Routes are rules in the HashiCorp Virtual Network (HVN) route table that direct network traffic between the HVN and a target connection.
Routes are a necessary part of the HVN configuration. They provide a networking abstraction that enables network traffic between the HVN and a target HVN connection, such as a peering connection.
Routes enable communication between the destination and all clusters in the HVN, including clusters created after the initial deployment. When you create a route, it is added to the route table of the HVN. HCP uses the route table to communicate with your cloud provider’s resources.
Routes have two components for network traffic:
- The destination is specified by the CIDR block of the resource you want to reach through your target.
- A target is the HVN connection where traffic is routed, like a peering connection.
The ports available for use in route configuration depend on the type of cluster you connect.
»Create a Route
- Sign in to the HCP Portal and select your organization.
- From the sidebar, click HashiCorp Virtual Network.
- Click on an HVN in the ID column.
- From the sidebar, click Route table.
- The default table entry routes local traffic. For more details, refer to Route Table Reference.
- Click Create route.
- Complete the requested fields:
- In the Route ID field, enter a name for the route. The route ID can be up to 36 characters and can only include letters, numbers, and dashes.
- In the Destinations field, enter the CIDR range of the Azure resource that the HVN should reach through your target. For more details about how to configure this field, refer to CIDR Block Reference.
- From the Targets field, choose a peering connection.
- To complete the configuration, click Create route.
To add more than one route to the table, repeat these steps as necessary.
»Configure Network Security Groups
After you configure a target connection and specify the routes for the HVN to connect to your VNet, you may need to configure security groups to open the virtual firewall between your HVN and cloud network.
Network security groups are an Azure construct that controls inbound and outbound traffic to your instances. Refer to How network security groups filter network traffic in the Azure documentation for details.
Refer to Network Security Groups for information specific to HCP.
»Route Table Reference
Route tables in HCP include the following fields:
- ID: The name the route was given.
- Destination: The destination CIDR block range configured in the route.
- The value is the ID of the peering connection.
- When you click on the target, it opens the target’s configuration screen.
- Status: Shows if the route is active, pending, or failed.
- Target type: Indicates that the route connects a peering connection.
To delete a route entry, choose Delete from the ellipsis menu. When prompted, confirm that you want to remove the route.
»CIDR Block Reference
The following rules apply to CIDR blocks specified in the route configuration:
- CIDR blocks must follow the RFC1918 specification.
- CIDR blocks configured in the route cannot overlap with the parent HVN.
- Different routes in the HVN can specify the same CIDR blocks, but the route - with the narrowest CIDR definition takes priority when routing network traffic.
- Routes cannot have a narrower CIDR definition than an existing route that targets a peering connection.