Software Defined Networking

As of writing, Software Defined Networking support in Proxmox VE is currently still an experimental feature. However, stabilization of SDN is currently described on the PVE Roadmap.

Shamrock uses the Software Defined Networking feature in Proxmox VE to manage virtual machine networks. All virtual machines (except for the OPNsense routers) connect to the internet via SDN VNets. This allows for configuration of virtual networks that allow for more advanced network security and routing topologies.

Some reference uses of the SDN feature can be found in OPNsense and Node Proxying.

Configuration Reference

Zones

/etc/pve/sdn/zones.cfg

vxlan: cluster
        peers 10.83.86.10 10.83.86.11 10.83.86.12
        ipam pve
        mtu 1500

Because the underlying network uses jumbo packets (MTU 9000), the MTU of the VXLAN can be safely set to 1500 without fragmentation issues. This zone runs on top of the cluster/SDN local network (eno1 and eno2, see Physical Configuration).

VNets

/etc/pve/sdn/vnets.cfg

vnet: xpfsync
        zone cluster
        tag 5

vnet: vbasic
        zone cluster
        tag 10

vnet: vcluster
        zone cluster
        tag 15

vnet: vdomain
        zone cluster
        tag 20

vnet: vkube
        zone cluster
        tag 30

vnet: vmail
        zone cluster
        tag 40

Subnets

/etc/pve/sdn/subnets.cfg

subnet: cluster-10.76.10.0-24
        vnet vbasic

subnet: cluster-10.76.15.0-24
        vnet vcluster

subnet: cluster-10.76.20.0-24
        vnet vdomain

subnet: cluster-10.76.30.0-24
        vnet vkube

subnet: cluster-10.76.40.0-24
        vnet vmail

Physical Configuration

Physical Routing Configuration

Software Defined Networking

Software Defined Networking

Configuration Reference

Zones

VNets

Subnets