mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
68 lines
2.8 KiB
Plaintext
68 lines
2.8 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * networking/k8s_nmstate/k8s-nmstate-updating-node-network-config.adoc
|
|
|
|
:_mod-docs-content-type: REFERENCE
|
|
[id="virt-routes-route-rules_{context}"]
|
|
= Routes and route rules
|
|
|
|
[role="_abstract"]
|
|
After you configure an IP address for a network interface, you can configure routes and route rules in the NMState configuration for cluster nodes.
|
|
|
|
[IMPORTANT]
|
|
====
|
|
You cannot use the OVN-Kubernetes `br-ex` bridge as the next hop interface when configuring a static route unless you manually configured a customized `br-ex` bridge.
|
|
|
|
For more information, see "Creating a manifest object that includes a customized br-ex bridge" in the _Deploying installer-provisioned clusters on bare metal_ document or the _Installing a user-provisioned cluster on bare metal_ document.
|
|
====
|
|
|
|
The `routes` parameter defines static routes and these routes determine the traffic that leaves the network interfaces and the destination network for the traffic. Supported values include `running` and `config`.
|
|
|
|
[NOTE]
|
|
====
|
|
After you apply an NMState configuration to cluster nodes and you want to change existing routes, you must specify the old route with the `state: absent` parameter and the new route with the `state: present` parameter. The NMState Operator can then delete the old route and apply the new route to cluster nodes.
|
|
|
|
Setting the `state` parameter to `ignore` means that the Operator ignores certain routes.
|
|
====
|
|
|
|
The `route-rules` parameter implements a policy-based routing capability for cluster nodes. This capability allows traffic that originates from a different source IP address to be segregated and routed through different gateways and network paths.
|
|
|
|
The following YAML configuration shows a static route and a static IP confiuration on interface `eth1`:
|
|
|
|
[source,yaml]
|
|
----
|
|
dns-resolver:
|
|
config:
|
|
# ...
|
|
interfaces:
|
|
- name: eth1
|
|
description: Static routing on eth1
|
|
type: ethernet
|
|
state: up
|
|
ipv4:
|
|
dhcp: false
|
|
enabled: true
|
|
address:
|
|
- ip: 192.0.2.251
|
|
prefix-length: 24
|
|
route-rules:
|
|
config:
|
|
- ip-from: 198.51.100.0/24
|
|
priority: 1000
|
|
route-table: 200
|
|
routes:
|
|
config:
|
|
- destination: 198.51.100.0/24
|
|
next-hop-interface: eth1
|
|
next-hop-address: 192.0.2.1
|
|
metric: 150
|
|
table-id: 200
|
|
# ...
|
|
----
|
|
* `config.ip-from`: Applies a rule to any network packet that originates from the specified IP address.
|
|
* `config.priority`: Sets the priority order for the rule.
|
|
* `config.route-table`: Specifies the routing table that the Operator uses to check that network traffic matches the `ip-from` condition.
|
|
* `address.ip`: The static IP address for the Ethernet interface.
|
|
* `config.next-hop-address`: The next hop address for the node traffic. This must be in the same subnet as the IP address set for the Ethernet interface.
|
|
|