Hi out there. I just to make sure that I do not oversee somthing yet.
We have a few bare metal machine on different providers like Hetzner, OVH, AWS, ScaleWay. I have created several KVM nodes located in these data centers and have connected them all into a FireEdge Management. Currently I use only “private networks” in each host, with the host as a router and NAT and/or internal VPN. To allow “live migrations” I run the same virtual network on each host, so that the IP address of the VM is still the same when migrating. Due to the fact, that each host has the same onbr0 address and function as a gateway, also traffic continues when migrating.
The fact not using a bridged virtual networ is, that those bare metal achines have only one NIC and that is attached to the WAN and mostly configured by a MAC address, that this is the only address allowed to send data out. This is a rule by most providers. If you miss this, they should normally down their Port and you receive a message like “You are using not allowed traffic”.
So for that I do not see another option for in and out traffic than using the host as a gateway as well.
Do I miss some concepts here for running one network over public NICs and different locations?
Thanks for your replies.
Tom