Why not Bridged/routed NAT Setup?
Iam currently heavy using those setups.
All VMs have an internal nic let say
physical host1 - 10.10.10.x
physical host2 - 10-10.11.x
psysical host vpn - 10.10.1.x
so basically every psysical host has at least one physical NIC, one virtual
VPN nic, one virtual bridge.
all those are internal routed (i use openvpn to connect host 1 and 2)
so every VM can communicate to each others vm
every psysical host hast also NAT to forward one or more IP/ports to each VM
also the psysical host can work as a transparent firewall and i dont need a
vpn nic on every vm.
so what i would love to have is at least ability to use the vpn network
interfaces instead of real one and at least beeing able to say that
bridge/nat vonfig is done manually , which isnot ideal but better than not
beeing able to use that setup at all
why is it needed. well either you rent a server, OR you have several server
in an external data center but they dont reside to each other AND/ OR
you have several server on different data center OR you have a tight
security policy no traffic without VPN (you know google should have used
that a loong time ago to prevent snow lol)
VLANs are nice but limited to psysical access and are also local