VLAN Settings on one Vyos Switch for Multi Tenant

userx · December 4, 2016, 5:01pm

Hey Volks,

background:

ive configured 3 virtuell Environments with MS Directory, DNS and so on … on a Hypervisor.

i wanna to configure three VLANs for these three Environments.

All of them should have access to the internet and intervlan connection shold they also have.

ive to physical connections. one for the Hypervisor management and the other one for the VM Traffic.

what is the easiest way to configure it?

thanks in advice

userx · December 4, 2016, 5:16pm

i meant from the architecture perspective

syncer · December 5, 2016, 1:31pm

Hello,
can you draw some basic diagram to get more understanding?

Not an expert in hyper-v, buy you will have 1 WAN interface and 3 interfaces connected to your environment.

userx · December 5, 2016, 2:45pm

Hello Syncer,

in the att u should see what i need to realize.

T1 stands for Tenant1, T2 for Tenant2 and so on…

all Tenants running on ONE XenServer Host.

All Tenants needs to be isolated from the Neughbor Tenants.

Ive a Vyos free for configuring some Configs for that scenario

All VMs on the XenServer Host are in a Class C Network, the DMZ is Class B Network.

So all Tenants needs to be isolated from each other and need for sure, internet access

(All Tenants have MS AD, DNS and so on) for himself)

Hope thats helps,

Rgds
Kai

syncer · December 6, 2016, 9:36am

If you can permit, use one vyos per tenant, this will be much easier to manage, and more flexible.

userx · December 6, 2016, 9:39pm

one Vyos for a tenant? i think this will be more complexiv, also from the deployment side, or not?

syncer · December 7, 2016, 12:26am

Well it depends
if you not plan to add tenants and existing tenants have relatively simple configs, maybe you right,
in other case, you will end up with complex config which with time will became something hard to manage.

userx · December 7, 2016, 8:31am

ok, but i wanna to plan more the three tenants in the feature. iam planning a virtualized Multi Tenant Environmet, like Hosting Provider (Microsoft SPLA)

your solution sounds, like the “easiest” way to realize that, is to plan one seperate Switch for one tenant, correct?

16again · December 7, 2016, 5:21pm

Instead of multiple switches, you can also use VLANs on a hyperV virtual network
Since the 3 tenants need inter-VLAN communications, a single vyos instance is the way to go.

For further tenants use their own vyos instance, so you don’t run into trouble with overlapping internal IP addresses