<div dir="ltr">Hi,<div>That is an example only, if you don't need provider network, you would like to use only overlay networks like geneve, you can use only the suggested 2 interfaces, one for management and one for traffic.</div><div><br></div><div>Lajos Katona (lajoskatona)</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">박경원 <<a href="mailto:park0kyung0won@dgist.ac.kr">park0kyung0won@dgist.ac.kr</a>> ezt írta (időpont: 2022. ápr. 8., P, 7:07):<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><p><img src="https://mail.dgist.ac.kr:443/mail/dsn/KY1hE+F6LmViChTUom0THvRkMx3j1ArcH59VxnuwcCXFlWGgf8rBzH34k9WKIYujAXTrUzalEpX5yJ6ULEmaKKZsRIhg" border="0"></p>
<div style="font-family:none;font-size:11pt"><p><span style="font-size:11pt;font-family:Gulim,굴림,AppleGothic,sans-serif">Hello everyone</span></p><p><span style="color:rgb(26,26,27);font-family:"Noto Sans",Arial,sans-serif;font-size:14px"><span style="font-size:11pt;font-family:Gulim,굴림,AppleGothic,sans-serif">I'm trying to setup</span><span style="font-size:11pt;font-family:Gulim,굴림,AppleGothic,sans-serif"> openstack cluster with openvswitch, </span><span style="font-size:11pt;font-family:Gulim,굴림,AppleGothic,sans-serif">following the guide in link below</span></span><br></p><p><a href="https://docs.openstack.org/neutron/yoga/admin/deploy-ovs-selfservice.html" rel="noopener noreferrer" style="margin:0px;padding:0px;border:0px;font-variant-numeric:inherit;font-variant-east-asian:inherit;font-stretch:inherit;font-size:14px;line-height:inherit;font-family:"Noto Sans",Arial,sans-serif;vertical-align:baseline;text-decoration-line:underline" target="_blank"><span style="font-size:11pt;font-family:Gulim,굴림,AppleGothic,sans-serif">https://docs.openstack.org/neutron/yoga/admin/deploy-ovs-selfservice.html</span></a><span style="color:rgb(26,26,27);font-family:"Noto Sans",Arial,sans-serif;font-size:14px"><br></span></p><p><br></p><p style="padding-top:0.8em;padding-bottom:0.25em;border:0px;font-variant-numeric:inherit;font-variant-east-asian:inherit;font-stretch:inherit;font-size:14px;line-height:inherit;font-family:"Noto Sans",Arial,sans-serif;vertical-align:baseline;color:rgb(26,26,27)"><span style="font-size:11pt;font-family:Gulim,굴림,AppleGothic,sans-serif">Diagram in the link above states that compute nodes should have three interfaces(management, overlay and provider)</span></p><p style="padding-top:0.8em;padding-bottom:0.25em;border:0px;font-variant-numeric:inherit;font-variant-east-asian:inherit;font-stretch:inherit;font-size:14px;line-height:inherit;font-family:"Noto Sans",Arial,sans-serif;vertical-align:baseline;color:rgb(26,26,27)"><span style="font-family:Gulim,굴림,AppleGothic,sans-serif;font-size:11pt">My question is, do I really need separated management network and overlay network? (I only have two switches)</span></p><p style="padding-top:0.8em;padding-bottom:0.25em;border:0px;font-variant-numeric:inherit;font-variant-east-asian:inherit;font-stretch:inherit;font-size:14px;line-height:inherit;font-family:"Noto Sans",Arial,sans-serif;vertical-align:baseline;color:rgb(26,26,27)"><span style="font-size:11pt;font-family:Gulim,굴림,AppleGothic,sans-serif">It seems like overlay traffic between VMs in virtual network are encapsulated with GENEVE, will not escape to management network.</span></p><p style="padding-top:0.8em;padding-bottom:0.25em;border:0px;font-variant-numeric:inherit;font-variant-east-asian:inherit;font-stretch:inherit;font-size:14px;line-height:inherit;font-family:"Noto Sans",Arial,sans-serif;vertical-align:baseline;color:rgb(26,26,27)"><span style="font-size:11pt;font-family:Gulim,굴림,AppleGothic,sans-serif">Is there any possible security risk of using the same network for both overlay and management? (not performance concerns but security)</span></p><p style="padding-top:0.8em;padding-bottom:0.25em;border:0px;font-variant-numeric:inherit;font-variant-east-asian:inherit;font-stretch:inherit;font-size:14px;line-height:inherit;font-family:"Noto Sans",Arial,sans-serif;vertical-align:baseline;color:rgb(26,26,27)"><br></p><p style="padding-top:0.8em;padding-bottom:0.25em;border:0px;font-variant-numeric:inherit;font-variant-east-asian:inherit;font-stretch:inherit;font-size:14px;line-height:inherit;font-family:"Noto Sans",Arial,sans-serif;vertical-align:baseline;color:rgb(26,26,27)"><span style="font-size:11pt;font-family:Gulim,굴림,AppleGothic,sans-serif">Thank you in advance!</span></p></div>



</blockquote></div>