Virtual Network (VNET)#
The Virtual Network (VNET) application is a resource designed to group and manage network services together, typically deployed as overlay services. The VNET simplifies management by serving as a single input for a set of resources that support a common set of applications.
Core Components of VNET#
The primary components that make up the VNET include:
-
BridgeDomain: Represents a Layer 2 broadcast domain. It is used in conjunction with VLAN and BridgeInterface resources, which attach sub-interfaces to this L2 broadcast domain.
-
VLAN: Groups sub-interfaces together under a common VLAN ID. VLAN IDs can be automatically assigned from a pool or manually set by the user. The VLAN uses a label selector to select the interfaces on which to provisioning the sub-interfaces.
-
BridgeInterface: Allows operators to manually attach a sub-interface to a specific BridgeDomain.
-
Router: Acts as a Layer 3 domain manager. It can connect multiple BridgeDomains through an
IRBInterfaceor link directly toRoutedInterfaces. -
IRBInterface (Integrated Routing and Bridging Interface): Connects a BridgeDomain to a Router, facilitating communication between Layer 2 and Layer 3 networks.
-
RoutedInterface: Represents a directly connected Layer 3 interface on a device that is attached to a Router.
-
DHCPRelay: Enables DHCP relay functionality on sub-interfaces within the VNET, facilitating dynamic IP address allocation.
Additional Capabilities#
- PE-CE BGP: The VNET also supports Provider Edge to Customer Edge (PE-CE) BGP.
- IP Filters: IPv4, IPv6 and MAC filters can also be used within the
VirtualNetwork. - DSCP and Dot1p classifiers: Attachment of DSCP and Dot1p classifiers are also supported.
Example VNETs#
Layer 2 VNET#
cat << 'EOF' | tee l2-vnet.yaml | kubectl apply -f -
apiVersion: services.eda.nokia.com/v1alpha1
kind: VirtualNetwork
metadata:
name: vnet1
namespace: eda
spec:
bridgeDomains:
- name: bd1
spec:
eviPool: evi-pool
l2proxyARPND:
dynamicLearning:
ageTime: 2000
enabled: true
sendRefresh: 2000
ipDuplication:
enabled: true
holdDownTime: 10
monitoringWindow: 10
numMoves: 4
proxyARP: true
proxyND: false
tableSize: 250
macAging: 300
tunnelIndexPool: tunnel-index-pool
type: EVPNVXLAN
vniPool: vni-pool
vlans:
- name: storage
spec:
bridgeDomain: bd1
interfaceSelector:
- eda.nokia.com/edgeLinkType=storage
vlanID: pool
vlanPool: vlan-pool
- name: compute
spec:
bridgeDomain: bd1
interfaceSelector:
- eda.nokia.com/edgeLinkType=compute
vlanID: pool
vlanPool: vlan-pool
EOF
apiVersion: services.eda.nokia.com/v1alpha1
kind: VirtualNetwork
metadata:
name: vnet1
namespace: eda
spec:
bridgeDomains:
- name: bd1
spec:
eviPool: evi-pool
l2proxyARPND:
dynamicLearning:
ageTime: 2000
enabled: true
sendRefresh: 2000
ipDuplication:
enabled: true
holdDownTime: 10
monitoringWindow: 10
numMoves: 4
proxyARP: true
proxyND: false
tableSize: 250
macAging: 300
tunnelIndexPool: tunnel-index-pool
type: EVPNVXLAN
vniPool: vni-pool
vlans:
- name: storage
spec:
bridgeDomain: bd1
interfaceSelector:
- eda.nokia.com/edgeLinkType=storage
vlanID: pool
vlanPool: vlan-pool
- name: compute
spec:
bridgeDomain: bd1
interfaceSelector:
- eda.nokia.com/edgeLinkType=compute
vlanID: pool
vlanPool: vlan-pool
Layer 3 VNET#
cat << 'EOF' | tee l3-vnet.yaml | kubectl apply -f -
---
apiVersion: services.eda.nokia.com/v1alpha1
kind: VirtualNetwork
metadata:
name: vnet2
namespace: eda
spec:
bridgeDomains:
- name: app1
spec:
eviPool: evi-pool
macAging: 300
tunnelIndexPool: tunnel-index-pool
type: EVPNVXLAN
vniPool: vni-pool
- name: app2
spec:
eviPool: evi-pool
macAging: 300
tunnelIndexPool: tunnel-index-pool
type: EVPNVXLAN
vniPool: vni-pool
irbInterfaces:
- name: irb1
spec:
arpTimeout: 14400
bfd:
desiredMinTransmitInt: 150002
detectionMultiplier: 4
enabled: true
