github.com/sl1pm4t/consul@v1.4.5-0.20190325224627-74c31c540f9c/website/source/docs/enterprise/network-segments/index.html.md (about)

     1  ---
     2  layout: "docs"
     3  page_title: "Consul Enterprise Network Segments"
     4  sidebar_current: "docs-enterprise-network-segments"
     5  description: |-
     6    Consul Enterprise enables you create separate LAN gossip pools within one
     7    cluster to segment network groups.
     8  ---
     9  
    10  # Consul Enterprise Network Segments
    11  
    12  Consul Network Segments enables operators to create separate LAN gossip segments
    13  in one Consul cluster. Agents in a segment are only able to join and communicate
    14  with other agents in its network segment. This functionality is useful for
    15  clusters that have multiple tenants that should not be able to communicate
    16  with each other.
    17  
    18  To get started with Network Segments,
    19  [read the guide](/docs/guides/segments.html).
    20  
    21  # Consul Networking Models
    22  
    23  To help set context for this feature, it is useful to understand the various
    24  Consul networking models and their capabilities.
    25  
    26  **Cluster:** A set of Consul servers forming a Raft quorum along with a
    27  collection of Consul clients, all set to the same
    28  [datacenter](/docs/agent/options.html#_datacenter), and joined together to form
    29  what we will call a "local cluster". Consul clients discover the Consul servers
    30  in their local cluster through the gossip mechanism and make RPC requests to
    31  them. LAN Gossip (OSS) is an open intra-cluster networking model, and  Network
    32  Segments (Enterprise) creates multiple segments within one cluster.
    33  
    34  **Federated Cluster:** A cluster of clusters with a Consul server group per
    35  cluster each set per "datacenter". These Consul servers are federated together
    36  over the WAN. Consul clients make use of resources in federated clusters by
    37  forwarding RPCs through the Consul servers in their local cluster, but they
    38  never interact with remote Consul servers directly. There are currently two
    39  inter-cluster network models: [WAN Gossip (OSS)](/docs/guides/datacenters.html)
    40  and [Network Areas (Enterprise)](/docs/guides/areas.html).
    41  
    42  **LAN Gossip Pool**: A set of Consul agents that have full mesh connectivity
    43  among themselves, and use Serf to maintain a shared view of the members of the
    44  pool for different purposes, like finding a Consul server in a local cluster,
    45  or finding servers in a remote cluster. A **segmented** LAN Gossip Pool limits a
    46  group of agents to only connect with the agents in its segment.