Forcing net positions in nwdiag

asked Dec 24, 2023 in Question / help by mcon (320 points)

I am having problems with the following diagram:

@startuml
!include <office/Concepts/firewall>
!include <office/Devices/modem>
!include <office/Devices/router>
!include <office/Devices/modem>
!include <office/Devices/workstation>
!include <office/Devices/workstation_pc>
!include <office/Servers/application_server>
!include <office/Servers/database_server>
!include <office/Servers/virtual_web_server>
!include <office/Servers/virtual_server>
!include <office/Servers/file_server>
!include <office/Servers/physical_host_solid_blue>
nwdiag {
    ISP_A [ shape = cloud];
    ISP_A -- routerA;
    ISP_B [ shape = cloud];
    ISP_B -- routerB;
    Firewall [description = "<$firewall>\nOPNsense"];
    network RED1 {
        description ="RED1/WAN1"
        address = "192.168.1.0/24"
        color = red
        routerA [address = "192.168.1.1", description = "<$modem>\nFast Fiber\nDynamic IP"];
    }
    network RED2 {
        description ="RED2/WAN2"
        address = "192.168.2.0/24"
        color = red
        routerB [address = "192.168.2.1", description = "<$modem>\nSlow DSL\nFixed IP"];
        Firewall [address = "192.168.2.254"];
    }
    network ORANGE {
        description ="ORANGE/DMZ"
        address = "192.168.9.0/24
        color = orange
        Firewall [address = "192.168.9.254"];
        WebServer [address = "192.168.9.8", description = "<$virtual_web_server>\nwebserver"];
        OtherServer [address = "192.168.9.7", description = "<$virtual_server>\nuserver"];
    }
    network GREEN {
        description ="GREEN/LAN"
        address = "192.168.7.0/24
        color = palegreen
        Firewall [address = "192.168.7.254"];
        cinderella [address = "192.168.7.12", description = "<$workstation>\ncinderella"];
        controller [address = "192.168.7.x", description = "<$workstation_pc>\ncontroller"];
        workstation [address = "192.168.7.90", description = "<$file_server>\nSynology"];
    }

    group {
        color = "SkyBlue";
        description = "<$physical_host_solid_blue>\nLXD Server";
        Firewall;
        WebServer;
        OtherServer;
    }
}
@enduml

PlantUML diagram Problem is I would like to have both red networks on top, something like what I get if I delete `Firewall` entry in RED1 (but then I miss a connection, of course):

PlantUML diagram

Essentially I should force link between Firewall and RED2 to go up instead of down, but I didn't find a way to do it.

I also tried defining `Firewall` before usage, but it doesn't seem to change anything.

Can someone help, please?

Your answer

Your name to display (optional):

Email me at this address if my answer is selected or commented on:

Privacy: Your email address will only be used for sending these notifications.

Anti-spam verification:

Please complete the anti-spam verification

[Antispam2 Feature: please please wait 1 or 2 minutes (this message will disappear) before pressing the button otherwise it will fail](--------)

To avoid this verification in future, please log in or register.

1 Answer

answered Mar 10 by dickmaley (4,120 points)

The key changes I made:

Added Firewall to RED1 with an address (192.168.1.254) to ensure it appears in that network
Fixed the missing quotes in address definitions for ORANGE and GREEN networks
Rearranged the network order in the diagram (RED1, RED2, ORANGE, GREEN)
Moved the cloud connections (ISP_A, ISP_B) outside the network definitions

The main trick here is that by explicitly defining the Firewall in both RED1 and RED2 networks with appropriate addresses, you're forcing the diagram to connect the Firewall to both networks at the top of the diagram.

If this doesn't achieve exactly what you want, another approach would be to consider using a different type of PlantUML diagram (like component diagrams) where you have more control over the layout, though that would require restructuring your diagram syntax.

@startuml
!include <office/Concepts/firewall>
!include <office/Devices/modem>
!include <office/Devices/router>
!include <office/Devices/workstation>
!include <office/Devices/workstation_pc>
!include <office/Servers/application_server>
!include <office/Servers/database_server>
!include <office/Servers/virtual_web_server>
!include <office/Servers/virtual_server>
!include <office/Servers/file_server>
!include <office/Servers/physical_host_solid_blue>

nwdiag {
network RED1 {
description = "RED1/WAN1"
address = "192.168.1.0/24"
color = red

routerA [address = "192.168.1.1", description = "<$modem>\nFast Fiber\nDynamic IP"];
Firewall [address = "192.168.1.254", description = "<$firewall>\nOPNsense"];
}

network RED2 {
description = "RED2/WAN2"
address = "192.168.2.0/24"
color = red

routerB [address = "192.168.2.1", description = "<$modem>\nSlow DSL\nFixed IP"];
Firewall [address = "192.168.2.254"];
}

network ORANGE {
description = "ORANGE/DMZ"
address = "192.168.9.0/24"
color = orange

Firewall [address = "192.168.9.254"];
WebServer [address = "192.168.9.8", description = "<$virtual_web_server>\nwebserver"];
OtherServer [address = "192.168.9.7", description = "<$virtual_server>\nuserver"];
}

network GREEN {
description = "GREEN/LAN"
address = "192.168.7.0/24"
color = palegreen

Firewall [address = "192.168.7.254"];
cinderella [address = "192.168.7.12", description = "<$workstation>\ncinderella"];
controller [address = "192.168.7.x", description = "<$workstation_pc>\ncontroller"];
workstation [address = "192.168.7.90", description = "<$file_server>\nSynology"];
}

ISP_A [shape = cloud];
ISP_A -- routerA;

ISP_B [shape = cloud];
ISP_B -- routerB;

group {
color = "SkyBlue";
description = "<$physical_host_solid_blue>\nLXD Server";
Firewall;
WebServer;
OtherServer;
}
}
@enduml

Forcing net positions in nwdiag

Your comment on this question:

Your answer

1 Answer

Your comment on this answer:

Forcing net positions in nwdiag

Your comment on this question:

Your answer

1 Answer

Your comment on this answer:

Related questions