From 6a5f928648dee3732f90005ed7c9462fa041d7a6 Mon Sep 17 00:00:00 2001
From: Mauritz Uphoff <mauritz.uphoff@me.com>
Date: Tue, 10 Jun 2025 16:32:16 +0200
Subject: [PATCH] Initial commit

---
 .forgejo/workflows/default-workflow.yaml |  28 ++++++
 .gitignore                               |  40 +++++++++
 00-provider.tf                           |  25 ++++++
 01-config.tf                             |  66 ++++++++++++++
 02-user_data                             |  73 ++++++++++++++++
 03-network.tf                            |  70 +++++++++++++++
 04-master.tf                             |  44 ++++++++++
 05-backup.tf                             |  44 ++++++++++
 06-ha.tf                                 |  30 +++++++
 README.md                                |  67 ++++++++++++++
 docs/ha.d2                               |  21 +++++
 docs/ha.svg                              | 104 ++++++++++++++++++++++
 docs/vip.d2                              |  29 +++++++
 docs/vip.svg                             | 106 +++++++++++++++++++++++
 example.env                              |   4 +
 keepalive.conf                           |  30 +++++++
 16 files changed, 781 insertions(+)
 create mode 100644 .forgejo/workflows/default-workflow.yaml
 create mode 100644 .gitignore
 create mode 100644 00-provider.tf
 create mode 100644 01-config.tf
 create mode 100644 02-user_data
 create mode 100644 03-network.tf
 create mode 100644 04-master.tf
 create mode 100644 05-backup.tf
 create mode 100644 06-ha.tf
 create mode 100644 README.md
 create mode 100644 docs/ha.d2
 create mode 100644 docs/ha.svg
 create mode 100644 docs/vip.d2
 create mode 100644 docs/vip.svg
 create mode 100644 example.env
 create mode 100644 keepalive.conf

diff --git a/.forgejo/workflows/default-workflow.yaml b/.forgejo/workflows/default-workflow.yaml
new file mode 100644
index 0000000..6c85152
--- /dev/null
+++ b/.forgejo/workflows/default-workflow.yaml
@@ -0,0 +1,28 @@
+name: CI
+
+on: [push]
+
+jobs:
+  secrets-scan:
+    name: TruffleHog Secrets Scan
+    runs-on: docker
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: trufflehog-actions-scan
+        uses: https://github.com/edplato/trufflehog-actions-scan@master
+
+  terraform:
+    name: Terraform Format & Validate
+    runs-on: docker
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - uses: https://github.com/hashicorp/setup-terraform@v3
+        with:
+          terraform_version: "1.5.7"
+
+      - name: Format Terraform Code
+        run: terraform fmt -recursive -check
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..4783ca5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,40 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version 
+# control as they are data points which are potentially sensitive and subject 
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+.env
+.terraform.lock.hcl
+conf.img
+.DS_Store
+
+.idea
\ No newline at end of file
diff --git a/00-provider.tf b/00-provider.tf
new file mode 100644
index 0000000..723accf
--- /dev/null
+++ b/00-provider.tf
@@ -0,0 +1,25 @@
+/*
+Copyright 2023 Schwarz IT KG <markus.brunsch@mail.schwarz>
+Copyright 2024-2025 STACKIT GmbH & Co. KG <markus.brunsch@stackit.cloud>
+
+Use of this source code is governed by an MIT-style
+license that can be found in the LICENSE file or at
+https://opensource.org/licenses/MIT.
+*/
+
+# Define required providers
+terraform {
+  required_version = ">= 0.14.0"
+  required_providers {
+    stackit = {
+      source  = "stackitcloud/stackit"
+      version = "0.47.0"
+    }
+  }
+}
+
+# Configure the STACKIT Provider
+provider "stackit" {
+  region                = "eu01"
+  service_account_token = var.STACKIT_SERVICE_ACCOUNT_TOKEN
+}
diff --git a/01-config.tf b/01-config.tf
new file mode 100644
index 0000000..77c0406
--- /dev/null
+++ b/01-config.tf
@@ -0,0 +1,66 @@
+/*
+Copyright 2023 Schwarz IT KG <markus.brunsch@mail.schwarz>
+Copyright 2024-2025 STACKIT GmbH & Co. KG <markus.brunsch@stackit.cloud>
+
+Use of this source code is governed by an MIT-style
+license that can be found in the LICENSE file or at
+https://opensource.org/licenses/MIT.
+*/
+
+#
+# Custom User Settings
+#
+
+# STACKIT Availability Zone
+variable "zone" {
+  type        = string
+  description = ""
+  default     = "eu01-m"
+}
+
+# STACKIT VM Flavor
+variable "flavor" {
+  type        = string
+  description = ""
+  default     = "c1.2"
+}
+
+# Local VPC Subnet to create STACKIT Network
+variable "LOCAL_SUBNET" {
+  type        = string
+  description = ""
+  default     = "10.0.0.0/24"
+}
+
+############################################
+
+#
+# System Settings (do not edit)
+#
+
+# STACKIT Service Account Token
+variable "STACKIT_SERVICE_ACCOUNT_TOKEN" {
+  type        = string
+  description = ""
+}
+
+variable "STACKIT_PROJECT_ID" {
+  type        = string
+  description = ""
+}
+
+variable "debian_image" {
+  type    = string
+  default = "b641bf53-4dd4-4ba9-a1ff-9739920fbe73"
+}
+
+resource "random_shuffle" "az" {
+  input        = ["eu01-1", "eu01-2", "eu01-3"]
+  result_count = 1
+}
+
+# SSH Key Pair
+resource "stackit_key_pair" "admin-keypair" {
+  name       = "brunsch-keypair"
+  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDUswz82ZkG2G/2ZYZjo1/Q3srmqcB0zIwpO9GD1X7baH41QEKRY3FGb7KpD6gU1zEKcQYDI8cSmF9ICN51GgRD/+P+B4b59S/z5KUQ10H5QaeFGxBIKxgcWmSGFTMhamMmn/8nG+vI4HEHWSEgpiOQ1vjRDboncW2ac4EH+eZkk2dJAYPWcQorPTW89cRYzaBrhLO+3gpCEyK9Ke4Tf3emnCilYbS+g/qQqo67qR7tW3lYYpJbAEm/ARQhVeyP5mYhOYXwMkiaBOqQ7Wgip0Gc6p9KbGS5ZOe04bhomDJqgK88N03xgGo2st2mbVAKBDpE4kcwxNF08jIeA7UGQ8Si1YJ/vfchTE+dRWwTf5GuB2/Kh/CqaOM8Tb2yFGMPVobeg7EIJd+d5OteX4/9entwXIWkPLtQdWsTubTsSM+eVbgVJ5cv62LkhD8bpm2cEDrvuFWrCO0A2q3KEdlUa2alK8yhgez8mzIgEPDfOcB0SZoQMvilVYVGqnlkriwB9jKRb3WXhqksv8UaPyfE3rlIKAdXEmaWpTNOhsk4RrMjiivSm6L+p/oqwntRE6rqug+jHLqXwfbxwwMl0ouF0GPm2pFdPo4Ki6VE3JBEo71t//GugCHbFb7bRdHEHxKvfTcpIywz3MlDkHWsQKMCRDacpED/i3Snt9Mwxr2ApNli4Q=="
+}
diff --git a/02-user_data b/02-user_data
new file mode 100644
index 0000000..98956d3
--- /dev/null
+++ b/02-user_data
@@ -0,0 +1,73 @@
+#cloud-config
+# Update apt database on first boot (run 'apt-get update').
