IRAN Community| OpenStack.ir
Agenda:
• Network Topology
• Flat Networking Deployment
• FlatDHCP Networking Deployment
• VLAN Manager Networking Deployment
• FlatDHCP Multi Host with HA Networking Deployment
• Iran OpenStack Community
OpenStack Network Design

Network Topology

Network Topology
• OpenStack Compute with nova-network provides predefined network  
deployment models, each with its own strengths and weaknesses.
• The selection of a network manager changes your network topology, so the  
choice should be made carefully.
• You also have a choice between the tried-and-true legacy nova-network settings  
or the neutron project for OpenStack Networking.

Network Topology
For OpenStack Networking with the neutron project, typical configurations  
are documented with the idea that any setup you can configure with real hardware  
you can recreate with a software-defined equivalent.
Each tenant can contain typical network elements such as routers, and services  
such as DHCP.

Flat Networking Deployment

Flat Networking Deployment
• Strengths:  
- Extremely simple topology 
- No DHCP overhead
• Weaknesses: 
- Requires file injection into the instance to configure network interfaces
• Neutron Equivalent:  
- Configure a single bridge as the integration bridge (br-int)  
- Connect bridge to a physical network interface with the Modular Layer 2 plug-in 
- Uses Open vSwitch by default

FlatDHCP Networking Deployment

• Strengths:  
- Relatively simple to deploy 
- Standard networking 
- Works with all guest operating systems
• Weaknesses: 
- Requires its own DHCP broadcast domain

- Configure DHCP agents and routing agents 
- Network Address Translation (NAT) performed outside of compute nodes  
- Typically on one or more network nodes

VLAN Manager  
Networking Deployment

VLAN Manager Networking Deployment
• Strengths:  
- Each tenant is isolated to its own VLANs
• Weaknesses: 
- More complex to set up 
- Requires its own DHCP broadcast domain 
- Requires many VLANs to be trunked onto a single port 
- Standard VLAN number limitation 
- Switches must support 802.1q VLAN tagging

- Isolated tenant networks implement some form of isolation of layer 2 traffic  
between distinct networks.  
- VLAN tagging is key concept, where traffic is tagged with an ordinal identifier  
for the VLAN. 
- Isolated network implementations may or may not include additional services  
like DHCP, NAT, and routing.
VLAN Manager Networking Deployment

FlatDHCP Multi Host 
with HA Networking Deployment

FlatDHCP MultiHost with HA Networking Deployment
• Strengths:  
- Networking failure is isolated to the VMs running on the a affected hypervisor.  
- DHCP traffic can be isolated within an individual host. 
- Network traffic is distributed to the compute nodes.
• Weaknesses: 
- More complex to set up.  
- Compute nodes typically need IP addresses accessible by external networks.  
- Options must be carefully con gured for live migration to work with networking  
services.

- Configure neutron with multiple DHCP and layer-3 agents.  
- Network nodes are not able to failover to each other, so the controller runs  
networking services, such as DHCP.  
- Compute nodes run the ML2 plug-in with support for agents such as  
Open vSwitch or Linux Bridge.
FlatDHCP MultiHost with HA Networking Deployment

Iran OpenStack Community

Stay in Touch and Join Us:
• Home Page: OpenStack.ir
• Meetup Page: Meetup.com/Iran-OpenStack
• Mailing List: OpenStack-ir@Lists.OpenStack.org
• Twitter: @OpenStackIR , #OpenStackIRAN
• IRC Channel on FreeNode: #OpenStack-ir

Roozbeh Shafiee
Iran OpenStack Community Manager
Roozbeh@OpenStack.ir
OpenStack.ir
Thank You
We need to work together to build a better community

Mastering OpenStack - Episode 14 - Network Design