private VServers with vlan2, all public VServers with vlan3 and all semi-public VServers with vlan4.
Is this a good or a bad idea? Any hints or tips left?
Thank you,
divB
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