+# Note, if packages are given, or package_upgrade is true, then
+# update will be done independent of this setting.
+#
+# Default: false
+package_update: true
+
+# Upgrade the instance on first boot
+#
+# Default: false
+package_upgrade: true
+
+# Install additional packages on first boot
+#
+# Default: none
+#
+# if packages are specified, then package_update will be set to true
+#
+# packages may be supplied as a single package name or as a list
+# with the format [<package>, <version>] wherein the specific
+# package version will be installed.
+packages:
+ - apache2
+ - libapache2-mod-php
+ - keepalived
+ - htop
+
+# This is the configuration syntax that the write_files module
+# will know how to understand. Encoding can be given b64 or gzip or (gz+b64).
+# The content will be decoded accordingly and then written to the path that is
+# provided. 
+#
+# Note: Content strings here are truncated for example purposes.
+write_files:
+- content: |
+    <center><h1><?php print(gethostname()); ?></h1>
+  path: /var/www/html/index.php
+- content: |
+   global_defs {
+      router_id 1337
+
+      # This 3 settings make sure that the inital garp request will be sended 5 times with 1 sec in between to make
+      # sure the garp will be processed also if one request was missed by openstack.
+      vrrp_garp_master_repeat 5
+      vrrp_garp_interval 1
+      vrrp_garp_lower_prio_repeat 1
+
+      # Send garp every 5 min again to make sure everything is set in openstack if something failes.
+      vrrp_garp_master_refresh 300
+      vrrp_garp_master_refresh_repeat 1
+
+      # Make sure that in case 2 keepalived are in master state that the new master will send a garp again.
+      vrrp_higher_prio_send_advert true
+    }
+    vrrp_instance VI_1 {
+            state ${type}
+            interface enp3s0
+            virtual_router_id 51
+            priority ${priority}
+            advert_int 1
+            authentication {
+                  auth_type PASS
+                  auth_pass 12345
+            }
+            virtual_ipaddress {
+                  10.0.0.123/24
+            }
+    }
+  path: /etc/keepalived/keepalived.conf
+
+runcmd:
+  - [ systemctl, restart, keepalived.service ]
\ No newline at end of file
diff --git a/03-network.tf b/03-network.tf
new file mode 100644
index 0000000..06e05f8
--- /dev/null
+++ b/03-network.tf
@@ -0,0 +1,70 @@
+/*
+Copyright 2023 Schwarz IT KG <markus.brunsch@mail.schwarz>
+Copyright 2024-2025 STACKIT GmbH & Co. KG <markus.brunsch@stackit.cloud>
+
+Use of this source code is governed by an MIT-style
+license that can be found in the LICENSE file or at
+https://opensource.org/licenses/MIT.
+*/
+
+# Create vNET Network
+resource "stackit_network" "default" {
+  project_id       = var.STACKIT_PROJECT_ID
+  ipv4_prefix      = "10.1.2.0/24"
+  name             = "default"
+  ipv4_nameservers = ["9.9.9.9", "1.1.1.1"]
+}
+
+# Security Group
+resource "stackit_security_group" "active-passive" {
+  project_id = var.STACKIT_PROJECT_ID
+  name       = "ha-active-passive"
+}
+
+resource "stackit_security_group_rule" "icmp" {
+  project_id        = var.STACKIT_PROJECT_ID
+  security_group_id = stackit_security_group.active-passive.security_group_id
+  direction         = "ingress"
+  icmp_parameters = {
+    code = 0
+    type = 8
+  }
+  protocol = {
+    name = "icmp"
+  }
+}
+
+resource "stackit_security_group_rule" "ssh" {
+  project_id        = var.STACKIT_PROJECT_ID
+  security_group_id = stackit_security_group.active-passive.security_group_id
+  direction         = "ingress"
+  port_range = {
+    min = 22
+    max = 22
+  }
+  protocol = {
+    name = "tcp"
+  }
+}
+
+resource "stackit_security_group_rule" "http" {
+  project_id        = var.STACKIT_PROJECT_ID
+  security_group_id = stackit_security_group.active-passive.security_group_id
+  direction         = "ingress"
+  port_range = {
+    min = 80
+    max = 80
+  }
+  protocol = {
+    name = "tcp"
+  }
+}
+
+resource "stackit_security_group_rule" "vrrp" {
+  project_id        = var.STACKIT_PROJECT_ID
+  security_group_id = stackit_security_group.active-passive.security_group_id
+  direction         = "ingress"
+  protocol = {
+    name = "vrrp"
+  }
+}
diff --git a/04-master.tf b/04-master.tf
new file mode 100644
index 0000000..3fbf1b6
--- /dev/null
+++ b/04-master.tf
@@ -0,0 +1,44 @@
+/*
+Copyright 2023 Schwarz IT KG <markus.brunsch@mail.schwarz>
+Copyright 2024-2025 STACKIT GmbH & Co. KG <markus.brunsch@stackit.cloud>
+
+Use of this source code is governed by an MIT-style
+license that can be found in the LICENSE file or at
+https://opensource.org/licenses/MIT.
