Citrix Systems 4.2 3.8.5. Advanced Zone Public IP Addresses, 3.8.6. System Reserved IP Addresses

Advanced Zone Public IP Addresses

3.8.5. Advanced Zone Public IP Addresses

When advanced networking is used, the administrator can create additional networks for use by the

guests. These networks can span the zone and be available to all accounts, or they can be scoped

to a single account, in which case only the named account may create guests that attach to these

networks. The networks are defined by a VLAN ID, IP range, and gateway. The administrator may

provision thousands of these networks if desired.

3.8.6. System Reserved IP Addresses

In each zone, you need to configure a range of reserved IP addresses for the management network.

This network carries communication between the CloudPlatform Management Server and various

system VMs, such as Secondary Storage VMs, Console Proxy VMs, and DHCP.

The reserved IP addresses must be unique across the cloud. You cannot, for example, have a host in

one zone which has the same private IP address as a host in another zone.

The hosts in a pod are assigned private IP addresses. These are typically RFC1918 addresses. The

Console Proxy and Secondary Storage system VMs are also allocated private IP addresses in the

CIDR of the pod that they are created in.

Make sure computing servers and Management Servers use IP addresses outside of the System

Reserved IP range. For example, suppose the System Reserved IP range starts at 192.168.154.2 and

ends at 192.168.154.7. CloudPlatform can use .2 to .7 for System VMs. This leaves the rest of the pod

CIDR, from .8 to .254, for the Management Server and hypervisor hosts.

In all zones:

Provide private IPs for the system in each pod and provision them in CloudPlatform.

For KVM and XenServer, the recommended number of private IPs per pod is one per host. If you

expect a pod to grow, add enough private IPs now to accommodate the growth.

In a zone that uses advanced networking:

When advanced networking is being used, the number of private IP addresses available in each pod

varies depending on which hypervisor is running on the nodes in that pod. Citrix XenServer and KVM

use link-local addresses, which in theory provide more than 65,000 private IP addresses within the

address block. As the pod grows over time, this should be more than enough for any reasonable

number of hosts as well as IP addresses for guest virtual routers. VMWare ESXi, by contrast uses

any administrator-specified subnetting scheme, and the typical administrator provides only 255 IPs

per pod. Since these are shared by physical machines, the guest virtual router, and other entities, it is

possible to run out of private IPs when scaling up a pod whose nodes are running ESXi.

To ensure adequate headroom to scale private IP space in an ESXi pod that uses advanced

networking, use one or more of the following techniques:

• Specify a larger CIDR block for the subnet. A subnet mask with a /20 suffix will provide more than

4,000 IP addresses.

• Create multiple pods, each with its own subnet. For example, if you create 10 pods and each pod

has 255 IPs, this will provide 2,550 IP addresses.

For vSphere with advanced networking, we recommend provisioning enough private IPs for your total

number of customers, plus enough for the required CloudPlatform System VMs. Typically, about 10

additional IPs are required for the System VMs. For more information about System VMs, see Working

with System Virtual Machines in the Administrator's Guide.