diff --git a/docs/en-US/pvlan.xml b/docs/en-US/pvlan.xml
index c4d8f921c87..d569507f973 100644
--- a/docs/en-US/pvlan.xml
+++ b/docs/en-US/pvlan.xml
@@ -32,14 +32,10 @@
Isolate VMs in a shared networks by using Private VLANs.
- Supported in both VPC and non-VPC deployments.
+ Supported on KVM, XenServer, and VMware hypervisors
- Supported on all hypervisors.
-
-
- Allow end users to deploy VMs in an isolated networks, or a VPC, or a Private
- VLAN-enabled shared network.
+ PVLAN-enabled shared network can be a part of multiple networks of a guest VM.
@@ -121,55 +117,16 @@
switch, connect the switch to upper switch by using cables. The number of cables should be
greater than the number of PVLANs used.
-
- If your Catalyst switch supports PVLAN, but not PVLAN promiscuous trunk mode, perform
- the following:
-
-
- Configure one of the switch port as trunk for management network (management
- VLAN).
-
-
- For each PVLAN, perform the following:
-
-
- Connect a port of the Catalyst switch to the upper switch.
-
-
- Set the port in the Catalyst Switch in promiscuous mode for one pair of
- PVLAN.
-
-
- Set the port in the upper switch to access mode, and allow only the traffic of
- the primary VLAN of the PVLAN pair.
-
-
-
-
-
Configure private VLAN on your physical switches out-of-band.
- Open vSwitch (OVS) used by XenServer and KVM does not support PVLAN. Therefore,
- simulate PVLAN on OVS for XenServer and KVM by modifying the flow table to achieve the
- following:
-
-
- For every traffic leaving user VMs, tag with the secondary isolated VLAN
- ID.
-
-
- Change the VLAN ID to primary VLAN ID.
- This allows the traffic which is tagged with the secondary isolated VLAN ID reach
- the DHCP server.
-
-
- The gateway is PVLAN-unaware; therefore, the switch connected to the gateway
- should translate all the secondary VLAN to primary VLAN for communicating with the
- gateway.
-
-
+ Before you use PVLAN on XenServer and KVM, enable Open vSwitch (OVS) .
+
+ OVS on XenServer and KVM does not support PVLAN. Therefore, simulate PVLAN on OVS
+ for XenServer and KVM by modifying the flow table and tagging every traffic leaving
+ guest VMs with the secondary VLAN ID.
+
@@ -208,41 +165,83 @@
Specify the following:
- Name:
+ Name: The name of the network. This will be
+ visible to the user.
- Description:
+ Description: The short description of the network
+ that can be displayed to users.
- VLAN ID:
+ VLAN ID: The unique ID of the VLAN.
- Private VLAN ID:
+ Isolated VLAN ID: The unique ID of the Secondary
+ Isolated VLAN.
+ For the description on Secondary Isolated VLAN, see .
- Scope:
+ Scope: The available scopes are Domain, Account,
+ Project, and All.
+
+
+ Domain: Selecting Domain limits the scope of
+ this guest network to the domain you specify. The network will not be available
+ for other domains. If you select Subdomain Access, the guest network is available
+ to all the sub domains within the selected domain.
+
+
+ Account: The account for which the guest
+ network is being created for. You must specify the domain the account belongs
+ to.
+
+
+ Project: The project for which the guest
+ network is being created for. You must specify the domain the project belongs
+ to.
+
+
+ All: The guest network is available for all
+ the domains, account, projects within the selected zone.
+
+
- Network Offering:
+ Network Offering: If the administrator has
+ configured multiple network offerings, select the one you want to use for this
+ network.
- Gateway:
+ Gateway: The gateway that the guests should
+ use.
- Netmask:
+ Netmask: The netmask in use on the subnet the
+ guests will use.
- IP Range:
+ IP Range: A range of IP addresses that are
+ accessible from the Internet and are assigned to the guest VMs.
+ If one NIC is used, these IPs should be in the same CIDR in the case of
+ IPv6.
- IPv6 CIDR:
+ IPv6 CIDR: The network prefix that defines the
+ guest network subnet. This is the CIDR that describes the IPv6 addresses in use in the
+ guest networks in this zone. To allot IP addresses from within a particular address
+ block, enter a CIDR.
- Network Domain:
+ Network Domain: A custom DNS suffix at the level
+ of a network. If you want to assign a special domain name to the guest VM network,
+ specify a DNS suffix.
- Click OK to confirm.
+
+ Click OK to confirm.
+