en-US/basic-adv-networking.xml - cloudstack-docs - Git at Google

 <?xml version='1.0' encoding='utf-8' ?>
 <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
 <!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
 %BOOK_ENTITIES;
 ]>
 <!-- Licensed to the Apache Software Foundation (ASF) under one
   or more contributor license agreements.  See the NOTICE file
   distributed with this work for additional information
   regarding copyright ownership.  The ASF licenses this file
   to you under the Apache License, Version 2.0 (the
   "License"); you may not use this file except in compliance
   with the License.  You may obtain a copy of the License at
   http://www.apache.org/licenses/LICENSE-2.0
   Unless required by applicable law or agreed to in writing,
   software distributed under the License is distributed on an
   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
   KIND, either express or implied.  See the License for the
   specific language governing permissions and limitations
   under the License.
 -->
 <section id="basic-adv-networking">
   <title>Basic and Advanced Networking</title>
   <para>&PRODUCT; provides two styles of networking:.</para>
   <formalpara>
     <title>Basic</title>
     <para>For AWS-style networking. Provides a single network where guest isolation can be provided
       through layer-3 means such as security groups (IP address source filtering). </para>
   </formalpara>
   <formalpara>
     <title>Advanced</title>
     <para>For more sophisticated network topologies. This network model provides the most
       flexibility in defining guest networks, but requires more configuration steps than basic
       networking.</para>
   </formalpara>
   <para>Each zone has either basic or advanced networking. Once the choice of networking model for a
     zone has been made and configured in &PRODUCT;, it can not be changed. A zone is either
     basic or advanced for its entire lifetime.</para>
   <para>The following table compares the networking features in the two networking models.</para>
   <informaltable>
     <tgroup cols="3" align="left" colsep="1" rowsep="1">
       <thead>
         <row>
           <entry><para>Networking Feature</para></entry>
           <entry><para>Basic Network</para></entry>
           <entry><para>Advanced Network</para></entry>
         </row>
       </thead>
       <tbody>
         <row>
           <entry><para>Number of networks</para></entry>
           <entry><para>Single network</para></entry>
           <entry><para>Multiple networks</para></entry>
         </row>
         <row>
           <entry><para>Firewall type</para></entry>
           <entry><para>Physical</para></entry>
           <entry><para>Physical and Virtual</para></entry>
         </row>
         <row>
           <entry><para>Load balancer</para></entry>
           <entry><para>Physical</para></entry>
           <entry><para>Physical and Virtual</para></entry>
         </row>
         <row>
           <entry><para>Isolation type</para></entry>
           <entry><para>Layer 3</para></entry>
           <entry><para>Layer 2 and Layer 3</para></entry>
         </row>
         <row>
           <entry><para>VPN support</para></entry>
           <entry><para>No</para></entry>
           <entry><para>Yes</para></entry>
         </row>
         <row>
           <entry><para>Port forwarding</para></entry>
           <entry><para>Physical</para></entry>
           <entry><para>Physical and Virtual</para></entry>
         </row>
         <row>
           <entry><para>1:1 NAT</para></entry>
           <entry><para>Physical</para></entry>
           <entry><para>Physical and Virtual</para></entry>
         </row>
         <row>
           <entry><para>Source NAT</para></entry>
           <entry><para>No</para></entry>
           <entry><para>Physical and Virtual</para></entry>
         </row>
         <row>
           <entry><para>Userdata</para></entry>
           <entry><para>Yes</para></entry>
           <entry><para>Yes</para></entry>
         </row>
         <row>
           <entry><para>Network usage monitoring</para></entry>
           <entry><para>sFlow / netFlow at physical router</para></entry>
           <entry><para>Hypervisor and Virtual Router</para></entry>
         </row>
         <row>
           <entry><para>DNS and DHCP</para></entry>
           <entry><para>Yes</para></entry>
           <entry><para>Yes</para></entry>
         </row>
       </tbody>
     </tgroup>
   </informaltable>
   <para>The two types of networking may be in use in the same cloud. However, a given zone must use
     either Basic Networking or Advanced Networking.</para>
   <para>Different types of network traffic can be segmented on the same physical network. Guest
     traffic can also be segmented by account. To isolate traffic, you can use separate VLANs. If you
     are using separate VLANs on a single physical network, make sure the VLAN tags are in separate
     numerical ranges.</para>
 </section>
	<?xml version='1.0' encoding='utf-8' ?>
	<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
	<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
	%BOOK_ENTITIES;
	]>
	<!-- Licensed to the Apache Software Foundation (ASF) under one
	or more contributor license agreements. See the NOTICE file
	distributed with this work for additional information
	regarding copyright ownership. The ASF licenses this file
	to you under the Apache License, Version 2.0 (the
	"License"); you may not use this file except in compliance
	with the License. You may obtain a copy of the License at
	http://www.apache.org/licenses/LICENSE-2.0
	Unless required by applicable law or agreed to in writing,
	software distributed under the License is distributed on an
	"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	KIND, either express or implied. See the License for the
	specific language governing permissions and limitations
	under the License.
