Ability to model virtual contexts #231
Comments
|
Hi, |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
|
Hi, |
Proposed Functionality
Support firewall virtual contexts (for policies, zones, ...)
Use Case
Some firewall supports virtual contexts (ie. virtual firewall that behave like a standalone firewall), some examples are:
vsysfor Palo AltoVDOMfor Fortigatevirtual systems(VS?) for CheckpointOne way (maybe wrong?) to model them is to create the physical devices as
Devices, put them in aVirtualization cluster, and create aVirtual machinefor each virtual context (vsys, vdom, ...), which would be the best representation as they're not actualDevices(not in a physical DC).However in that case this plugin is not usable as only
DevicesandDevice Interfacesare selectable (verified in v2.0.3 on https://next.demo.nautobot.com/).What would be the best approach to support/model this and be able to use this plugin?
I did a POC (patch attached: nautobot-app-firewall-models_ltm-1.6_vminterfaces.diff.txt) modifying this plugin to allow selection of
VM Interfacesbased on theltm-1.6branch, it works for simple needs (not all features are implemented however), but it might not be the direction you would take? If it is however, would you accept a patch for the v2 branch?On a side note for Nautobot in general, some load-balancer may suffer the same limitations, for example Radware Alteon can be
standalone, virtual (VA), or inVX(~hypervisor)/vADC(virtual context) mode, and clusters can be formed at physical and/or virtual level (between vADC, themself on (cluster of) VX), the latter being hard to model as this notion of cluster/redundancy between VM is not supported natively. Cluster/redundancy can also be formed at the VIP level but that's another story ...Edit, some captures of the POC result:
The text was updated successfully, but these errors were encountered: