bebb4925c0
This commit mainly changes the data modelling around the private
networking.
Before this, a VmPrivateSubnet entity was getting created at the
Vm/Nexus assembly and a refresh_mesh was simply allowing access to every
other VM in the mesh. We wouldn't use static mac addresses, or store the
Nic entity. Here, the new data model is as the following;
- PrivateSubnet (e.g. 10.0.0.64/26) one_to_many Nic (10.0.0.72/32).
- Nic many_to_one VM (or any other resource we would provide)
- VMs have public ipv6/4 addresses assigned depending on the setup.
- VMs (resources) that have Nics that exist in the same PrivateSubnet
can communicate with each other via private IPv4/6 addresses internally.
This above 4 marks summarize the private networking in a nutshell.
Below diagram should be easier to digest;
+---------------------+
| PrivateSubnet |
| IPv4: 10.0.0.64/26 |
| IPv6: fd00::/64 |
+---------------------+
| 1:N
/ \
+---------------------+ +---------------------+
| Nic1 | | Nic2 |
| IPv4: 10.0.0.72/32 | | IPv4: 10.0.0.73/32 |
| IPv6: fd12::8739/80 | | IPv6: fd12::8740/80 |
+---------------------+ +---------------------+
| N:1 | N:1
v v
+-----------------------+ +-----------------------+
| VM1 | | VM2 |
| IPv4: 203.0.113.42 | | IPv4: 203.0.113.43 |
| IPv6: 2001::42 | | IPv6: 2001::43 |
| +----------------+ | | +----------------+ |
| | tap dev | | | | tap dev | |
| | IPv4: 10.0.0.72| | | | IPv4: 10.0.0.73| |
| | IPv6: fd12::8739| | | | IPv6: fd12::8740| |
| +----------------+ | | +----------------+ |
+-----------------------+ +-----------------------+
| |
| IpsecTunnel |
\__________________________/
1.0 KiB
1.0 KiB