Skip to content

Virtual Network (VNET)#

The Virtual Network (VNET) application is a resource designed to group and manage network services together, typically deployed as overlay services. The VNET simplifies management by serving as a single input for a set of resources that support a common set of applications.

Core Components of VNET#

The primary components that make up the VNET include:

  • BridgeDomain: Represents a Layer 2 broadcast domain. It is used in conjunction with VLAN and BridgeInterface resources, which attach sub-interfaces to this L2 broadcast domain.

  • VLAN: Groups sub-interfaces together under a common VLAN ID. VLAN IDs can be automatically assigned from a pool or manually set by the user. The VLAN uses a label selector to select the interfaces on which to provisioning the sub-interfaces.

  • BridgeInterface: Allows operators to manually attach a sub-interface to a specific BridgeDomain.

  • Router: Acts as a Layer 3 domain manager. It can connect multiple BridgeDomains through an IRBInterface or link directly to RoutedInterfaces.

  • IRBInterface (Integrated Routing and Bridging Interface): Connects a BridgeDomain to a Router, facilitating communication between Layer 2 and Layer 3 networks.

  • RoutedInterface: Represents a directly connected Layer 3 interface on a device that is attached to a Router.

  • DHCPRelay: Enables DHCP relay functionality on sub-interfaces within the VNET, facilitating dynamic IP address allocation.

Additional Capabilities#

  • PE-CE BGP: The VNET also supports Provider Edge to Customer Edge (PE-CE) BGP.
  • IP Filters: IPv4, IPv6 and MAC filters can also be used within the VirtualNetwork.
  • DSCP and Dot1p classifiers: Attachment of DSCP and Dot1p classifiers are also supported.

Example VNETs#

Layer 2 VNET#

cat << 'EOF' | tee l2-vnet.yaml | kubectl apply -f -
---
apiVersion: services.eda.nokia.com/v1alpha1
kind: VirtualNetwork
metadata:
  name: vnet1
spec:
  bridgeDomains:
    - name: bd1
      spec:
        vniPool: vni-pool
        eviPool: evi-pool
        tunnelIndexPool: tunnel-index-pool
        l2proxyARPND:
          dynamicLearning:
            ageTime: 2000
            enabled: true
            sendRefresh: 2000
          ipDuplication:
            enabled: true
            holdDownTime: 10
            monitoringWindow: 10
            numMoves: 4
          proxyARP: true
  vlans:
    - name: storage
      spec:
        bridgeDomain: bd1
        interfaceSelector: ["eda.nokia.com/edgeLinkType=storage"]
        vlanPool: vlan-pool
    - name: compute
      spec:
        bridgeDomain: bd1
        interfaceSelector: ["eda.nokia.com/edgeLinkType=compute"]
        vlanPool: vlan-pool
---

EOF

---
apiVersion: services.eda.nokia.com/v1alpha1
kind: VirtualNetwork
metadata:
  name: vnet1
spec:
  bridgeDomains:
    - name: bd1
      spec:
        vniPool: vni-pool
        eviPool: evi-pool
        tunnelIndexPool: tunnel-index-pool
        l2proxyARPND:
          dynamicLearning:
            ageTime: 2000
            enabled: true
            sendRefresh: 2000
          ipDuplication:
            enabled: true
            holdDownTime: 10
            monitoringWindow: 10
            numMoves: 4
          proxyARP: true
  vlans:
    - name: storage
      spec:
        bridgeDomain: bd1
        interfaceSelector: ["eda.nokia.com/edgeLinkType=storage"]
        vlanPool: vlan-pool
    - name: compute
      spec:
        bridgeDomain: bd1
        interfaceSelector: ["eda.nokia.com/edgeLinkType=compute"]
        vlanPool: vlan-pool
---