	-->
	<section id="basic-adv-networking">
	<title>Basic and Advanced Networking</title>
	<para>&PRODUCT; provides two styles of networking:.</para>
	<formalpara>
	<title>Basic</title>
	<para>For AWS-style networking. Provides a single network where guest isolation can be provided
	through layer-3 means such as security groups (IP address source filtering). </para>
	</formalpara>
	<formalpara>
	<title>Advanced</title>
	<para>For more sophisticated network topologies. This network model provides the most
	flexibility in defining guest networks, but requires more configuration steps than basic
	networking.</para>
	</formalpara>
	<para>Each zone has either basic or advanced networking. Once the choice of networking model for a
	zone has been made and configured in &PRODUCT;, it can not be changed. A zone is either
	basic or advanced for its entire lifetime.</para>
	<para>The following table compares the networking features in the two networking models.</para>
	<informaltable>
	<tgroup cols="3" align="left" colsep="1" rowsep="1">
	<thead>
	<row>
	<entry><para>Networking Feature</para></entry>
	<entry><para>Basic Network</para></entry>
	<entry><para>Advanced Network</para></entry>
	</row>
	</thead>
	<tbody>
	<row>
	<entry><para>Number of networks</para></entry>
	<entry><para>Single network</para></entry>
	<entry><para>Multiple networks</para></entry>
	</row>
	<row>
	<entry><para>Firewall type</para></entry>
	<entry><para>Physical</para></entry>
	<entry><para>Physical and Virtual</para></entry>
	</row>
	<row>
	<entry><para>Load balancer</para></entry>
	<entry><para>Physical</para></entry>
	<entry><para>Physical and Virtual</para></entry>
	</row>
	<row>
	<entry><para>Isolation type</para></entry>
	<entry><para>Layer 3</para></entry>
	<entry><para>Layer 2 and Layer 3</para></entry>
	</row>
	<row>
	<entry><para>VPN support</para></entry>
	<entry><para>No</para></entry>
	<entry><para>Yes</para></entry>
	</row>
	<row>
	<entry><para>Port forwarding</para></entry>
	<entry><para>Physical</para></entry>
	<entry><para>Physical and Virtual</para></entry>
	</row>
	<row>
	<entry><para>1:1 NAT</para></entry>
	<entry><para>Physical</para></entry>
	<entry><para>Physical and Virtual</para></entry>
	</row>
	<row>
	<entry><para>Source NAT</para></entry>
	<entry><para>No</para></entry>
	<entry><para>Physical and Virtual</para></entry>
	</row>
	<row>
	<entry><para>Userdata</para></entry>
	<entry><para>Yes</para></entry>
	<entry><para>Yes</para></entry>
	</row>
	<row>
	<entry><para>Network usage monitoring</para></entry>
	<entry><para>sFlow / netFlow at physical router</para></entry>
	<entry><para>Hypervisor and Virtual Router</para></entry>
	</row>
	<row>
	<entry><para>DNS and DHCP</para></entry>
	<entry><para>Yes</para></entry>
	<entry><para>Yes</para></entry>
	</row>
	</tbody>
	</tgroup>
	</informaltable>
	<para>The two types of networking may be in use in the same cloud. However, a given zone must use
	either Basic Networking or Advanced Networking.</para>
	<para>Different types of network traffic can be segmented on the same physical network. Guest
	traffic can also be segmented by account. To isolate traffic, you can use separate VLANs. If you
	are using separate VLANs on a single physical network, make sure the VLAN tags are in separate
	numerical ranges.</para>
	</section>