The **S**oftware-**D**efined **N**etwork (SDN) feature in {pve} enables the
creation of virtual zones and networks (VNets). This functionality simplifies
-advanced networking configurations and multitenancy setup."
+advanced networking configurations and multitenancy setup.
[[pvesdn_overview]]
Introduction
NOTE: {pve} version 7.0 and above have the `ifupdown2` package installed by
default. If you originally installed your system with an older version, you need
to explicitly install the `ifupdown2` package.
-+
-After installation, you need to add the following line to the end of the
-`/etc/network/interfaces` configuration file, so that the SDN configuration gets
-included and activated.
-+
+
+After installation, you need to ensure that the following line is present at the
+end of the `/etc/network/interfaces` configuration file on all nodes, so that
+the SDN configuration gets included and activated.
+
----
source /etc/network/interfaces.d/*
----
+[[pvesdn_install_dhcp_ipam]]
DHCP IPAM
~~~~~~~~~
-The DHCP integration into the IP Address Management stack currently uses
-`dnsmasq` for giving out DHCP leases. This is currently opt-in.
+The DHCP integration into the built-in 'PVE' IP Address Management stack
+currently uses `dnsmasq` for giving out DHCP leases. This is currently opt-in.
To use that feature you need to install the `dnsmasq` package on every node:
----
apt update
apt install dnsmasq
+# disable default instance
+systemctl disable --now dnsmasq
----
+[[pvesdn_install_frrouting]]
FRRouting
~~~~~~~~~
Tag:: The unique VLAN or VXLAN ID
VLAN Aware:: Enables vlan-aware option on the interface, enabling configuration
- in the quest.
+ in the guest.
[[pvesdn_config_subnet]]
-----------
Some zones implement a separated control and data plane that require an external
-external controller to manage the VNet's control plane.
+controller to manage the VNet's control plane.
Currently, only the `EVPN` zone requires an external controller.
[[pvesdn_ipam_plugin_netbox]]
NetBox IPAM Plugin
-~~~~~~~~~~~~~
+~~~~~~~~~~~~~~~~~~
link:https://github.com/netbox-community/netbox[NetBox] is an open-source IP
Address Management (IPAM) and datacenter infrastructure management (DCIM) tool.
ranges.
Do not forget to follow the installation steps for the
-xref:pvesdn_dhcp_dnsmasq_installation[dnsmasq DHCP plugin] as well.
+xref:pvesdn_install_dhcp_ipam[dnsmasq DHCP plugin] as well.
Plugins
~~~~~~~
Currently this is the only DHCP plugin and therefore the plugin that gets used
when you enable DHCP for a zone.
-[[pvesdn_dhcp_dnsmasq_installation]]
.Installation
-In order to be able to use the Dnsmasq plugin you need to install
-the dnsmasq package and disable the default DNS server that gets automatically
-started:
-
-----
-apt install dnsmasq
-systemctl disable --now dnsmasq
-----
+For installation see the xref:pvesdn_install_dhcp_ipam[DHCP IPAM] section.
.Configuration
The plugin will create a new systemd service for each zone that dnsmasq gets
Simple Zone Example
~~~~~~~~~~~~~~~~~~~
-Simple zone networks create an isolated network for quests on a single host to
+Simple zone networks create an isolated network for guests on a single host to
connect to each other.
-TIP: connection between quests are possible if all quests reside on a same host
+TIP: connection between guests are possible if all guests reside on a same host
but cannot be reached on other nodes.
* Create a simple zone named `simple`.
* Add a VNet names `vnet1`.
* Create a Subnet with a gateway and the SNAT option enabled.
* This creates a network bridge `vnet1` on the node. Assign this bridge to the
- quests that shall join the network and configure an IP address.
+ guests that shall join the network and configure an IP address.
The network interface configuration in two VMs may look like this which allows
them to communicate via the 10.0.1.0/24 network.
Source NAT Example
~~~~~~~~~~~~~~~~~~
-If you want to allow outgoing connections for quests in the simple network zone
+If you want to allow outgoing connections for guests in the simple network zone
the simple zone offers a Source NAT (SNAT) option.
Starting from the configuration xref:pvesdn_setup_example_simple[above], Add a
SNAT: checked
----
-In the quests configure the static IP address inside the subnet's IP range.
+In the guests configure the static IP address inside the subnet's IP range.
The node itself will join this network with the Gateway IP '172.16.0.1' and
-function as the NAT gateway for quests within the subnet range.
+function as the NAT gateway for guests within the subnet range.
[[pvesdn_setup_example_vlan]]
Tag: 100
----
-Apply the configuration on the main SDN web-interface panel to create VNets
+Apply the configuration on the main SDN web interface panel to create VNets
locally on each node.
Create four Debian-bases virtual machines (vm1, vm2, vm3, vm4) and add network
Tag: 100000
----
-Apply the configuration on the main SDN web-interface panel to create VNets
+Apply the configuration on the main SDN web interface panel to create VNets
locally on each nodes.
Create a Debian-based virtual machine ('vm1') on node1, with a vNIC on `vxvnet1`.
Gateway: 10.0.2.1
----
-Apply the configuration from the main SDN web-interface panel to create VNets
+Apply the configuration from the main SDN web interface panel to create VNets
locally on each node and generate the FRR configuration.
Create a Debian-based virtual machine ('vm1') on node1, with a vNIC on `myvnet1`.
projects / pve-docs.git / blobdiff