Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Enable VLAN Subinterface Support on Virtual Interfaces

SUMMARY Virtualized Network Function (VNF) and Containerized Network Function (CNF) workloads often require multiple virtual network services on a single interface. Cloud-Native Contrail® Networking supports VLAN subinterfaces on virtual interfaces.

VLAN Subinterface Overview

A VLAN subinterface is a logical division of a virtual (or physical) interface at the network level. VLAN subinterfaces are Layer 3 interfaces that receive and forward 802.1Q VLAN tags. You can assign multiple VLAN tags to a single virtual interface. When a packet arrives at that interface, the packet's associated VLAN tags designate which VLAN the packet routes to. You can use VLAN subinterfaces to route traffic to multiple VLANs for your services.

API Changes

This section provides information about API calls that occur when configuring a VLAN subinterface.

When configuring VLAN subinterfaces in Cloud-Native Contrail Networking, Kubernetes updates the VirtualMachineInterface field with new properties, or VLAN tags. After an update occurs, the VirtualMachineInterface object references other VirtualMachineInterface objects based on existing VLAN tags.

Note:

Cloud-Native Contrail Networking defines the properties field from Contrail Classic as virtualMachineInterfaceProperties.

Network Definition Changes

This section provides information about the network definition enhancements necessary when creating a subinterface for a virtual interface within a pod.

In kube-manager, the PodController watching for pod events reads the network definition applied to it. Kube-manager parses each network selection element and creates an associated VMI (virtual machine interface). Parent VMIs are the network elements with only the net.juniper.contrail.interfacegroup tag attached in the YAML file. Subinterfaces are the network elements with the net.juniper.contrail.interfacegroup and net.juniper.contrail.vlan tags attached in the YAML file.

The following two tags enhance the network definition in the cni-args section:

  • net.juniper.contrail.interfacegroup

    • Interface Group groups two or more interfaces.

    • The parent interface is the network selection element associated with only this tag.

    • The subinterface is the network selection element associated with this tag and a VLAN tag.

  • net.juniper.contrail.vlan
    • Specifies the VLANID on the subinterface.

A VLAN subinterface belongs to its parent interface. Users must specify the namespace to which the subinterface attaches. Consider the following example:

Example 1

Example 1 shows specified pod annotations for cni-args. This example configuration creates the following three VMIs and three IIPs (interface IPs) within the pod:

  • VMI, IIP for eth0 on default pod network

  • VMI, IIP for eth1 on parent-vn (parent interface)

  • VMI, IIP for eth1.100 on subitf-vn (subinterface)

Valid Configuration 1: One Parent, One Subinterface:

Valid Configuration 2: One Parent, Multiple Subinterfaces:

Valid Configuration 3: Multiple Parents, Multiple Subinterfaces:

Invalid Configuration 1: Multiple Interfaces on Same Network:

Invalid Configuration 2: Two Interfaces with Same interfacegroup but no VLAN