I am sketching a network design for a KVM hosting site, preparing for hundreds of virtual guests. In our current design, every customer (no matter if physical or virtual) reside on their own VLAN to achieve isolation. We don't nat on our firewall, all servers have public IPs (I guess i'm to blame for the ipv4 shortage ;).
What strikes me is that even fairly expensive gigabit switches from Cisco, like Catalyst 2960 series, is capable of only 255 VLANs. This is likely to become a bottleneck. I figure I could let the KVM host node be in charge of a /20 network, and let it subnet it to really small networks (/30, /29 etc).
Would that be the best approach? Would it make sense to have each guest on their own vlan interface of the host node?
A few facts
* Cisco switches
* Got a /20 network to use.
Thanks in advance,
Normally, providing every user with a separate VLAN can be REALLY wasteful. Instead, provide them with small subnets, and if you run out, expand to another VLAN where you can start over.
If all those IPs have to be public, then you know exactly how many subnets you can sell.
Now, what exactly does it have to do with kvm? This seems like a simple hosting provider architecture planning question