[pve-devel] [PATCH v2 pve-docs 3/6] sdn: VNets and Subnets

Stefan Lendl s.lendl at proxmox.com
Fri Nov 17 14:55:28 CET 2023

Signed-off-by: Stefan Lendl <s.lendl at proxmox.com>
 pvesdn.adoc | 46 ++++++++++++++++++++++++++++------------------
 1 file changed, 28 insertions(+), 18 deletions(-)

diff --git a/pvesdn.adoc b/pvesdn.adoc
index 8a71c03..c4b77f0 100644
--- a/pvesdn.adoc
+++ b/pvesdn.adoc
@@ -272,32 +272,40 @@ MTU:: Because VXLAN encapsulation uses 50 bytes, the MTU needs to be 50 bytes
   defaults to 1450.
+After creating a virtual network (VNet) through the SDN GUI, a local network
+interface with the same name is available on each node. To connect a guest to the
+VNet, assign the interface to the guest and set the IP address accordingly.
+Depending on the zone, these options have different meanings and are explained
+in the respective zone section in this document.
-A `VNet` is, in its basic form, a Linux bridge that will be deployed locally on
-the node and used for virtual machine communication.
+WARNING: In the current state, some options may have no effect or won't work in
+certain zones.
-The VNet configuration properties are:
+VNet configuration options:
-ID:: An 8 character ID to name and identify a VNet
+ID:: An up to 8 character ID to identify a VNet
-Alias:: Optional longer name, if the ID isn't enough
+Comment:: More descriptive identifier. Assigned as an alias on the interface. Optional
 Zone:: The associated zone for this VNet
 Tag:: The unique VLAN or VXLAN ID
-VLAN Aware:: Enable adding an extra VLAN tag in the virtual machine or
-container's vNIC configuration, to allow the guest OS to manage the VLAN's tag.
+VLAN Aware:: Enables vlan-aware option on the interface, enabling configuration
+  in the quest.
-A subnetwork (subnet) allows you to define a specific IP network
-(IPv4 or IPv6). For each VNet, you can define one or more subnets.
+A subnet define a specific IP range, described by the CIDR network address.
+Each VNet, can have one or more subnets.
 A subnet can be used to:
@@ -310,19 +318,21 @@ A subnet can be used to:
 If an IPAM server is associated with the subnet zone, the subnet prefix will be
 automatically registered in the IPAM.
-Subnet properties are:
+Subnet configuration options:
 ID:: A CIDR network address, for example
 Gateway:: The IP address of the network's default gateway. On layer 3 zones
   (Simple/EVPN plugins), it will be deployed on the VNet.
-SNAT:: Optional. Enable SNAT for layer 3 zones (Simple/EVPN plugins), for this
-  subnet. The subnet's source IP will be NATted to server's outgoing interface/IP.
-  On EVPN zones, this is only done on EVPN gateway-nodes.
+SNAT:: Enable Source NAT which allows VMs from inside a
+  VNet to connect to the outside network by forwarding the packets to the nodes
+  outgoing interface. On EVPN zones, forwarding is done on EVPN gateway-nodes.
+  Optional.
+DNS Zone Prefix:: Add a prefix to the domain registration, like
+  <hostname>.prefix.<domain>  Optional.
-Dnszoneprefix:: Optional. Add a prefix to the domain registration, like

More information about the pve-devel mailing list