+*/
+
+# Create virtual Server
+resource "stackit_server" "example01" {
+  project_id = var.STACKIT_PROJECT_ID
+  name       = "example01"
+  boot_volume = {
+    size                  = 64
+    source_type           = "image"
+    source_id             = var.debian_image
+    performance_class     = "storage_premium_perf6"
+    delete_on_termination = true
+  }
+  machine_type      = "c1.4"
+  availability_zone = "eu01-1"
+  keypair_name      = stackit_key_pair.admin-keypair.name
+  depends_on        = [stackit_network_interface.example01]
+}
+
+resource "stackit_network_interface" "example01" {
+  project_id         = var.STACKIT_PROJECT_ID
+  network_id         = stackit_network.default.network_id
+  allowed_addresses  = [format("%s/%s", stackit_network_interface.vip01.ipv4, "32")]
+  security_group_ids = [stackit_security_group.active-passive.security_group_id]
+}
+
+resource "stackit_server_network_interface_attach" "example01-nic-attachment" {
+  project_id           = var.STACKIT_PROJECT_ID
+  server_id            = stackit_server.example01.server_id
+  network_interface_id = stackit_network_interface.example01.network_interface_id
+}
+
+resource "stackit_public_ip" "example01-wan" {
+  project_id           = var.STACKIT_PROJECT_ID
+  network_interface_id = stackit_network_interface.example01.network_interface_id
+  depends_on           = [stackit_server_network_interface_attach.example01-nic-attachment]
+}
diff --git a/05-backup.tf b/05-backup.tf
new file mode 100644
index 0000000..5fca48c
--- /dev/null
+++ b/05-backup.tf
@@ -0,0 +1,44 @@
+/*
+Copyright 2023 Schwarz IT KG <markus.brunsch@mail.schwarz>
+Copyright 2024-2025 STACKIT GmbH & Co. KG <markus.brunsch@stackit.cloud>
+
+Use of this source code is governed by an MIT-style
+license that can be found in the LICENSE file or at
+https://opensource.org/licenses/MIT.
+*/
+
+# Create virtual Server
+resource "stackit_server" "example02" {
+  project_id = var.STACKIT_PROJECT_ID
+  name       = "example02"
+  boot_volume = {
+    size                  = 64
+    source_type           = "image"
+    source_id             = var.debian_image
+    performance_class     = "storage_premium_perf6"
+    delete_on_termination = true
+  }
+  machine_type      = "c1.4"
+  availability_zone = "eu01-2"
+  keypair_name      = stackit_key_pair.admin-keypair.name
+  depends_on        = [stackit_network_interface.example02]
+}
+
+resource "stackit_network_interface" "example02" {
+  project_id         = var.STACKIT_PROJECT_ID
+  network_id         = stackit_network.default.network_id
+  allowed_addresses  = [format("%s/%s", stackit_network_interface.vip01.ipv4, "32")]
+  security_group_ids = [stackit_security_group.active-passive.security_group_id]
+}
+
+resource "stackit_server_network_interface_attach" "example02-nic-attachment" {
+  project_id           = var.STACKIT_PROJECT_ID
+  server_id            = stackit_server.example02.server_id
+  network_interface_id = stackit_network_interface.example02.network_interface_id
+}
+
+resource "stackit_public_ip" "example02-wan" {
+  project_id           = var.STACKIT_PROJECT_ID
+  network_interface_id = stackit_network_interface.example02.network_interface_id
+  depends_on           = [stackit_server_network_interface_attach.example02-nic-attachment]
+}
diff --git a/06-ha.tf b/06-ha.tf
new file mode 100644
index 0000000..11d0bc6
--- /dev/null
+++ b/06-ha.tf
@@ -0,0 +1,30 @@
+/*
+Copyright 2023 Schwarz IT KG <markus.brunsch@mail.schwarz>
+Copyright 2024-2025 STACKIT GmbH & Co. KG <markus.brunsch@stackit.cloud>
+
+Use of this source code is governed by an MIT-style
+license that can be found in the LICENSE file or at
+https://opensource.org/licenses/MIT.
+*/
+
+# Create VIP Port
+#resource "terraform_data" "spoke-local-1" {
+#  provisioner "local-exec" {
+#    command = "curl --location 'https://iaas.api.eu01.stackit.cloud/v1alpha1/projects/${var.STACKIT_PROJECT_ID}/networks/${stackit_network.default.network_id}/virtual-ips' --header 'Content-Type: application/json' --header 'Authorization: Bearer ${var.STACKIT_SERVICE_ACCOUNT_TOKEN}' --data '{\"ip\":\"10.1.2.10\",\"labels\":{\"key\":\"sap\"},\"members\":[\"${stackit_network_interface.example01.network_interface_id}\",\"${stackit_network_interface.example02.network_interface_id}\"],\"name\":\"vip01\"}'"
+#  }
+#  depends_on = [ 
+#    stackit_network_interface.example01,
+#    stackit_network_interface.example02
+#  ]
+#}
+
+resource "stackit_network_interface" "vip01" {
+  project_id = var.STACKIT_PROJECT_ID
+  network_id = stackit_network.default.network_id
+  security   = false
+}
+
+resource "stackit_public_ip" "vip01-wan" {
+  project_id           = var.STACKIT_PROJECT_ID
+  network_interface_id = stackit_network_interface.vip01.network_interface_id
+}
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..73cc0cb
--- /dev/null
+++ b/README.md
@@ -0,0 +1,67 @@
+# Basic HA Setup (VRRP)
+
+Documentation on how to set up an active passive VRRP Cluster
+All the needed Commands use the STACKIT Cli.
+
+Overview core components:
+
+VRRP Sync between two Virtual Machines including Security Groups and Port Security setup (additional adresses)
+![](docs/ha.svg)
+
+![](docs/vip.svg)
+
+## Basic Network Config
+Creation of a STACKIT Network where the VMs and NIC adapters will be placed.
+```bash
+NETWORKID=$(stackit network create --name demo --ipv4-dns-name-servers "1.1.1.1,8.8.8.8,9.9.9.9" --ipv4-prefix "10.1.2.0/24" -y -o json | jq -r .networkId) 
+```
+
+## Security Groups
+
+Basic Security Group to allow VRRP & ICMP Traffic for failover
+
+**Create the Security Group**:
+```bash
+SECGROUPID=$(stackit security-group create --name VRRP -y -o json | jq -r .id)
+```
+
+**Create the Security Rules**:
+Allow VRRP & ICMP for testing only
+```bash
+stackit security-group rule create --security-group-id $SECGROUPID --direction ingress --protocol-name icmp 
+stackit security-group rule create --security-group-id $SECGROUPID --direction ingress --protocol-name vrrp 
+```
+
+## Network Adapters
+
+We need three network interfaces.
+One for each server an the third for registering the internal vip address.
+
+**Network Interface for the VIP**:
+```bash
+VIPNICID=$(stackit network-interface create --network-id $NETWORKID --name vipPort -y -o json | jq -r .id)
+```
+
+**Get the (v)IP of the NIC**:
+```bash
+VIPIP=$(stackit network-interface describe $VIPNICID --network-id $NETWORKID -o json | jq -r .ipv4)
+```
+
+**Network Interface for the VMs**:
+```bash
+NICID=$(stackit network-interface create --network-id $NETWORKID --allowed-addresses $VIPIP --name <nicName> --security-groups $SECGROUPID,<defaultSecGroupId> -y -o json | jq -r .id)
+```
+
+## Set up the virtual Machines
+
+Create two VMs with a Debian 12 as OS.