Layer 3 VNET#

cat << 'EOF' | tee l3-vnet.yaml | kubectl apply -f -
---
apiVersion: services.eda.nokia.com/v1alpha1
kind: VirtualNetwork
metadata:
  name: vnet2
spec:
  routers:
    - name: routetable1
      spec:
        routerID: 5.4.3.2
        vniPool: vni-pool
        eviPool: evi-pool
        tunnelIndexPool: tunnel-index-pool
  bridgeDomains:
    - name: app1
      spec:
        vniPool: vni-pool
        eviPool: evi-pool
        tunnelIndexPool: tunnel-index-pool
    - name: app2
      spec:
        vniPool: vni-pool
        eviPool: evi-pool
        tunnelIndexPool: tunnel-index-pool
  irbInterfaces:
    - name: irb1
      spec:
        bridgeDomain: app1
        router: routetable1
        bfd:
          desiredMinTransmitInt: 150002
          detectionMultiplier: 4
          enabled: true
          requiredMinReceive: 150000
        evpnRouteAdvertisementType:
          arpStatic: true
          arpDynamic: true
        hostRoutePopulate:
          dynamic: true
          evpn: true
        ipv4Addresses:
          - ipPrefix: 13.3.3.1/24
            primary: true
          - ipPrefix: 14.4.4.1/24
        ipv6Addresses:
          - ipPrefix: fc00:31::1/120
            primary: true
          - ipPrefix: fc00:41::1/120
    - name: irb2
      spec:
        bridgeDomain: app2
        router: routetable1
        bfd:
          desiredMinTransmitInt: 150002
          detectionMultiplier: 4
          enabled: true
          requiredMinReceive: 150000
        evpnRouteAdvertisementType:
          arpStatic: true
          arpDynamic: true
        hostRoutePopulate:
          dynamic: true
          static: false
          evpn: true
        ipv4Addresses:
          - ipPrefix: 15.3.3.1/24
            primary: true
          - ipPrefix: 16.4.4.1/24
        ipv6Addresses:
          - ipPrefix: fc00:51::1/120
            primary: true
          - ipPrefix: fc00:61::1/120
  vlans:
    - name: vlan1
      spec:
        bridgeDomain: app1
        interfaceSelector: ["eda.nokia.com/edgeLinkType=storage"]
        vlanPool: vlan-pool
    - name: vlan2
      spec:
        bridgeDomain: app2
        interfaceSelector: ["eda.nokia.com/edgeLinkType=compute"]
        vlanPool: vlan-pool
EOF

---
apiVersion: services.eda.nokia.com/v1alpha1
kind: VirtualNetwork
metadata:
  name: vnet2
spec:
  routers:
    - name: routetable1
      spec:
        routerID: 5.4.3.2
        vniPool: vni-pool
        eviPool: evi-pool
        tunnelIndexPool: tunnel-index-pool
  bridgeDomains:
    - name: app1
      spec:
        vniPool: vni-pool
        eviPool: evi-pool
        tunnelIndexPool: tunnel-index-pool
    - name: app2
      spec:
        vniPool: vni-pool
        eviPool: evi-pool
        tunnelIndexPool: tunnel-index-pool
  irbInterfaces:
    - name: irb1
      spec:
        bridgeDomain: app1
        router: routetable1
        bfd:
          desiredMinTransmitInt: 150002
          detectionMultiplier: 4
          enabled: true
          requiredMinReceive: 150000
        evpnRouteAdvertisementType:
          arpStatic: true
          arpDynamic: true
        hostRoutePopulate:
          dynamic: true
          evpn: true
        ipv4Addresses:
          - ipPrefix: 13.3.3.1/24
            primary: true
          - ipPrefix: 14.4.4.1/24
        ipv6Addresses:
          - ipPrefix: fc00:31::1/120
            primary: true
          - ipPrefix: fc00:41::1/120
    - name: irb2
      spec:
        bridgeDomain: app2
        router: routetable1
        bfd:
          desiredMinTransmitInt: 150002
          detectionMultiplier: 4
          enabled: true
          requiredMinReceive: 150000
        evpnRouteAdvertisementType:
          arpStatic: true
          arpDynamic: true
        hostRoutePopulate:
          dynamic: true
          static: false
          evpn: true
        ipv4Addresses:
          - ipPrefix: 15.3.3.1/24
            primary: true
          - ipPrefix: 16.4.4.1/24
        ipv6Addresses:
          - ipPrefix: fc00:51::1/120
            primary: true
          - ipPrefix: fc00:61::1/120
  vlans:
    - name: vlan1
      spec:
        bridgeDomain: app1
        interfaceSelector: ["eda.nokia.com/edgeLinkType=storage"]
        vlanPool: vlan-pool
    - name: vlan2
      spec:
        bridgeDomain: app2
        interfaceSelector: ["eda.nokia.com/edgeLinkType=compute"]
        vlanPool: vlan-pool

Verify the status of the VirtualNetwork#

Verify the fabric operational state:

kubectl get virtualnetwork

NAME    OPERATIONALSTATE   LASTCHANGE
vnet1   down               2024-04-30T21:26:36.000Z
vnet2   degraded           2024-04-30T22:47:38.000Z