Network resources managed by Openstack Neutron

Others 2020-04-14 10:51:31 views: null

1. network
    1.1 local
    1.2 flat
    1.3 vlan
    1.4 vxlan
    1.5 gre
2. subnet
3. port
4. 小节

The network resources managed by Neutron include Network, subnet and port, which are introduced in order below.

1. Network

network is an isolated layer 2 broadcast domain. Neutron supports many types of networks, including local, flat, VLAN, VxLAN and GRE.

1.1 local

The local network is isolated from other networks and nodes. The instance in the local network can only communicate with the instance in the same network on the same node. The local network is mainly used for stand-alone testing.

1.2 flat

The flat network is a network without vlan tagging. The instance in the flat network can communicate with the instance in the same network, and can span multiple nodes.

1.3 vlan

The vlan network is a network with 802.1q tagging. A vlan is a layer 2 broadcast domain. Instances in the same vlan can communicate. Different vlans can only communicate through routers. The vlan network can span nodes and is the most widely used network type.

1.4 vxlan

vxlan is an overlay network based on tunnel technology. The vxlan network is distinguished from other vxlan networks by a unique segmentation ID (also called VNI). The data packets in vxlan will be encapsulated into UDP packets through VNI for transmission. Because the layer 2 packets are transmitted at the layer 3 by encapsulation, they can overcome the limitations of VLAN and physical network infrastructure.

1.5 goes

gre is an overlay network similar to vxlan. The main difference is that IP packets are used instead of UDP for encapsulation.

Different networks are isolated on the second layer.
Taking the vlan network as an example, network A and network B will be assigned different VLAN IDs, which ensures that the broadcast packets in network A will not run into network B. Of course, the isolation here refers to the isolation on the second layer. With the help of routers, different networks can communicate on the third layer.

The network must belong to a Project (Tenant tenant), and multiple networks can be created in the Project. There is a one-to-many relationship between network and Project.

2. Subnet

subnet is an IPv4 or IPv6 address segment. The IP of the instance is allocated from the subnet. Each subnet needs to define the IP address range and mask.

Subnet and network have a many-to-one relationship. A subnet can only belong to a certain network; a network can have multiple subnets, and these subnets can be different IP segments, but they cannot overlap. The following configuration is valid:

network A       subnet A-a: 10.10.1.0/24  {"start": "10.10.1.1", "end": "10.10.1.50"}
                subnet A-b: 10.10.2.0/24  {"start": "10.10.2.1", "end": "10.10.2.50"}

But the following configuration is invalid because subnets overlap

networkA        subnet A-a: 10.10.1.0/24  {"start": "10.10.1.1", "end": "10.10.1.50"}
                subnet A-b: 10.10.1.0/24  {"start": "10.10.1.51", "end": "10.10.1.100"}

Here is not to judge whether the IP overlaps, but the CIDR overlap of the subnet (all 10.10.1.0/24)

However, if the subnet is in a different network, CIDR and IP can overlap, such as

network A       subnet A-a: 10.10.1.0/24  {"start": "10.10.1.1", "end": "10.10.1.50"}

networkB        subnet B-a: 10.10.1.0/24  {"start": "10.10.1.1", "end": "10.10.1.50"}

Everyone here will inevitably wonder: If the above IP addresses can overlap, then there may be two instances with the same IP, so will there be conflicts? The simple answer is: no!

Specific reasons: Because Neutron's router is implemented through the Linux network namespace. network namespace is a network isolation mechanism. Through it, each router has its own independent routing table.

The above configuration has two results:

  1. If two subnets are routed through the same router, according to the router configuration, only the specified subnet can be routed.

  2. If the above two subnets are routed through different routers, because the router's routing table is independent, both subnets can be routed.

Here is just a brief explanation, we will analyze this scenario in detail in the following three-layer routing chapter.

3. Port

port can be regarded as a port on the virtual switch. The MAC address and IP address are defined on the port. When the instance's virtual network card VIF (Virtual Interface) is bound to the port, the port will assign the MAC and IP to the VIF.

Port and subnet have a one-to-many relationship. A port must belong to a subnet; a subnet can have multiple ports.

4. Section

The following summarizes the relationship between Project, Network, Subnet, Port and VIF.

Project 1 : m Network 1 : m Subnet 1 : m Port 1 : 1 VIF m : 1 Instance

King Furi
Published 59 original articles · 21 praises · 20,000+ views
Private letter concerns

Guess you like

Origin blog.csdn.net/tony_vip/article/details/104400482
Recommended
微软回应中国区AI团队“打包赴美”传闻
Ranking
How to use ChatGPT to write 100,000+ hot articles for public accounts (includes prompt words)
sudo echo command execution Permission denied
ADO: Using Transactions to Operate Oracle Database
[Java] [Class and Object] equals, hashCode, clone methods
Linux virtual host function
Порт управления rabbitmq открыт
on,where
jQuery WeUI
How can there be a weed pilot in Hangzhou?
tcp / ip model four
Daily
More
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)

Code World

© 2018 codetd.com