cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rafael del Valle <rva...@privaz.io.INVALID>
Subject Re: VPC and Public IP addresses
Date Tue, 18 Aug 2020 05:20:18 GMT
Andrija,

I guess Load Balancing can be done from a private IP. So, that functionality is less critical.

Then the main thing would be that SourceNat and Port Forwarding could be used from the same
public IP.

I guess this can be seen as supporting multiple purposes per IP, or perhaps  to create a new
purpose for the combined functionality. 

I would be happy to contribute to make it possible.

Do you think it would be an interesting feature? is anybody working on something like this?

Rafael

On Mon, 2020-08-17 07:52 PM, Andrija Panic <andrija.panic@gmail.com> wrote:
> Yes, you would need 3 separate IPs.
> 
> On Mon, 17 Aug 2020 at 16:17, Rafael del Valle " target="_blank"><rvalle@privaz.io.invalid>
> wrote:
> 
> > Hi!
> >
> > I am experimenting with VPCs and it is very exciting, powerful and easy to
> > manage.
> >
> > We want to implement a bunch of VPCs for independent projects/customers.
> >
> > I will be great to have independent environment that each project can
> > manage without interference.
> >
> > Each of them typically implements Load Balancer for Provided Web services,
> > perhaps a few ports forwarded, and some services being allowed to access
> > internet (source nat), for example a Web Proxy.
> >
> > I am reviewing the documentation and testing and I see this:
> >
> > A public IP can be used for only one purpose at a time. If the IP is
> > a sourceNAT, it cannot be used for StaticNAT or port forwarding.​
> >
> > Port Forwarding, LBS and SourceNat we can typically do from the same IP,
> > with some obvious limitations such as not LBSing and Forwarding the same
> > port.
> >
> >
> >
> > Our Original plan is to dedicate 1 public ip per VPC/project.
> >
> >
> >
> > As it looks in the documentation we would need 3x IPs, is that correct?
> >
> >
> > Is there a way to workaround this?
> >
> > Rafael
> >
> >
> >
> >
> >
> >
> >
> 
> --
> 
> Andrija Panić
> 
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message