diff options
Diffstat (limited to 'network/config/bond-with-vlans/controller-v6.yaml')
-rw-r--r-- | network/config/bond-with-vlans/controller-v6.yaml | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/network/config/bond-with-vlans/controller-v6.yaml b/network/config/bond-with-vlans/controller-v6.yaml index 7869ebfc..71b7e1b1 100644 --- a/network/config/bond-with-vlans/controller-v6.yaml +++ b/network/config/bond-with-vlans/controller-v6.yaml @@ -64,10 +64,6 @@ parameters: default: 60 description: Vlan ID for the management network traffic. type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string ControlPlaneSubnetCidr: # Override this via parameter_defaults default: '24' description: The subnet CIDR of the control plane network. @@ -75,6 +71,14 @@ parameters: ControlPlaneDefaultRoute: # Override this via parameter_defaults description: The default route of the control plane network. type: string + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ManagementInterfaceDefaultRoute: # Commented out by default in this template + default: unset + description: The default route of the management network. + type: string DnsServers: # Override this via parameter_defaults default: [] description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. @@ -106,6 +110,7 @@ resources: - ip_netmask: 169.254.169.254/32 next_hop: {get_param: EC2MetadataIp} + # IPv4 Default Route - default: true next_hop: {get_param: ControlPlaneDefaultRoute} @@ -134,6 +139,7 @@ resources: - ip_netmask: {get_param: ExternalIpSubnet} routes: + # IPv6 Default Route - default: true next_hop: {get_param: ExternalInterfaceDefaultRoute} @@ -166,6 +172,9 @@ resources: - ip_netmask: {get_param: TenantIpSubnet} # Uncomment when including environments/network-management.yaml + # If setting default route on the Management interface, comment + # out the default route on the External interface. This will + # make the External API unreachable from remote subnets. #- # type: vlan # device: bond1 @@ -173,6 +182,10 @@ resources: # addresses: # - # ip_netmask: {get_param: ManagementIpSubnet} + # routes: + # - + # default: true + # next_hop: {get_param: ManagementInterfaceDefaultRoute} outputs: OS::stack_id: |