+
+```bash
+stackit server create --boot-volume-performance-class storage_premium_perf4 --boot-volume-size 32 --boot-volume-source-type image --boot-volume-source-id 03e19c6a-d73a-4ba9-96af-4bd03cf905d3 --keypair-name <sshKeyPair> --availability-zone eu01-1 --machine-type c1.2 --name <serverName> --network-interface-ids $NICID
+```
+
+## External floating Addresses (HA)
+To access the HA cluster from the Internet bind a Public IP to our vIP NIC adapter so the WAN ip is always pointed to the active replica.
+```bash
+stackit public-ip create --associated-resource-id $VIPNICID
+```
\ No newline at end of file
diff --git a/docs/ha.d2 b/docs/ha.d2
new file mode 100644
index 0000000..033ed23
--- /dev/null
+++ b/docs/ha.d2
@@ -0,0 +1,21 @@
+direction: right
+
+NIC VM 1: {
+    style: {
+        stroke: black
+        font-color: "#004E5A"
+        fill: "#F8EC17"
+        opacity: 0.8
+      }
+}
+
+NIC VM 2: {
+    style: {
+        stroke: black
+        font-color: "#004E5A"
+        fill: "#F8EC17"
+        opacity: 0.8
+      }
+}
+
+NIC VM 1 -- NIC VM 2: VRRP HA Sync
\ No newline at end of file
diff --git a/docs/ha.svg b/docs/ha.svg
new file mode 100644
index 0000000..b4d7884
--- /dev/null
+++ b/docs/ha.svg
@@ -0,0 +1,104 @@
+<?xml version="1.0" encoding="utf-8"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" data-d2-version="0.6.9" preserveAspectRatio="xMinYMin meet" viewBox="0 0 641 268"><svg class="d2-3159559924 d2-svg" width="641" height="268" viewBox="-89 -89 641 268"><rect x="-89.000000" y="-89.000000" width="641.000000" height="268.000000" rx="0.000000" fill="#FFFFFF" class=" fill-N7" stroke-width="0" /><style type="text/css"><![CDATA[
+.d2-3159559924 .text-bold {
+	font-family: "d2-3159559924-font-bold";
+}
+@font-face {
+	font-family: d2-3159559924-font-bold;
+	src: url("data:application/font-woff;base64,d09GRgABAAAAAAoAAAoAAAAAD5QAAguFAAAAAAAAAAAAAAAAAAAAAAAAAABPUy8yAAAA9AAAAGAAAABgXxHXrmNtYXAAAAFUAAAAgwAAAKYCtgLRZ2x5ZgAAAdgAAAP5AAAEsFKBHGloZWFkAAAF1AAAADYAAAA2G38e1GhoZWEAAAYMAAAAJAAAACQKfwXQaG10eAAABjAAAABEAAAARCSqAzdsb2NhAAAGdAAAACQAAAAkCRgKmm1heHAAAAaYAAAAIAAAACAAKQD3bmFtZQAABrgAAAMoAAAIKgjwVkFwb3N0AAAJ4AAAAB0AAAAg/9EAMgADAioCvAAFAAACigJYAAAASwKKAlgAAAFeADIBKQAAAgsHAwMEAwICBGAAAvcAAAADAAAAAAAAAABBREJPACAAIP//Au7/BgAAA9gBESAAAZ8AAAAAAfAClAAAACAAA3icdM0/zsEAHIDhp1/7/auis6lX4AZiYSANiQvY7Q5isZgdQJAYuIjESX6SLibv+gwvEqkEhcwOPaVUrjIwNDIxU1tYWlnbRKDSb2xsqjZ/WzzjEfe4xTUucY5THOMQ+9g2h08lukpfUplvP379+ZdrKbR1eAEAAP//AQAA//9pICFyAHicXJNPbBtFFMbfjDfexnXsru3dtRP/iyfeddzGcTze3eI4cQKx64I3idOkqtQ4qaJSqGibClxSQSt6AaSyRUg1UJQKgUQvCA49UvFHQiAuPXDpBQnUClQOPbSHCClNvEZrR1XhNNLo6fe+733vQRfMAuAV3AAbdIMbPMADUK6fi1NZJqxGNY2INk1GHDuLPeaNL+RBZnCQSUavRd5YXkb6Em40Tx3VV1b+WR4dNT/95pZ5Bb12CwC3HgPg57AB3cABeFkqS5JM7Habl3qJTNj7e95z9/T1MM7A49s3b19P/JJAz+fzI2do9rT5Njaa9fV1AAAEqdYGTuNr0AfQFZMkJauqNCOIrCSRmN3O+wSaUTXRjmpzlw8tXJkrHO+fDmhk38G9h8uJgn96zln58PSpT6o0tiSGMkvPHj87EFg8Bgh0ALyADdht+aU8VShHOMLpV+81GvewsbXVrKM95qO2Bh0A7mIDbO1aTr9qCdxhfI0NiLT/vYIgUlXVvJQjlkyNsCyRZRLGPK9/ftLhcTAOzvHSZ++w3TZGqVVrWYbZxWLD/CM4Hg6PB1GsWX8YnZmNrG9urkdmZ6IPd3rjCjbA2+khUklSLK02mQgCz+sffznBMC7Derp6sGF++0H2Uu5+s46K76sXcn8DAG4z0tgAJ/jalIwg8D67nRCeoxklKxGi3y2fK5XqxWr5/ER+Chvy4kxlZfh3NPcyTcITxiFsgAvEpxisFaZFUTuYB8VXpwpK48bFaiU3NparYCN+ZLpcE82tBw/QsZF0WrI8kdYGduBrkGxnKmuC0AHIcgr/N2DeJ4hiRy3yTbyVmSeHE6khunehPy+Nnpzafzb5QnRCloaeSc6PlnJnnOnUi2EpFoqEPAOu4dKweiS7L1kL9EWC4TAX888X1cX9gFqbAJhiA3oAqO2p3Gzf/3x92i26GZffpX/0EzbMX5UTqnpCQel23gOtDfQd2obe/+9iR2lnE+0oUFydLL8+lToQLJKoUiik/SlvLn7YOXZu7lB9LCwuhyqTEzrvPhbt6+z4pDVgtL2TjiWGZgSeI1zWIrPc5HkHE9Uz1YNXQ9Fgwo8eFcJDr9TM26hfTQRE86bFcLbGURM9su5EfDJTTbNRcceeRm0ufF7od/eynl3xhIP9oXFgt8fB7OK681e+EvfP/GhnzqKugVAv+vNOrBQnB8gdc/f4QrKjsQSAfsNvghOgfSuKqmrW4ZQur2XLsVNra2j1qCPoa26vderDAOgv/C4ErfpxrHSsyG1r7TxZVaWUj1cvlkYGY5p/dnhlqrCkjC5m/Xnh0rx+8eTQ8IjcO5OhmaNjyuqqauu6AP8CAAD//wEAAP//wTYGnwAAAAABAAAAAguFg7Fgp18PPPUAAQPoAAAAANhdoIQAAAAA3WYvNv43/sQIbQPxAAEAAwACAAAAAAAAAAEAAAPY/u8AAAiY/jf+NwhtAAEAAAAAAAAAAAAAAAAAAAARArIAUADIAAACPf/6AkYALgKiAE0BLQBNAvoATQKZAE0CVABNAmUATQIsACMCLP/5AdMAJAI8AEECCQAMAhAARgIQAB4AAAAsACwAUAB8AJIAngDQAPIBFAE6AXoBlgHCAeQCFAIsAlgAAQAAABEAkAAMAGMABwABAAAAAAAAAAAAAAAAAAQAA3icnJTPbhtVFMZ/TmzTCsECRVW6ie6CRZHo2FRJ1TYrh9SKRRQHjwtCQkgTz/iPMp4ZeSYO4QlY8xa8RVc8BM+BWKP5fOzYBdEmipJ8d+75851zvnOBHf5mm0r1IfBHPTFcYa9+bniLB/UTw9u061uGqzyp/Wm4RlibG67zea1n+CPeVn8z/ID96k+GH7JbbRv+mGfVHcOfbDv+Mvwp+7xd4Aq84FfDFXbJDG+xw4+Gt3mExaxUeUTTcI3P2DNcZw/oM6EgZkLCCMeQCSOumBGR4xMxY8KQiBBHhxYxhb4mBEKO0X9+DfApmBEo4pgCR4xPTEDO2CL+Iq+Uc2Uc6jSzuxYFYwIu5HFJQIIjZURKQsSl4hQUZLyiQYOcgfhmFOR45EyI8UiZMaJBlzan9BkzIcfRVqSSmU/KkIJrAuV3ZlF2ZkBEQm6srkgIxdOJXyTvDqc4umSyXY98uhHhSxzfybvklsr2Kzz9ujVmm3mXbALm6mesrsS6udYEx7ot87b4VrjgFe5e/dlk8v4ehfpfKPIFV5p/qEklYpLg3C4tfCnId49xHOncwVdHvqdDnxO6vKGvc4sePVqc0afDa/l26eH4mi5nHMujI7y4a0sxZ/yA4xs6siljR9afxcQifiYzdefiOFMdUzL1vGTuqdZIFd59wuUOpRvqyOUz0B6Vlk7zS7RnASNTRSaGU/VyqY3c+heaIqaqpZzt7X25DXPbveUW35Bqh0u1LjiVk1swet9UvXc0c60fj4CQlAtZDEiZ0qDgRrzPCbgixnGs7p1oSwpaK58yz41UEjEVgw6J4szI9Dcw3fjGfbChe2dvSSj/kunlqqr7ZHHq1e2M3qh7yzvfuhytTaBhU03X1DQQ18S0H2mn1vn78s31uqU85YiUmPBfL8AzPJrsc8AhY2UY6GZur0NTL0STlxyq+ksiWQ2l58giHODxnAMOeMnzd/q4ZOKMi1txWc/d4pgjuhx+UBUL+y5HvF59+/+sv4tpU7U4nq5OL+49xSd3UOsX2rPb97KniZWTmFu02604I2BacnG76zW5x3j/AAAA//8BAAD///S3T1F4nGJgZgCD/+cYjBiwAAAAAAD//wEAAP//LwECAwAAAA==");
+}
+.d2-3159559924 .text-italic {
+	font-family: "d2-3159559924-font-italic";
+}
+@font-face {
+	font-family: d2-3159559924-font-italic;
+	src: url("data:application/font-woff;base64,d09GRgABAAAAAAogAAoAAAAAD9QAARhRAAAAAAAAAAAAAAAAAAAAAAAAAABPUy8yAAAA9AAAAGAAAABgW1SVeGNtYXAAAAFUAAAAgwAAAKYCtgLRZ2x5ZgAAAdgAAAQcAAAE6LZZn7BoZWFkAAAF9AAAADYAAAA2G7Ur2mhoZWEAAAYsAAAAJAAAACQLeAi1aG10eAAABlAAAABEAAAARCF0AW5sb2NhAAAGlAAAACQAAAAkCaALJm1heHAAAAa4AAAAIAAAACAAKQD2bmFtZQAABtgAAAMmAAAIMgntVzNwb3N0AAAKAAAAACAAAAAg/8YAMgADAeEBkAAFAAACigJY//EASwKKAlgARAFeADIBIwAAAgsFAwMEAwkCBCAAAHcAAAADAAAAAAAAAABBREJPAAEAIP//Au7/BgAAA9gBESAAAZMAAAAAAeYClAAAACAAA3icdM0/zsEAHIDhp1/7/auis6lX4AZiYSANiQvY7Q5isZgdQJAYuIjESX6SLibv+gwvEqkEhcwOPaVUrjIwNDIxU1tYWlnbRKDSb2xsqjZ/WzzjEfe4xTUucY5THOMQ+9g2h08lukpfUplvP379+ZdrKbR1eAEAAP//AQAA//9pICFyAHicVJNNbNPmH8d/z2Njt/mHoMaJQwL8k/hJ7DbNW+3YzksplJY0NElLUwoDEgishbUCFmDSmPbCSy7sBWShaocJbZO2w9Bu03aYtMtgB7SNww6betph1WBaJ01D1bQd4kxxu049W7+Pv28PbIEQAL6AF4GCbtgGTnADKFyQohRdJx5KkSTCsrrEcWzoBnp44x165NjPve//HfXTY9fvFX+rf4wXW+fQtdrVq+bxm3NzR1ZWzAj6YQUAALe/AUDfYwO6oQeAYxVJFCXCMAgpHJEIu5x9YKNtNO1TzG/R7LHSlPOXefRSo5FaSGfOmlPYaDUePQJAkGmv4hi+C36ALYIoqqkhrMi8hxVFIjiw28XziqzpHoZBQvE5LXns1VJ6arvGaWL25L6QMJ7rHQmQUM0+cmWivPjimB7pC0i7Z68M5mpqYIfsj0HnHwQAz2MD/tfxr1BBTqEIF6RIcyKNetPl5sQec2kIG+YKcrcaKG0+XLuBVWwAtXZDmhPNjugN3hfYAK/1jfMoukXUNJ2wFKE6ObAUadYyPJ1/UGsWS90+Oz35ZXQ3TzOOrnFsmO/evIlOtxroUnSh/475Iareic5Hzdvr7DPYAO5ftqZZ9A3qxNsRmnHY9heb5cV+mtlmy2PDrL4+cF5B1VYDfXBLWZDN9zodWayY5dtl0WTe7WIYQihOkTU1JRJCmp9XL41fPzSfGj45t1AqzGFj/PDBswPmX2js4GRGgQ2OhA3YCvx/HJYj1CbSp9WLF6YvT5+7pI8+e2K2WKhjIz99/EKPuYx481c0U8lrCbDys7dXkYnvQgTAI4iSbnWspkRJ6gxA0zYGwDBuF+/x8JbuJyON3syuGX1wKhYuRXJqNZer+xVvPh5Wdw2ESolU7ow9m+3vl0fTIZmP+w7ockVO9cb/3+dP7hATfGznmJ49ngIEFQA8bPkBhVI4nl9PGd3KTe7Y0kXRXtX32SHzHjbMRfW8pj6fQues6gFBuL2KPkFPYaelfdNcLbXra12anI2WT6nRQT7GibuSh7VMNqDxgq9sP1MbvTyTELxJj3u0MbIv7+uRXeE1th8ALaGnsN1KmVWsJNwu1tqWmiICw1L+U3tYuq8SH1K7hkqDNF3YWYjvR48PhAaG0/6Q+TWKurZvLUbi5kcWs32/nUDL6DH4AFgr645AfZNrB2ZsAYfX6QwPe53TJbGTQE/Y+VbJ/MmbK3zHspnu3TJBT8zfg2VCSgLqaf2RKEfXNPsA0DX8mvW2dIUjuqYrlML6tr5Zv2ib0XMv3LDvRT/KdqF1f29Hz58A6Cv8RueO6ENUZzsCw0rrVh2YDbK2rvrtEwlFDQwLUvRIsvJMpPLKNHLZ41Mvnz4ajw4G/Umx7+ioeqLeKOyDfwAAAP//AQAA//+5wRSeAAEAAAABGFHElL13Xw889QABA+gAAAAA2F2gzAAAAADdZi83/r3+3QgdA8kAAgADAAIAAAAAAAAAAQAAA9j+7wAACED+vf28CB0D6ADC/9EAAAAAAAAAAAAAABECdAAkAMgAAAH+/8sCJgA5Am4AIwD8ACMCwQAjAmsAIwImACMCKwAjAfoADAHwAFIBswAlAg0AHwHA/8IB4AAaAeD/9gAAAC4ALgBSAIQAngCsANoBAAEkAUwBjAGqAdgCAgIyAkoCdAABAAAAEQCMAAwAZgAHAAEAAAAAAAAAAAAAAAAABAADeJyclNtOG1cUhj8H2216uqhQRG7QvkylZEyjECXhypSgjIpw6nF6kKpKgz0+iPHMyDOYkifodd+ib5GrPkafoup1tX8vgx1FQSAE/Hv2OvxrrX9tYJP/2KBWvwv83ZwbrrHd/NnwHb5oHhneYL/5meE6Dxv/GG4waLw13ORBo2v4E97V/zT8KU/qvxm+y1b90PDnPK5vGv5yw/Gv4a94wrsFrsEz/jBcY4vC8B02+dXwBvewmLU699gx3OBrtg032QZ6TKhImZAxwjFkwogzZiSURCTMmDAkYYAjpE1Kpa8ZsZBj9MGvMREVM2JFHFPhSIlIiSkZW8S38sp5rYxDnWZ216ZiTMyJPE6JyXDkjMjJSDhVnIqKghe0aFHSF9+CipKAkgkpATkzRrTocMgRPcZMKHEcKpJnFpEzpOKcWPmdWfjO9EnIKI3VGRkD8XTil8g75AhHh0K2q5GP1iI8xPGjvD23XLbfEujXrTBbz7tkEzNXP1N1JdXNuSY41q3P2+YH4YoXuFv1Z53J9T0a6H+lyCecaf4DTSoTkwzntmgTSUGRu49jX+eQSB35iZAer+jwhp7Obbp0aXNMj5CX8u3QxfEdHY45kEcovLg7lGKO+QXH94Sy8bET689iYgm/U5i6S3GcqY4phXrumQeqNVGFN5+w36F8TR2lfPraI2/pNL9MexYzMlUUYjhVL5faKK1/A1PEVLX42V7d+22Y2+4tt/iCXDvs1brg5Ce3YHTdVIP3NHOun4CYATknsuiTM6VFxYV4vybmjBTHgbr3SltS0b708XkupJKEqRiEZIozo9Df2HQTGff+mu6dvSUD+Xump5dV3SaLU6+uZvRG3VveRdblZGUCLZtqvqKmvrhmpv1EO7XKP5Jvqdct5xGh4i52+0OvwA7P2WWPsbL0dTO/vPOvhLfYUwdOSWQ1lKZ9DY8J2CXgKbvs8pyn7/VyycYZH7fGZzV/mwP26bB3bTUL2w77vFyL9vHMf4ntjupxPLo8Pbv1NB/cQLXfaN+u3s2uJuenMbdoV9txTMzUc3FbqzW5+wT/AwAA//8BAAD//3KhUUAAAAADAAD/9QAA/84AMgAAAAAAAAAAAAAAAAAAAAAAAAAA");
+}]]></style><style type="text/css"><![CDATA[.shape {
+  shape-rendering: geometricPrecision;
+  stroke-linejoin: round;
+}
+.connection {
+  stroke-linecap: round;
+  stroke-linejoin: round;
+}
+.blend {
+  mix-blend-mode: multiply;
+  opacity: 0.5;
+}
+
+		.d2-3159559924 .fill-N1{fill:#0A0F25;}
+		.d2-3159559924 .fill-N2{fill:#676C7E;}
+		.d2-3159559924 .fill-N3{fill:#9499AB;}
+		.d2-3159559924 .fill-N4{fill:#CFD2DD;}
+		.d2-3159559924 .fill-N5{fill:#DEE1EB;}
+		.d2-3159559924 .fill-N6{fill:#EEF1F8;}
+		.d2-3159559924 .fill-N7{fill:#FFFFFF;}
+		.d2-3159559924 .fill-B1{fill:#000536;}
+		.d2-3159559924 .fill-B2{fill:#0F66B7;}
+		.d2-3159559924 .fill-B3{fill:#4393DD;}
+		.d2-3159559924 .fill-B4{fill:#87BFF3;}
+		.d2-3159559924 .fill-B5{fill:#BCDDFB;}
+		.d2-3159559924 .fill-B6{fill:#E5F3FF;}
+		.d2-3159559924 .fill-AA2{fill:#7639C5;}
+		.d2-3159559924 .fill-AA4{fill:#C1A2F3;}
+		.d2-3159559924 .fill-AA5{fill:#DACEFB;}
+		.d2-3159559924 .fill-AB4{fill:#EA99C6;}
+		.d2-3159559924 .fill-AB5{fill:#FFDEF1;}
+		.d2-3159559924 .stroke-N1{stroke:#0A0F25;}
+		.d2-3159559924 .stroke-N2{stroke:#676C7E;}
+		.d2-3159559924 .stroke-N3{stroke:#9499AB;}
+		.d2-3159559924 .stroke-N4{stroke:#CFD2DD;}
+		.d2-3159559924 .stroke-N5{stroke:#DEE1EB;}
+		.d2-3159559924 .stroke-N6{stroke:#EEF1F8;}
+		.d2-3159559924 .stroke-N7{stroke:#FFFFFF;}
+		.d2-3159559924 .stroke-B1{stroke:#000536;}
+		.d2-3159559924 .stroke-B2{stroke:#0F66B7;}
+		.d2-3159559924 .stroke-B3{stroke:#4393DD;}
+		.d2-3159559924 .stroke-B4{stroke:#87BFF3;}
+		.d2-3159559924 .stroke-B5{stroke:#BCDDFB;}
+		.d2-3159559924 .stroke-B6{stroke:#E5F3FF;}
+		.d2-3159559924 .stroke-AA2{stroke:#7639C5;}
+		.d2-3159559924 .stroke-AA4{stroke:#C1A2F3;}
+		.d2-3159559924 .stroke-AA5{stroke:#DACEFB;}
+		.d2-3159559924 .stroke-AB4{stroke:#EA99C6;}
+		.d2-3159559924 .stroke-AB5{stroke:#FFDEF1;}
+		.d2-3159559924 .background-color-N1{background-color:#0A0F25;}
+		.d2-3159559924 .background-color-N2{background-color:#676C7E;}
+		.d2-3159559924 .background-color-N3{background-color:#9499AB;}
+		.d2-3159559924 .background-color-N4{background-color:#CFD2DD;}
+		.d2-3159559924 .background-color-N5{background-color:#DEE1EB;}
+		.d2-3159559924 .background-color-N6{background-color:#EEF1F8;}
+		.d2-3159559924 .background-color-N7{background-color:#FFFFFF;}
+		.d2-3159559924 .background-color-B1{background-color:#000536;}
+		.d2-3159559924 .background-color-B2{background-color:#0F66B7;}
+		.d2-3159559924 .background-color-B3{background-color:#4393DD;}
+		.d2-3159559924 .background-color-B4{background-color:#87BFF3;}
+		.d2-3159559924 .background-color-B5{background-color:#BCDDFB;}
+		.d2-3159559924 .background-color-B6{background-color:#E5F3FF;}
+		.d2-3159559924 .background-color-AA2{background-color:#7639C5;}
+		.d2-3159559924 .background-color-AA4{background-color:#C1A2F3;}
+		.d2-3159559924 .background-color-AA5{background-color:#DACEFB;}
+		.d2-3159559924 .background-color-AB4{background-color:#EA99C6;}
+		.d2-3159559924 .background-color-AB5{background-color:#FFDEF1;}
+		.d2-3159559924 .color-N1{color:#0A0F25;}
+		.d2-3159559924 .color-N2{color:#676C7E;}
+		.d2-3159559924 .color-N3{color:#9499AB;}
+		.d2-3159559924 .color-N4{color:#CFD2DD;}
+		.d2-3159559924 .color-N5{color:#DEE1EB;}
+		.d2-3159559924 .color-N6{color:#EEF1F8;}
+		.d2-3159559924 .color-N7{color:#FFFFFF;}
+		.d2-3159559924 .color-B1{color:#000536;}
+		.d2-3159559924 .color-B2{color:#0F66B7;}
+		.d2-3159559924 .color-B3{color:#4393DD;}
+		.d2-3159559924 .color-B4{color:#87BFF3;}
+		.d2-3159559924 .color-B5{color:#BCDDFB;}
+		.d2-3159559924 .color-B6{color:#E5F3FF;}
+		.d2-3159559924 .color-AA2{color:#7639C5;}
+		.d2-3159559924 .color-AA4{color:#C1A2F3;}
+		.d2-3159559924 .color-AA5{color:#DACEFB;}
+		.d2-3159559924 .color-AB4{color:#EA99C6;}
+		.d2-3159559924 .color-AB5{color:#FFDEF1;}.appendix text.text{fill:#0A0F25}.md{--color-fg-default:#0A0F25;--color-fg-muted:#676C7E;--color-fg-subtle:#9499AB;--color-canvas-default:#FFFFFF;--color-canvas-subtle:#EEF1F8;--color-border-default:#000536;--color-border-muted:#0F66B7;--color-neutral-muted:#EEF1F8;--color-accent-fg:#0F66B7;--color-accent-emphasis:#0F66B7;--color-attention-subtle:#676C7E;--color-danger-fg:red;}.sketch-overlay-B1{fill:url(#streaks-darker-d2-3159559924);mix-blend-mode:lighten}.sketch-overlay-B2{fill:url(#streaks-dark-d2-3159559924);mix-blend-mode:overlay}.sketch-overlay-B3{fill:url(#streaks-dark-d2-3159559924);mix-blend-mode:overlay}.sketch-overlay-B4{fill:url(#streaks-normal-d2-3159559924);mix-blend-mode:color-burn}.sketch-overlay-B5{fill:url(#streaks-normal-d2-3159559924);mix-blend-mode:color-burn}.sketch-overlay-B6{fill:url(#streaks-bright-d2-3159559924);mix-blend-mode:darken}.sketch-overlay-AA2{fill:url(#streaks-dark-d2-3159559924);mix-blend-mode:overlay}.sketch-overlay-AA4{fill:url(#streaks-normal-d2-3159559924);mix-blend-mode:color-burn}.sketch-overlay-AA5{fill:url(#streaks-normal-d2-3159559924);mix-blend-mode:color-burn}.sketch-overlay-AB4{fill:url(#streaks-normal-d2-3159559924);mix-blend-mode:color-burn}.sketch-overlay-AB5{fill:url(#streaks-bright-d2-3159559924);mix-blend-mode:darken}.sketch-overlay-N1{fill:url(#streaks-darker-d2-3159559924);mix-blend-mode:lighten}.sketch-overlay-N2{fill:url(#streaks-dark-d2-3159559924);mix-blend-mode:overlay}.sketch-overlay-N3{fill:url(#streaks-normal-d2-3159559924);mix-blend-mode:color-burn}.sketch-overlay-N4{fill:url(#streaks-normal-d2-3159559924);mix-blend-mode:color-burn}.sketch-overlay-N5{fill:url(#streaks-bright-d2-3159559924);mix-blend-mode:darken}.sketch-overlay-N6{fill:url(#streaks-bright-d2-3159559924);mix-blend-mode:darken}.sketch-overlay-N7{fill:url(#streaks-bright-d2-3159559924);mix-blend-mode:darken}.light-code{display: block}.dark-code{display: none}]]></style><g class="TklDIFZNIDI=" style='opacity:0.800000'><g class="shape" ><rect x="346.000000" y="12.000000" width="105.000000" height="66.000000" stroke="black" fill="#F8EC17" style="stroke-width:2;" /></g><text x="398.500000" y="50.500000" fill="#004E5A" class="text-bold" style="text-anchor:middle;font-size:16px">NIC VM 2</text></g><g class="TklDIFZNIDE=" style='opacity:0.800000'><g class="shape" ><rect x="12.000000" y="12.000000" width="105.000000" height="66.000000" stroke="black" fill="#F8EC17" style="stroke-width:2;" /></g><text