minEchoReceiveInterval: 1000000
requiredMinReceive: 150000
bridgeDomain: app1
evpnRouteAdvertisementType:
arpDynamic: true
arpStatic: true
ndDynamic: false
ndStatic: false
hostRoutePopulate:
dynamic: true
evpn: true
static: false
ipAddresses:
- ipv4Address:
ipPrefix: 13.3.3.1/24
primary: true
ipv6Address:
ipPrefix: fc00:31::1/120
primary: true
- ipv4Address:
ipPrefix: 14.4.4.1/24
primary: false
ipv6Address:
ipPrefix: fc00:41::1/120
primary: false
ipMTU: 1500
l3ProxyARPND:
proxyARP: false
proxyND: false
learnUnsolicited: NONE
router: routetable1
- name: irb2
spec:
arpTimeout: 14400
bfd:
desiredMinTransmitInt: 150002
detectionMultiplier: 4
enabled: true
minEchoReceiveInterval: 1000000
requiredMinReceive: 150000
bridgeDomain: app2
evpnRouteAdvertisementType:
arpDynamic: true
arpStatic: true
ndDynamic: false
ndStatic: false
hostRoutePopulate:
dynamic: true
evpn: true
static: false
ipAddresses:
- ipv4Address:
ipPrefix: 15.3.3.1/24
primary: true
ipv6Address:
ipPrefix: fc00:51::1/120
primary: true
- ipv4Address:
ipPrefix: 16.4.4.1/24
primary: false
ipv6Address:
ipPrefix: fc00:61::1/120
primary: false
ipMTU: 1500
l3ProxyARPND:
proxyARP: false
proxyND: false
learnUnsolicited: NONE
router: routetable1
routers:
- name: routetable1
spec:
eviPool: evi-pool
routerID: 5.4.3.2
tunnelIndexPool: tunnel-index-pool
type: EVPNVXLAN
vniPool: vni-pool
vlans:
- name: vlan1
spec:
bridgeDomain: app1
interfaceSelector:
- eda.nokia.com/edgeLinkType=storage
vlanID: pool
vlanPool: vlan-pool
- name: vlan2
spec:
bridgeDomain: app2
interfaceSelector:
- eda.nokia.com/edgeLinkType=compute
vlanID: pool
vlanPool: vlan-pool
EOF
---
apiVersion: services.eda.nokia.com/v1alpha1
kind: VirtualNetwork
metadata:
name: vnet2
namespace: eda
spec:
bridgeDomains:
- name: app1
spec:
eviPool: evi-pool
macAging: 300
tunnelIndexPool: tunnel-index-pool
type: EVPNVXLAN
vniPool: vni-pool
- name: app2
spec:
eviPool: evi-pool
macAging: 300
tunnelIndexPool: tunnel-index-pool
type: EVPNVXLAN
vniPool: vni-pool
irbInterfaces:
- name: irb1
spec:
arpTimeout: 14400
bfd:
desiredMinTransmitInt: 150002
detectionMultiplier: 4
enabled: true
minEchoReceiveInterval: 1000000
requiredMinReceive: 150000
bridgeDomain: app1
evpnRouteAdvertisementType:
arpDynamic: true
arpStatic: true
ndDynamic: false
ndStatic: false
hostRoutePopulate:
dynamic: true
evpn: true
static: false
ipAddresses:
- ipv4Address:
ipPrefix: 13.3.3.1/24
primary: true
ipv6Address:
ipPrefix: fc00:31::1/120
primary: true
- ipv4Address:
ipPrefix: 14.4.4.1/24
primary: false
ipv6Address:
ipPrefix: fc00:41::1/120
primary: false
ipMTU: 1500
l3ProxyARPND:
proxyARP: false
proxyND: false
learnUnsolicited: NONE
router: routetable1
- name: irb2
spec:
arpTimeout: 14400
bfd:
desiredMinTransmitInt: 150002
detectionMultiplier: 4
enabled: true
minEchoReceiveInterval: 1000000
requiredMinReceive: 150000
bridgeDomain: app2
evpnRouteAdvertisementType:
arpDynamic: true
arpStatic: true
ndDynamic: false
ndStatic: false
hostRoutePopulate:
dynamic: true
evpn: true
static: false
ipAddresses:
- ipv4Address:
ipPrefix: 15.3.3.1/24
primary: true
ipv6Address:
ipPrefix: fc00:51::1/120
primary: true
- ipv4Address:
ipPrefix: 16.4.4.1/24
primary: false
ipv6Address:
ipPrefix: fc00:61::1/120
primary: false
ipMTU: 1500
l3ProxyARPND:
proxyARP: false
proxyND: false
learnUnsolicited: NONE
router: routetable1
routers:
- name: routetable1
spec:
eviPool: evi-pool
routerID: 5.4.3.2
tunnelIndexPool: tunnel-index-pool
type: EVPNVXLAN
vniPool: vni-pool
vlans:
- name: vlan1
spec:
bridgeDomain: app1
interfaceSelector:
- eda.nokia.com/edgeLinkType=storage
vlanID: pool
vlanPool: vlan-pool
- name: vlan2
spec:
bridgeDomain: app2
interfaceSelector:
- eda.nokia.com/edgeLinkType=compute
vlanID: pool
vlanPool: vlan-pool
Verify the status of the VirtualNetwork#
Verify the fabric operational state: