From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <a.lauterer@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 5273173C0A
 for <pve-devel@lists.proxmox.com>; Mon, 30 May 2022 14:40:18 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 32D302D617
 for <pve-devel@lists.proxmox.com>; Mon, 30 May 2022 14:40:18 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [94.136.29.106])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id C301D2D5C1
 for <pve-devel@lists.proxmox.com>; Mon, 30 May 2022 14:40:16 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 9CCE843789
 for <pve-devel@lists.proxmox.com>; Mon, 30 May 2022 14:40:16 +0200 (CEST)
From: Aaron Lauterer <a.lauterer@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Mon, 30 May 2022 14:40:14 +0200
Message-Id: <20220530124014.2477717-4-a.lauterer@proxmox.com>
X-Mailer: git-send-email 2.30.2
In-Reply-To: <20220530124014.2477717-1-a.lauterer@proxmox.com>
References: <20220530124014.2477717-1-a.lauterer@proxmox.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.006 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 KAM_SHORT               0.001 Use of a URL Shortener for very short URL
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 T_SCC_BODY_TEXT_LINE    -0.01 -
Subject: [pve-devel] [PATCH docs 3/3] network: rework introduction for
 people with less experience
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Mon, 30 May 2022 12:40:18 -0000

Mentioning explicitly, that the vmbr interfaces can be thought of as a
virtual switch and what can be done overall in the introduction will
hopefully help new users to grasp the networking more quickly.

Also mention the SDN to point people in that direction if they need it

Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com>
---
 pve-network.adoc | 28 ++++++++++++++++++++++------
 1 file changed, 22 insertions(+), 6 deletions(-)

diff --git a/pve-network.adoc b/pve-network.adoc
index 0eabb87..98a5fb5 100644
--- a/pve-network.adoc
+++ b/pve-network.adoc
@@ -5,13 +5,26 @@ ifdef::wiki[]
 :pve-toplevel:
 endif::wiki[]
 
-Network configuration can be done either via the GUI, or by manually
-editing the file `/etc/network/interfaces`, which contains the
-whole network configuration. The  `interfaces(5)` manual page contains the
-complete format description. All {pve} tools try hard to keep direct
-user modifications, but using the GUI is still preferable, because it
+{pve} is using the Linux network stack. This provides a lot of flexibility on
+how to set up the network on the {pve} nodes. The configuration can be done
+either via the GUI, or by manually editing the file `/etc/network/interfaces`,
+which contains the whole network configuration. The  `interfaces(5)` manual
+page contains the complete format description. All {pve} tools try hard to keep
+direct user modifications, but using the GUI is still preferable, because it
 protects you from errors.
 
+A 'vmbr' interface is needed to connect guests to the underlying physical
+network.  They are a Linux bridge which can be thought of as a virtual switch
+to which the guests and physical interfaces are connected to.  This section
+provides some examples on how the network can be set up to accomodate different
+use cases like redundancy with a xref:sysadmin_network_bond['bond'],
+xref:sysadmin_network_vlan['vlans'] or
+xref:sysadmin_network_routed['routed'] and
+xref:sysadmin_network_masquerading['NAT'] setups.
+
+The xref:chapter_pvesdn[Software Defined Network] is an option for more complex
+virtual networks in {pve} clusters.
+
 Apply Network Changes
 ~~~~~~~~~~~~~~~~~~~~~
 
@@ -150,6 +163,7 @@ physical network. The network, in turn, sees each virtual machine as
 having its own MAC, even though there is only one network cable
 connecting all of these VMs to the network.
 
+[[sysadmin_network_routed]]
 Routed Configuration
 ~~~~~~~~~~~~~~~~~~~~
 
@@ -192,6 +206,7 @@ iface vmbr0 inet static
 ----
 
 
+[[sysadmin_network_masquerading]]
 Masquerading (NAT) with `iptables`
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
@@ -244,7 +259,7 @@ https://lwn.net/Articles/370152/[Patch on netdev-list introducing conntrack zone
 https://blog.lobraun.de/2019/05/19/prox/[Blog post with a good explanation by using TRACE in the raw table]
 
 
-
+[[sysadmin_network_bond]]
 Linux Bond
 ~~~~~~~~~~
 
@@ -382,6 +397,7 @@ iface vmbr0 inet static
 ----
 
 
+[[sysadmin_network_vlan]]
 VLAN 802.1Q
 ~~~~~~~~~~~
 
-- 
2.30.2