Join us for a virtual Nutanix User Group meeting with Jarian Gibson as he covers Nutanix Cloud Clusters (NC2) on Azure and AWS with Citrix. <\/span><\/p>

Jarian will take a deep dive into NC2 on Azure architecture and Citrix on NC2 on Azure\u00a0that helps you strengthen your business continuity and disaster recovery position. He\u2019ll also provide the latest updates for NC2 on AWS.<\/span><\/p>

Plus, we're\u00a0giving away a Nutanix suitcase to one lucky winner!\u00a0Opt-in when you register\u00a0to be entered to win.\u00a0<\/p>","author":{"id":113632,"url":"\/members\/karlie-beil-113632","name":"Karlie Beil","avatar":"https:\/\/uploads-us-west-2.insided.com\/nutanix-us\/icon\/200x200\/1581aab3-bcf6-49f4-b2fb-3d11e8c010dc.png","userTitle":"Community Manager","rank":{"isBold":false,"isItalic":false,"isUnderline":false,"name":"Community Manager","color":"#0873ba"},"userLevel":4},"type":"Webinar","url":"https:\/\/next.nutanix.com\/events\/global-nug-nc2-on-azure-and-aws-with-citrix-151","image":"https:\/\/uploads-us-west-2.insided.com\/nutanix-us\/attachment\/f9693b5b-436b-427a-9b98-531b4040ff24_thumb.png","location":"","startsAt":1678298400,"endsAt":1678302000,"contentType":"event","attendees":[],"attendeeCount":0,"isLoggedInUserAttendee":false,"createdAt":"1675974969"},"phrases":{"Forum":{"{n} year|{n} years":"{n} year|{n} years","{n} month|{n} months":"{n} month|{n} months","{n} day|{n} days":"{n} day|{n} days","{n} hour|{n} hours":"{n} hour|{n} hours","{n} minute|{n} minutes":"{n} minute|{n} minutes","just":"just now","{plural} ago":"{plural} ago"}}}">

问题

网络 - BR0- VLAN标记

  • 2021年9月16日
  • 1回复
  • 668次观看
m

你好,

我是OVS和AHV配置的新手,并且有一个网络问题。我一直在阅读有关网络的文档,但仍不清楚一两个问题。

情况:我正在绘制步骤,为服务器环境创建DMZ区域。我的防火墙将配置为DMZ端口,并标记为VLAN,公共IP将在DMZ区域内到服务器,ACLS将控制流量可以投放的。这将通过Lay 3开关通过VLAN标记的端口进行路由。上面提到的服务器将在我的Nutanix群集上,并且需要与同一DMZ/VLAN中的1-4个其他Nutanix VM进行通信。

问题:

如果我使用VLAN标记创建一个“网络”,并将其应用于所有有问题的DMZ服务器,这是否会使我的DMZ流量与所有受信任的流量分开?

如果没有,我是否需要配置新的桥梁以使该网络流量与其他网络分开?

我关心的是,因为所有流量都被路由到我的开关上的同一中继端口,以访问10GB端口,并且所有流量都在流动的BR0流动,实际上可能不会被隔离。希望从那以后。

Hello,<\/p>

I am new to ovs and AHV configurations in general and have a networking question. I have been reading through the documentation on networking and still am not clear on a question or two.<\/p>

Situation: I am mapping out steps to create a DMZ zone for my server environment. My firewall will be configured with a DMZ port and vlan tagged, public IP will NAT to server in DMZ zone, and ACLs will control what traffic can get threw. This will be routed through vlan tagged ports via lay 3 switch to my Nutanix cluster. The server mentioned above will be on my Nutanix cluster and will need to communicate with with 1-4 other Nutanix VMs in the same DMZ\/vlan.<\/p>

Questions:\u00a0<\/p>

If I create a \"network\" in Prism with vlan tagging and apply it to all \u00a0DMZ servers in question, will this keep my DMZ traffic separated from all trusted traffic?<\/p>

If not, do I need to configure a new bridge to keep this network traffic separate from my other networks?\u00a0<\/p>

My concern is because all traffic is being routed to the same trunk ports on my switch to access the 10gb ports and all traffic is flowing throw br0 that it\u00a0might not actually be segregated. Hopefully that makes since.\u00a0<\/p>","quoteUsername":"Michael1605","translations":{"Common":{"like":"Like","unlike":"Unlike"},"Forum":{"Quote":"Quote","Share":"Share"}}}">

1回复

Michael.Manuele
秩
UserLevel 2
徽章 +4

你好 @Michael1605,,,,

请查看以下最佳实践指南。它讨论了与Nutanix联网的所有事物。让我知道您是否在阅读本文后仍然有疑问。

https://portal.nutanix.com/page/documents/solutions/details?targetId=bp-2071-ahv-networking:bp-2071-ahv-networking

麦克风

Hi @Michael1605<\/user-mention>,<\/p>

\u00a0<\/p>

Please take a look at this following best practice guide.\u00a0 It discusses all things networking with Nutanix.\u00a0 Let me know if you still have questions after reading through this.\u00a0\u00a0<\/p>

\u00a0<\/p>

https:\/\/portal.nutanix.com\/page\/documents\/solutions\/details?targetId=BP-2071-AHV-Networking:BP-2071-AHV-Networking<\/a><\/p>

\u00a0<\/p>

Mike<\/p>","quoteUsername":"Michael.Manuele","translations":{"Common":{"like":"Like","unlike":"Unlike"},"Forum":{"Quote":"Quote","Share":"Share"}}}">

回复


条款和条件
Learn more about our cookies.<\/a>","cookiepolicy.button":"Accept cookies","cookiepolicy.button.deny":"Deny all","cookiepolicy.link":"Cookie settings","cookiepolicy.modal.title":"Cookie settings","cookiepolicy.modal.content":"We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.<\/a>","cookiepolicy.modal.level1":"Basic
Functional","cookiepolicy.modal.level2":"Normal
Functional + analytics","cookiepolicy.modal.level3":"Complete
Functional + analytics + social media + embedded videos"}}}">
Baidu