|
5 | 5 | A Virtual Private Cloud (VPC) is similar to a public cloud VPC. It provides an isolated private network with support for multiple subnets, |
6 | 6 | each with user-defined VLANs and optional DHCP services. |
7 | 7 |
|
8 | | -```yaml |
| 8 | +```{.yaml .annotate linenums="1" title="vpc.yaml"} |
9 | 9 | apiVersion: vpc.githedgehog.com/v1beta1 |
10 | 10 | kind: VPC |
11 | 11 | metadata: |
|
33 | 33 | timeServers: # (optional) configure Time (NTP) Servers |
34 | 34 | - 1.1.1.1 |
35 | 35 | interfaceMTU: 1500 # (optional) configure the MTU (default is 9036); doesn't affect the actual MTU of the switch interfaces |
| 36 | + leaseTimeSeconds: 3600 # The default duration of a DHCP lease |
| 37 | + disableDefaultRoute: false # set to true if the fabric DHCP server should not manage the default route on the end host |
| 38 | + advertisedRoutes: # Array of routes to be sent to each host in this subnet |
| 39 | + - destination: 10.12.10.0/24 |
| 40 | + gateway: 10.10.1.2 |
| 41 | + - destination: 10.13.10.0/24 |
| 42 | + gateway: 10.10.1.3 |
36 | 43 | subnet: 10.10.1.0/24 # User-defined subnet from ipv4 namespace |
37 | 44 | gateway: 10.10.1.1 # User-defined gateway (optional, default is .1) |
38 | 45 | vlan: 1001 # User-defined VLAN from VLAN namespace |
@@ -71,10 +78,28 @@ _Restricted subnet_ means that all hosts in the subnet are isolated from each ot |
71 | 78 |
|
72 | 79 | A Permit list contains a list. Every element of the list is a set of subnets that can communicate with each other. |
73 | 80 |
|
| 81 | +### DHCP Server |
| 82 | + |
| 83 | +The included DHCP server sets the option for the default route pointing to the gateway |
| 84 | +address of the VPC. If the default route of the end hosts should not be managed by the fabric |
| 85 | +DHCP server, add `disableDefaultRoute: true` to the DHCP subnet spec inside of the VPC. |
| 86 | + |
| 87 | +If additional routes are to be distributed to the end hosts inside of a VPC add |
| 88 | +them as a YAML array in the DHCP subnet spec. A full list of options for the |
| 89 | +DHCP spec can be found in [the Fabric API reference](../reference/fabric-api.md#dhcpsubnetspec). |
| 90 | + |
| 91 | +Distributing additional routes via DHCP is independent of the |
| 92 | +`disableDefaultRoute` setting. A user can distribute routes via the fabric DHCP |
| 93 | +server even if the `disableDefaultRoute` is set to `true`. The additional |
| 94 | +routes are advertised via DHCP option 121. |
| 95 | + |
| 96 | +If the `disableDefaultRoute` is set to `true`, and the VPC is `mode: l3vni` the |
| 97 | +fabric DHCP server will send routes to the end hosts so that they can reach |
| 98 | +other hosts inside of the VPC via the VPC gateway. |
74 | 99 |
|
75 | 100 | ### Third-party DHCP server configuration |
76 | 101 |
|
77 | | -In case you use a third-party DHCP server, by configuring `spec.subnets.<subnet>.dhcp.relay`, additional information is |
| 102 | +To use a third-party DHCP server, configure `spec.subnets.<subnet>.dhcp.relay`. Additional information is |
78 | 103 | added to the DHCP packet forwarded to the DHCP server to make it possible to identify the VPC and subnet. This |
79 | 104 | information is added under the RelayAgentInfo (option 82) in the DHCP packet. The relay sets two suboptions in the |
80 | 105 | packet: |
|
0 commit comments