Routes are rules in the HashiCorp Virtual Network (HVN) route table that direct network traffic between the HVN and a target connection.
Routes are a necessary part of the HVN configuration. They provide a networking abstraction that enables network traffic between the HVN and a target HVN connection, such as a peering connnection or transit gateway attachment.
Routes enable communication between the destination and all clusters in the HVN, including clusters created after the initial deployment. When you create a route, it is added to the route table of the HVN. HCP uses the route table to communicate with your cloud provider’s resources.
Routes have two components for network traffic:
- The destination is specified by the CIDR block of the resource you want to reach through your target.
- A target is the HVN connection where traffic is routed, such as a peering connection.
The ports available for use in route configuration depend on the type of cluster you connect.
Tutorial: For step-by-step instructions on how to add or modify traffic sent through a transit gateway attachment, including configuring a route, complete the Connect an Amazon Transit Gateway to your HashiCorp Virtual Network tutorial.
- Sign in to the HCP Portal and select your organization.
- From the sidebar, click HashiCorp Virtual Network.
- Click on an HVN in the ID column.
- From the sidebar, click Route table. The default table entry routes local traffic. For more details, refer to Route Table Reference.
- Click Create route.
- Complete the requested fields:
- In the Route ID field, enter a name for the route. The route ID can be up to 36 characters and can only include letters, numbers, and dashes.
- In the Destinations field, enter the CIDR range of the AWS resource that the HVN should reach through your target. For more details about how to configure this field, refer to CIDR Block Reference.
- From the Targets field, choose a peering connection.
- To complete the configuration, click Create route.
To add more than one route to the table, repeat these steps as necessary.
After you configure a target connection and specify the routes for the HVN to connect to your VPC, you may need to configure security groups to open the virtual firewall between your HVN and cloud network.
For information specific to HCP, refer to Security Groups.
Route tables in HCP include the following fields:
- ID: The name the route was given.
- Destination: The destination CIDR block range configured in the route.
- Target: The name of the target.
- The value is the ID of the peering connection.
- When you click on the target, it opens the target’s configuration screen.
- Status: Shows if the route is active, pending, or failed.
- Target type: Indicates that the route connects either a peering connection or a transit gateway attachment.
To delete a route entry, choose Delete from the ellipsis menu. When prompted, confirm that you want to remove the route.
The following rules apply to CIDR blocks specified in the route configuration:
- HCP does not accept publicly routable addresses because they could overlap with addresses of services used for HCP management and operations.
- CIDR blocks configured in the route cannot overlap with the parent HVN.
- Different routes in the HVN can specify the same CIDR blocks, but the route with the narrowest CIDR definition takes priority when routing network traffic.
- Routes cannot have a narrower CIDR definition than an existing route that targets a peering connection.