Skip to content

Commit e59fd88

Browse files
dfitzmaudfitzmau
committed
DIAGRAMS-503: Documented flat layer 2 diagram in UDN docs
1 parent 32e5c87 commit e59fd88

File tree

2 files changed

+8
-1
lines changed

2 files changed

+8
-1
lines changed

images/503_OpenShift_UDN_L2_0425.png

70.4 KB
Loading

modules/nw-udn-l2-l3.adoc

+8-1
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,14 @@
55
[id="nw-udn-l2-l3_{context}"]
66
= Layer 2 and layer 3 topologies
77

8-
A layer 2 topology creates a virtual switch that is distributed across all nodes in a cluster. Virtual machines and pods connect to this virtual switch so that all these components can communicate with each other within the same subnet. If you decide not to specify a layer 2 subnet, then you must manually configure IP addresses for each pod in your cluster. When you do not specify a layer 2 subnet, port security is limited to preventing Media Access Control (MAC) spoofing only, and does not include IP spoofing. A layer 2 topology creates a single broadcast domain that can be challenging in large network environments, where the topology might cause a broadcast storm that can degrade network performance.
8+
A flat layer 2 topology creates a virtual switch that is distributed across all nodes in a cluster. Virtual machines and pods connect to this virtual switch so that all these components can communicate with each other within the same subnet. A flat layer 2 topology is useful for live migration of virtual machines across nodes that exist in a cluster. The following diagram shows a flat layer 2 topology with two nodes that use the virtual switch for live migration purposes:
9+
10+
.A flat layer 2 topology that uses a virtual switch for component communication
11+
image::504_OpenShift_UDN_L2_0325.png[A flat layer 2 topology with a virtual switch so that virtual machines in node-1 to node-2 can communicate with each other]
12+
13+
If you decide not to specify a layer 2 subnet, then you must manually configure IP addresses for each pod in your cluster. When you do not specify a layer 2 subnet, port security is limited to preventing Media Access Control (MAC) spoofing only, and does not include IP spoofing. A layer 2 topology creates a single broadcast domain that can be challenging in large network environments, where the topology might cause a broadcast storm that can degrade network performance.
14+
15+
916

1017
The following diagram shows two nodes that use an UDN with a layer 2 topology to live migrate a pod from `Node 1` to `Node 2`. Each node includes two interfaces:
1118

0 commit comments

Comments
 (0)