5

I'd have a network like this currently. Basically, It's two Xenservers connected to our colocation provider's switch via one ethernet cable per server. Each server currently has a second ethernet card which storage is attached to (iSCSI). Each of the VMs (and Xen hosts) have a public IP. All the VMs communicate with each other via their public IP.

Current

What I'd like to setup is a situation like this where each VM has at least a private address and only public facing servers would have a public IP. As well, storage would be connected to the switch instead of directly attached. As the private network would be inaccessible to the outside world, I'd like VPN so I can connect to and administer the private network.

Future

That said I don't know very much about networking (in terms of setting this all up)

So the questions are:
1) How do I virtually network multiple VMs (on seperate hosts) together (for the private network)?
2) How do I set up virtual networking in Xen center?
3) would it be preferable to get a switch that supports VLaning and segment the network that way?

I'd be grateful to hear any advice the community has on these matters. Thanks in advance.

edude05
  • 323
  • 2
  • 7
  • 13
  • On question 3: It depends. If one vlanned switch breaks, both the internal and external segments die. On the other hand, vlanning allows you to be more flexible in terms of capacity. Saving rack space might also be an advantage. But, administering a vlan switch takes more knowledge than just plugging cables. The topology of your network can't be figured out by just looking at it (in other words, you need more documentation about your infrastructure) – Wouter de Bie Sep 21 '10 at 06:35
  • My plan is to have different coloured cables for private, public and provider, with a wiring diagram on the inside of the rack door. So it should be easy enough to figure out after awhile. – edude05 Sep 21 '10 at 13:23

2 Answers2

1

There are a few ways to do this, there are a few ways of doing this..

  1. Storage, I recommend putting both XenServers into a POOL; this can be done by creating a pool and identify both XenServers into the POOL.
  2. Your XenServers + external Storage can be on a TOTALLY diff network then your VMs. This is called dom0, an example would be 10.1.1.1 and 10.1.1.2 for your XenServers with your ISCSI (storage) to be lets say 10.1.1.3. Your VMs can have a TOTALLY diff. network say 192.168.1.1 and so forth. There is no need for any worries in terms of your VMs not being able to see your storage as, storage is being assigned when you create your VMs. By doing this you dont even have to expose your XenServer IP address out AT ALL.
  3. IF you were to run multiple NIC you can also split up your networks as well. Suggested reading would be at the Xen Wiki or even XenServer Network Documentation though the XenServer documentation is 4.1 it works on 5.5 or even 5.6

Hope this helps you as to answer your questions 1. yes its possible read up on the documentation. First rule - RTFM 2. RTFM as well its all there 3. yes its possible, but why would you ever want to overwork yourself when the software is more then capable of handling it, unless you want total management of the VLAN in terms of bandwidth management, IP management ( you catch the drift )

For a more updated way to create vLANS on XenServer5.5 or 5.6 - creating VLANS

CChock
  • 156
  • 3
0

1) How do I virtually network multiple VMs (on seperate hosts) together (for the private network)?

You need the XenServer hosts to be connected to the same ethernet network. If you only have access to two NICs, you will need to create VLANs to segregate the traffic. Then you create a virtual network within XenCenter and assign it to all the VMs.

2) How do I set up virtual networking in Xen center?

You'll create a new Network in the pool config. Check XenCenter help/ XS admin guide for details.

3) would it be preferable to get a switch that supports VLaning and segment the network that way?

I don't know a lot about VLANs - but I believe you must do it this way - you have to tag the packets at the switch. XS 5.6 feature pack 1 is supposed to include some functionality to deal with VLAN tags at the hypervisor level.

Jeremy
  • 938
  • 2
  • 7
  • 18