'Re: [Xen-users] MAC address management (and a guy with poor math'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       xen-users
Subject:    Re: [Xen-users] MAC address management (and a guy with poor math
From:       Nico Kadel-Garcia <nkadel () gmail ! com>
Date:       2007-03-30 22:12:58
Message-ID: 460D8B6A.4000307 () gmail ! com
[Download RAW message or body]

Luke S. Crawford wrote:
>
> I'm in a situation where I'm on a _very_ large layer two, and I'm 
> running rather a lot of xen boxes.  (why are corporations so afraid of 
> routing, anyhow?  layer 3 is so much easier to debug than layer 2)
>
> Anyhow, the problem is essentially that I am afraid of MAC conflicts 
> if I use the xen MAC autogeneration;  we are talking about thousands 
> of  DomUs on the same broadcast domain.
>
Assign each Xen *server* a MAC address range, and incorporate it into 
their MAC addresses. Server 1 gets the last four digits of 01:00 thorugh 
01:FF, server two gets 02:00 through 02:FF, etc. That allows you plenty 
of addresses for each Xen environment, and a meaningful way to look up 
hostnames of Xen servers based on MAC address as well.

Then hardcode both the MAC addresses and the vifnames accordingly, for 
any SNMP resource tracking use.
> What I do at prgmr.com is that we assign all computers a mac address 
> of AA:00:[the ip of the box encoded in hex]  - it works okay because 
> we assign IP addresses via DHCP (we tie the mac to the IP in the DHCP 
> server) the idea being the tech doing the install is alrealdy thinking 
> about the mac.  (and with the dhcp.conf, we have centralized 
> accounting of IP and MAC addresses)
>
> the problem is that in this other environment, we use systemimager, 
> and it would be likely that someone might put a box online before 
> changing the MAC addresses, so we might actually be safer going random.
System images without MAC addresses should wind up in a dedicated DHCP 
"guest" pool, along with other random hardware plugged into the network 
That guest pool should not be allowed access to internal network 
resources until it's properly configured!


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic