VRF¶
Implementation¶
The vrf is the first resource_type built in every project and is a Linux Network Namespace. The vrf can have one or more vrf_network_links. The properties of a vrf_network_link are vlan, ipv4_subnet and ipv6_subnet. The ipv4_subnet can be either from one of the project’s RFC1918 allocations or a public IPv4 subnet owned by the customer. The ipv6_subnet is a /64 from the /48 region assignment.
For IPv4 networking, the vrf will be assigned a public reachable IPv4 address (vrf.ipv4_address_id) from one of the IPv4 floating subnets in the Region. Other resources within the project can NAT an RFC1918 address to an ip_address from this subnet. A Project Network Namespace will connect to the subnet’s bridge on the PodNet box. IPv4 traffic will be routed via this bridge’s gateway.
For IPv6 networking, the vrf will be assigned an IPv6 address (vrf.ipv6_address_id) from the IPv6 /64 link subnet for the Region. A Project Network Namespace will connect to the IPv6 link subnet bridge on the PodNet box. Other resources within the project can be assigned an IPv6 address from the vrf_interface.ipv6_subnet.
Every network_link is a VLAN tagged logical interface on the PodNet’s private interface and will be connected to the Project Network Namespace.
ERD¶
