Good morning, before starting I would like to thank the developers and the community.
Currently we have deployed opennebula 5.4 on Debian, working with a frontend and 5 nodes. A scarcely configured installation with which we show the students of a university that consists of the cloud backend. We currently use an LDAP server against a domain controller to validate students.
On a host server that has been empty we have updated debian to its version 9 and Openebula to its version 5.8.
We would like to implement tasks for students, teach them how a virtual network works and that they can create and use them within opennebula. For this we are in a phase of conceptual development, we have prepared a scheme with an idea of what we should assemble. Before continuing we would like to ask for your advice and recommendation, I leave an image of our blackboard as proof of concept.
The idea is that each student / user can create a virtual VLAN / switch, link their virtual machines and isolate them from the rest of the student users.
We have thought about implementing VOS for this purpose and use VLAN tagging. We have some limitations:
Our department does not have access to the management of the upper link of the switch, any request to add labeled vlan is dismissed. May we need a GRE tunnel between Nodes?
The nodes have 2 network interfaces, all of them within a subnet, say for example 172.16.100.X / 24
We do not have IPs for the virtual machines in those ranges with which the VMs are hosted in other subnets, for example 192.168.100.Y / 24
We are unsure about whether we need to add a virtual router or openebula manages this layer 3 traffic.