Open Stack

Yes, I think of it as:

A provider network in OpenStack is simply a record specifying the necessary details of the underlying infrastructure so that OpenStack can utilize it. The actual networking services (layer 2 and 3 forwarding, for example) are provided by the infrastructure and configured independently.

John

> On Jan 19, 2016, at 4:32 AM, Neil Jerram <Neil.Jerram at metaswitch.com> wrote:
> 
> On 19/01/16 07:36, Andreas Scheuring wrote:
>> Hi everybody, 
>> 
>> I stumbled over a definition that explains the difference between a
>> Provider network and a self service network. [1] 
> 
> I've also spent time trying to understand this, so am happy to offer
> that understanding here (for checking?)...
> 
> I believe the _definition_ of a 'provider' network is that it is a
> network provisioned by the cloud operator - as opposed to 'tenant'
> networks that are provisioned by non-admin tenants aka users aka projects.
> 
> (I've not seen the term 'Self service' before, but presumably it means
> what I'm calling 'tenant'.
> 
> Corollaries - but not strictly part of the definition - are that:
> 
> - Provider networks typically 'map more closely' in some sense onto the
> cloud's underlying physical network than tenant networks do.  The
> 'provider' API extension - which is usually limited by policy to
> operators only, and hence can only be used with provider networks -
> allows the operator to specify that mapping, for example which VLAN to
> map on to.  Tenant networks are typically implemented with additional
> layers of encapsulation, in comparison with provider networks, in order
> to allow many tenant networks to coexist on the same compute hosts and
> yet be isolatable from each other.
> 
> - Provider networks typically use the real IP address space, whereas
> tenant networks typically use private IP address space so that multiple
> tenant networks can use the same IP addresses.
> 
> The network that is on the external side of a Neutron Router has its
> router:external property True, and also has to be a provider network. 
> Floating IPs come from a subnet that is associated with that provider
> network.
> 
> It's possible to attach VMs directly to a provider network, as well as
> to tenant networks.
> 
>> 
>> To summarize it says:
>> - Provider Network: primarily uses layer2 services
> 
> I don't know what this means.  All networks have a layer 2 somewhere.
> 
>> and vlan segmentation
> 
> Yes, but they don't have to.  A provider network can be 'flat', which
> means that its VM interfaces are bridged onto one of the physical
> interfaces of the compute host (and it is assumed that all hosts'
> physical interfaces are themselves bridged together).  So then any VLAN
> that a VM used would be trunked through the physical network.
> 
>> and cannot be used for advanced services (fwaas,..)
> 
> (I didn't know that, but OK.)
> 
>> - Self-service Network: is Neutron configured to use a overlay network
> 
> Grammar?
> 
>> and supports advanced services (fwaas,..)
>> 
>> 
>> But my understanding is more like this:
>> - Provider Network: The Openstack user needs information about the
>> underlying network infrastructure to create a virtual network that
>> exactly matches this infrastructure. 
> 
> Agreed, if s/user/operator/ and s/virtual//.  OpenStack _users_ cannot
> create provider networks, and I wouldn't call a provider network 'virtual'.
> 
> 
>> 
>> - Self service network: The Openstack user can create virtual networks
>> without knowledge about the underlaying infrastructure on the data
>> network. This can also include vlan networks, if the l2 plugin/agent was
>> configured accordingly.
> 
> Agreed.
>> 
>> 
>> Did the meaning of a provider network change in the meantime, or is my
>> understanding just wrong?
>> 
>> Thanks!
>> 
>> 
>> 
>> 
>> [1]
>> http://docs.openstack.org/liberty/install-guide-rdo/overview.html#id4
>> 
>> 
> 
> 
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev