Configuring the service network for cloud tenant networks

Owned by MS (Unlicensed)
Jan 17, 2023
3 min read



Abiquo virtual networking scenario

The service network is a VLAN network that includes the following virtual network types:

  • Private networks within the virtual datacenter

  • External networks belonging to enterprises that allow access to networks outside the virtual datacenter

  • Unmanaged networks belonging to enterprises that are assigned IP addresses outside the Abiquo environment

  • Public networks using public IP addresses for VMs

VMs on internal private networks can only communicate within the virtual datacenter. A virtual gateway can be used for communication outside the virtual datacenter. VMs on public, external and unmanaged networks can communicate outside the virtual datacenter. For each external, public, and unmanaged network, the Network Administrator should assign VLAN tags and the Cloud Admin should enter them into Abiquo.



How Abiquo manages the service network

Abiquo can manage the service network with standard networking or software defined networking (SDN).

In standard networking, Abiquo manages virtual networks as separate VLANs. The Network Administrator configures VLANs in the top-of-rack switches. When the Cloud Admin creates racks, they enter the VLAN range for private networks on the rack. When the Cloud Admin creates external, unmanaged, or public networks, they enter the VLAN tag for each network.

When a user deploys a VM, Abiquo generates a unique MAC address and binds it to an IP from the appropriate subnet and assigns it to the appropriate VLAN.

Abiquo can use the following options to assign the network:

  • ISC DHCP Servers: Abiquo can remotely manage ISC DHCP Servers, so the DHCP server will always lease the right IP to the MAC address on a VM.

    • The Network Administrator configures the DHCP server or relay server so that it listens to VLANs and can be reached over a network from the VMs (on the service network) so they can obtain the IP leases

    • Abiquo recommends the use of a DHCP relay server to provide VLAN support. See Configuring DHCP in the Administrator's Guide for information about how Abiquo uses DHCP

  • Guest setup: Abiquo can inject the network connection into a VM using cloud-init or hypervisor tools, which requires templates that support these methods. Abiquo will use this option if the DHCP server is not found

Abiquo also has integrations with VMware NSX-T system to offer SDN services.



Configure the service network in the switches

Do these steps for the following hardware to configure the service network.

  • Top-of-rack switch

    1. Configure all ports in trunk mode 

    2. Configure one port in access mode for each public VLAN ID for each hypervisor

      1. In Abiquo, create a public VLAN with each public VLAN tag

    3. For each external/unmanaged VLAN, configure one port in access mode with the corresponding VLAN IDs for each hypervisor

      1. In Abiquo, the Cloud Admin will create external/unmanaged VLANs and/or reserve tags for future requirements

        • Abiquo recommends that you exclude the tags for external/public/unmanaged networks from the VLAN ranges for private networks of each rack

  • Hypervisor hosts

    1. Every hypervisor in the rack is connected to an 802.1Q trunk port in the top-of-rack switch. All VMs created in the hypervisors will have virtual NICs connected to virtual switches.

    2. Abiquo supports distributed virtual switches and virtual switches. 

    3. With each network interface on the hypervisor that is connected to a top-of-rack switch trunk port, connect to a virtual switch. 

    4. Abiquo will create the VLANs/VNICs in the virtual switches.

  • DHCP server

    1. Connect the DHCP server (Abiquo Server) to an 802.1Q trunk port in the top-of-rack switch. 

    2. This is a requirement unless you are using guest setup or only using unmanaged networks. See Configuring DHCP

    3. When you configure the DHCP Relay Server (or DHCP Server) that is providing VLAN support, for each VLAN you will need to supply one IP address on the service network but outside of the virtual datacenter range



Default private network configuration

By default, each default private network will have its own VLAN but it will use the same IP address range. This means every customer can create their own network (VLAN) with network address 192.168.0.0/24. Network administrators should be aware of this default configuration. For example:


Private network IP ranges

Enterprise/Customer 1 -> VirtualDC 1 Network C1 -> 192.168.0.0/24, will be in VLAN5 Enterprise/Customer 2 -> VirtualDC 2 Network C2 -> 192.168.0.0/24, will be in VLAN8


Related topics

Copyright © 2006-2024, Abiquo Holdings SL. All rights reserved