[SOLVED] SDN wrt Microsegmentation

D

Diametric

New Member
Jun 19, 2024
4
0
1
I've been playing around with SDN with a goal to implement a form of microsegmentation and believe that what I'm after is not currently possible without some form of work around. (VMs with multiple NICs etc)

Is someone able to let me know if there is plans for the following on the horizon or if I've missed this functionality somewhere?

1. Route leaking between SDN zones or the ability to restrict communications between VNets within a zone.
2. In the case of route leaking between zones, some way to restrict communications between the zones to allow only specific traffic, possibly an extension of the firewall to be able to apply to a zone/VNet. Would be nice to be able to just point the firewall at two zones/VNets and allow/restrict traffic as required.

In general I'm after the ability to create a private subnet per VM/group of VMs and easily link as required to other private subnets.

Thanks in advance.
 
Diametric said:
2. In the case of route leaking between zones, some way to restrict communications between the zones to allow only specific traffic, possibly an extension of the firewall to be able to apply to a zone/VNet. Would be nice to be able to just point the firewall at two zones/VNets and allow/restrict traffic as required.
Click to expand...

This is something I'm currently exploring with the new nftables implementation, although I can give no guarantees on when this will land.
 
  • Like
Reactions: Diametric
sensei_pv said:
Any update?. have u got any workaround for Micro-segm.?
Click to expand...
don't need any workaround, microsegmentation (aka firewalling between 2 vms on same L2 network) is working since 10year with proxmox firewall.


The definition of rules directly on the sdn vnet is currently in developpement. (instead define it vm by vm, or through security group)
 
  • Like
Reactions: weehooey-bh and sensei_pv
You must log in or register to reply here.
Top Bottom