VMware Cloud Community
benjamin000
Enthusiast
Enthusiast
‎09-04-2017 03:15 AM

OVH vRack & Openstack without NAT

I have been trying to resolve this for 5 months now and have retained a vExpert an NSX guy and a few other Openstack gurus and I have even offered cash but still no one has been able to provide a solution to use VIO with NSX without NAT.

I have since been advised that as all our ESXi hosts are on OVH's vRack we should be able to create VLANS for our public subnets ans create vlan provider networks in VIO so as to not use NAT.

Does anyone use the vRack ? vRack: Create private VLANs for your servers - OVH

I have also found this guide which may be applicable Tenant networks vs. provider networks in the private cloud context - OpenStack Superuser

I just want to see the end of NAT as it is the final thing that I need resolved to be satisfied with the networking setup though 5 months later I am still drawing at straws.

We use NSX 6.3.2 and VIO 3.1 and vSphere 6.0U3

I have attached an  image on the face of it makes sense and is what I am trying achieve

Any guidance would be appreciated as this is doing my head in !! Smiley Happy

Regards Ben McGuire
Preview file
20 KB
Reply
0 Kudos
3 Replies
rpellet
VMware Employee
VMware Employee
‎10-13-2017 09:57 AM

You should take a look at these documents and see if they help.

VMware® NSX for vSphere Network Virtualization Design Guide ver 3.0

VIO4.0&NSX - Network Topologies Configuration Guide

Reply
0 Kudos
lariveework
Contributor
Contributor
‎12-06-2017 07:03 AM

I'm using VIO 4.0 on esxi 6.5 using dediated servers and vrack V3. I use VDS instead of NSX but should provide you with some insight.

the way i use it, pretty much everything passes by the vrack, meaning only thing going throught the public NIC is the public ip of the hosts.

I added ip ranges to the vrack so that they can be used by any device connected to vlan0 ( the trunk one )

I use vlan for the vsan traffic and the management (vcenter, VIO etc...). I added a 2nd vmkernel nic to my hosts linked to the vrack vswitch

In neutron, I added one of my additional subnet. Vm are provisioned with one of those ips and are acessing public net directly.

I don't think public IP can be routed to use a vlan in vRack, but only trunk.

                                                   ADDON IP RANGE
                                                         +
                     +---------------+                   +---> vRACK
                     |               |                           +
                     |   esxi hosts  |                           |
                     +---------------+                           |
        pub IP------+pubNic         vrackNic <-------------------+
                                        +
                                        |
                                        +--->VDS-DistributedPG
                                               +
                                               +---> vSan  (vlan)
                                               |
                                               +-----> management  (vlan)
                                               |
                                               +-------> VIO API   vlan0/trunk
Reply
0 Kudos
benjamin000
Enthusiast
Enthusiast
‎12-09-2017 04:26 PM

Hello and thanks for your insight.

From what you state we have the exact same setup however we use NSX.

We also run all traffic through the vRack however I am hoping that when you state that you connect using the public net directly are you saying that you do not use NAT ?

Initially we spent many months figuring out a way to assign public IPs directly to the VM interfaces however we never did come up with a solution so we have been stuck with NAT all these years.

I am interested to hear if you assign IPs directly ot your VMs and so further details on how you accomplished this.

Regards Ben McGuire
Reply
0 Kudos