Optimize THE PVE multicast cluster communication

C

cesarpk

Well-Known Member
Mar 31, 2012
770
3
58
Hi to all

Can somebody help me with these doubts?

I don't know how do a optimization of the PVE cluster communication in multicast mode.

Ie, if i have in my LAN several PVE Nodes in Cluster and very many workstations, and i want that the communication in multicast of the PVE nodes only reach to the others PVE nodes and no others destinations.

The question is: ¿how i get this?

- Also, i don't know if for get this target, is possible use unmanaged switches?
- But, always i want that any workstation can connect to any PVE node for administer it.
- If all these conditions aren't possible, what is the way more nearest for get it?

Notes:
- Networking isn't my forte (for administer switches managed, but soon i will have one of level 2, and i will do many practices)
- if switches managed are necessary, of level 2 are ok?
- Please, be patient and explain me in easy terms.
- If the configurations are different with managed and unmanaged switches, please explain me in each case.

Best regards
Cesar
 
Last edited:
There are a few possible approaches to this.

One is to place your Proxmox servers on a different subnet than your workstations. Simply set them up with static IPs under this separate subnet, then make sure there are routes between the two networks for the services you'll need to access - your router should be able to handle this for you, often automatically, assuming it's high enough quality and grade. If it's an integrated modem/router from your ISP, though, it probably won't have the capabilities you're looking for. Multicast traffic isn't relayed across subnets (without some advanced proxying jiggery-pokery), so your workstations won't be exposed to it.

Alternately, you can set up your Proxmox servers with two interfaces each. One interface would be set up exactly the way it is now, on the same subnet and switch(es) as the rest of your network. The other would be on a server-only network, with a different subnet, and optionally even on a separate switch. You would then bind all multicast software (all the cluster stuff) to this second interface. This is part of the approach taken by Ned Productions to set up a Proxmox cluster across datacenters by tunneling the cluster traffic over an OpenVPN.

Probably the easiest option to implement (and the current recommendation of the Proxmox VE dev team) requires one or more switches with IGMP snooping support. This usually means managed, but not always. IGMP snooping automatically prunes multicast traffic so machines that haven't requested it don't get it; it operates in layer 2, but listens on layer 3, since that's where IGMP resides. More info on Wikipedia. Note that it's probably a good idea to have IGMP-supporting switches in any configuration to avoid multicast DDoS attacks against your servers, among other things.

There are probably other options I haven't listed, and there are certainly variations on these approaches that I haven't covered, but those are the main three categories of solutions to this issue. Hope that helps.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back