VMware Networking Community
TheVMinator
Expert
Expert

DLR and multitenancy

I have two tenants, both with their own DLR.  Is it possible to configure a route to pass traffic directly between two DLR's, without going to my ESG?

Reply
0 Kudos
2 Replies
larsonm
VMware Employee
VMware Employee

It is generally forbidden to connect more than one DLR instance to the same VXLAN segment, so there should never be an opportunity for a DLR to send traffic directly to another DLR.  Page 73 of the design guide shows this as being unsupported.

Unsupported.JPG

The recommended design that should be used to accomplish your stated goal of having two tenants would be to use the design referenced on page 72 of the design guide, which I have posted below:

Supported.JPG

A smaller scale version of of the above design would be this, which is probably more up your alley:

Supported2.JPG

TheVMinator
Expert
Expert

OK great info.  Just to clarify - is it possible by human error, to accidentally connect two dlr instances to the same vxlan segment, and create a situation where vms from different tenants that shouldn't talk, now do talk?

Reply
0 Kudos