Skip to content

Virtual Networks

Virtual Networks emulate physical networks and hardware such as routers and switches to allow the communication between computers, virtual machines, and other devices across various locations. This functionality enables resources separated by vast distances to be connected, pooled, and managed as if they were under one roof.

HyperCloud manages both Layer 2 and Layer 3 segmentation and Layer 3 IP Address management for Virtual Networks. Creating a new VNet requires knowing a few pieces of information. If connectivity is desired outside of the HyperCloud cluster, the VLAN ID must also be added to trunk ports from the upstream switch fabric into the HyperCloud fabric.

Firstly, navigate to Network then Virtual Networks and click on the green + button. Now you will need to input the required information and make appropriate selections. The listing below starts in the General tab and works to the right down the row. Some fields are not addressed as they are optional.

General

Name

Arbitrary name of network. Logical names that contain key bits of details about the network are useful, but not required.

Cluster

Usually leave as default if you only have a single cloud zone.


Conf

Bridge Name

Logical interface name on the backend network. Useful to know for logging purposes. Keep short and avoid special characters. Must be unique to each Virtual Network. Enabling IP and MAC Address Filtering is best practice for network management. This adds mitigation for common Layer 3 and Layer 2, respectively, attacks.


VLAN ID

Set up to manage either Automatic or Manual assignment, most enterprises will have a strong preference here and will want to assign their own. If connecting outside of the HyperCloud fabric, this must match the upstream VLAN ID and be trunked to the HyperCloud fabric.


Physical device

Always set to br0


Addresses

First IPv4 address

Set the first IP Address and the size of the address pool


Advanced Options/Security Groups

Select a Security Group to associate with the VNet, these are addressed later in this document and can be assigned later as well


Security

Select a Security Group from the list. Security Groups act as a firewall to limit inbound and outbound traffic. Rules can be set for specific Protocols, Port Ranges, and for Target Network; however, with Virtual Networks, they can be used to limit IP address access.

QoS*

Quality of Service options are available to set policy limits to prevent bandwidth hogging. Upper and lower limits for Inbound and Outbound traffic; as well as, temporary bursting limitations.

Context

Finally, you can set other TCP/IP context; such as, the Network Address, Network Mask, Gateway, DNS, and MTU.

This process can become tedious to set for multiple tenants; therefore, if the general options will be reused for several entities, a Network Template can be created in the same manner as outlined above with the exception of clicking Network Templates in lieu of Virtual Networks.

All of the creation, physical emulation, and management is controlled by HyperCloud to present a simplified dashboard to easily instantiate the various portions of the Virtual Network and add machines and attributes to define the access and security.

Address Reservations can remove an IP from the available subnet in the defined Address Range.

A Virtual Network can be defined with three distinct parts:

  • Underlying Physical Network Infrastructure that supports it, including the network driver.
  • Logical Address Space available. Addresses associated with a Virtual Network can be IPv4, IPv6, dual stack IPv4-IPv6, or Ethernet.
  • Guest Configuration Attributes used to set up the Virtual Machine Network, that may include network masks, DNS servers, or gateways.

Within the Network menu is the Virtual Networks management interface, where you can create, delete, or update virtual networks.

Create VNet Image Address

Create VNet Security Tab

Reminder

When creating a VNet, the platform requires a Physical Device entry, for this field, enter br0. Also, the VLAN ID should be set to Manual and given the desired identification number.

Create VNet Physical Device

With manual VLAN identification, set the VLAN ID to the desired tag and make sure all interconnects' ports to every compute node are tagged with the same VLAN ID. Also, if desired, tag the uplinks from the HyperCloud fabric to the customer fabric with the same VLAN ID.