Introduction

Hi guy, I write this page to introduce a new feature for Guest networks. Normally, VMs from guest networks can't reach each other. In VPC model, we can do this via Inter Vlan routing feature. So this proposal aim to do the same thing with Guest network model.

• Two guest networks can be configured to reach each other
• A guest network can be configured to reach outside without NAT (not recommend but supported)

All configurations are currently done by admin only.

Design

The idea is not too hard. ACS has already implemented such L3 services (sourceNat, staticNat, Port Forwarding,...), and I follow this design. 

<uncompleted>

UI

Guest network to outside without NAT

Database

CREATE TABLE `cloud`.`routing_rules` (
`id` bigint unsigned NOT NULL auto_increment COMMENT 'id',
`uuid` varchar(40),
`src_net` varchar(40) COMMENT 'source network of this rule',
`dst_net` varchar(40) COMMENT 'destination network of this rule',
`start_port` int(10) COMMENT 'starting port of a port range',
`end_port` int(10) COMMENT 'end port of a port range',
`state` char(32) NOT NULL COMMENT 'current state of this rule',
`protocol` char(16) NOT NULL default 'TCP' COMMENT 'protocol to open these ports for',
`account_id` bigint unsigned NOT NULL COMMENT 'owner id',
`domain_id` bigint unsigned NOT NULL COMMENT 'domain id',
`created` datetime COMMENT 'Date created',
`removed` datetime COMMENT 'Date removed',
`icmp_code` int(10) COMMENT 'The ICMP code (if protocol=ICMP). A value of -1 means all codes for the given ICMP type.',
`icmp_type` int(10) COMMENT 'The ICMP type (if protocol=ICMP). A value of -1 means all types.',
PRIMARY KEY (`id`),
CONSTRAINT `fk_routing_rules__account_id` FOREIGN KEY(`account_id`) REFERENCES `account`(`id`) ON DELETE CASCADE,
CONSTRAINT `fk_routing_rules__domain_id` FOREIGN KEY(`domain_id`) REFERENCES `domain`(`id`) ON DELETE CASCADE,
CONSTRAINT `uc_routing_rules__uuid` UNIQUE (`uuid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;