x="64.500000" y="50.500000" fill="#004E5A" class="text-bold" style="text-anchor:middle;font-size:16px">NIC VM 1</text></g><g class="KE5JQyBWTSAxIC0tIE5JQyBWTSAyKVswXQ=="><path d="M 119.000000 45.000000 L 344.000000 45.000000" stroke="#000536" fill="none" class="connection stroke-B1" style="stroke-width:2;" mask="url(#d2-3159559924)" /><text x="231.500000" y="51.000000" fill="#676C7E" class="text-italic fill-N2" style="text-anchor:middle;font-size:16px">VRRP HA Sync</text></g><mask id="d2-3159559924" maskUnits="userSpaceOnUse" x="-89" y="-89" width="641" height="268">
+<rect x="-89" y="-89" width="641" height="268" fill="white"></rect>
+<rect x="368.500000" y="34.500000" width="60" height="21" fill="rgba(0,0,0,0.75)"></rect>
+<rect x="34.500000" y="34.500000" width="60" height="21" fill="rgba(0,0,0,0.75)"></rect>
+<rect x="187.000000" y="35.000000" width="89" height="21" fill="black"></rect>
+</mask></svg></svg>
diff --git a/docs/vip.d2 b/docs/vip.d2
new file mode 100644
index 0000000..22df79d
--- /dev/null
+++ b/docs/vip.d2
@@ -0,0 +1,29 @@
+NIC vIP: {
+    style: {
+        stroke: black
+        font-color: "#004E5A"
+        fill: "#F8EC17"
+        opacity: 0.8
+      }
+}
+
+NIC VM 1: {
+    style: {
+        stroke: black
+        font-color: "#004E5A"
+        fill: "#F8EC17"
+        opacity: 0.8
+      }
+}
+
+NIC VM 2: {
+    style: {
+        stroke: black
+        font-color: "#004E5A"
+        fill: "#F8EC17"
+        opacity: 0.8
+      }
+}
+
+NIC vIP -> NIC VM 2: allowed address \n whitelist 
+NIC vIP -> NIC VM 1: allowed address \n whitelist 
\ No newline at end of file
diff --git a/docs/vip.svg b/docs/vip.svg
new file mode 100644
index 0000000..0f95875
--- /dev/null
+++ b/docs/vip.svg
@@ -0,0 +1,106 @@
+<?xml version="1.0" encoding="utf-8"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" data-d2-version="0.6.9" preserveAspectRatio="xMinYMin meet" viewBox="0 0 433 521"><svg class="d2-2916352944 d2-svg" width="433" height="521" viewBox="-88 -89 433 521"><rect x="-88.000000" y="-89.000000" width="433.000000" height="521.000000" rx="0.000000" fill="#FFFFFF" class=" fill-N7" stroke-width="0" /><style type="text/css"><![CDATA[
+.d2-2916352944 .text-bold {
+	font-family: "d2-2916352944-font-bold";
+}
+@font-face {
+	font-family: d2-2916352944-font-bold;
+	src: url("data:application/font-woff;base64,d09GRgABAAAAAAuQAAoAAAAAEbQAAguFAAAAAAAAAAAAAAAAAAAAAAAAAABPUy8yAAAA9AAAAGAAAABgXxHXrmNtYXAAAAFUAAAAlgAAAMADhgO7Z2x5ZgAAAewAAAVLAAAGjPeKFHJoZWFkAAAHOAAAADYAAAA2G38e1GhoZWEAAAdwAAAAJAAAACQKfwXXaG10eAAAB5QAAABgAAAAYCz7A9psb2NhAAAH9AAAADIAAAAyFTITuG1heHAAAAgoAAAAIAAAACAAMAD3bmFtZQAACEgAAAMoAAAIKgjwVkFwb3N0AAALcAAAAB0AAAAg/9EAMgADAioCvAAFAAACigJYAAAASwKKAlgAAAFeADIBKQAAAgsHAwMEAwICBGAAAvcAAAADAAAAAAAAAABBREJPACAAIP//Au7/BgAAA9gBESAAAZ8AAAAAAfAClAAAACAAA3icfM09SsMAAIbhJyb+xxj/VskV9ApODoqTu6CgIAgiehlFRMS5UFro0rOUHuQrhM5912d4USgVqFWGONUqNTrnLly6duPWnQdPnr1485Ggc9b71dLvPfb+6j3JLPNMM8k4owzyn7/85iff+cpnf1tV4diJNaXKug2btmzbsau2p7GvdeDQEQsAAAD//wEAAP//FLwnKQAAeJxcVFtsE9kZ/s/xeAYPzmVsz4wdHDv2iWfihNiJxzNDEhLn4jih2LkWAsqtjRCXJiQVOHJKQfCA2oqatmrSlpaqN7WqWsFDxVNRw1NLW+0+rAQS0kqsWAllJV6wVtFKSLG9mrEDiAdrpCOf//u/2wErTADgJbwFFrBBHTiAB1C4ABdSZJkwuqLrRLToMuKYCewo/eXPcpgKh6nWpjv+K4uLKLOAt4ors5mlpa8We3pKv/vnw9JtdPkhAIJIeRd34DtwCMAalCQ1rmlKTBAZSSJBmuZdghLTdJFG81O3pk/cnkqcCYx5dHL4WNvJ0ZaEe2zKnv7FxZVfTyrBBbExtjB45rvNnrlvAYIMALzAebAYeypcZhPni9nKOb6P8+A3z52CICqapjsVjhjQOmEYIsvEh3k+88cLrIOlWI4994cfMDYLpc5Pzscp6gCD86XPvH0+X58XBYvZ103jE/67b97c9U+MN72GKkYa58FZwRAVSVJVhSMWmQgCz2d+9fd+iqrNGx9rDc6X/vWz+I3unWIWDf9Eu9r9BQBgc0YHzoMdXOaUmCDwLpomhOeUmBqXCMm8GF1PpbLDk6Mb/UeTOC/PjaeXos/R1HmlFQAAld8AYAXnoQZAsbzH1fLoP78dqxPrqFp3beaX/8b50ifqWU07q6KOYhYwtJZ30VO0Bx4gAGLQMEU3/WBk0x2eIzKhaT2m6arp0aPkxM1NTML+/mY1uty9eHaDpfwjBzwh59hRv30mMXaqLiC7+W83Nq9eKr1UvOSS6Jxh2xrdoslVLu+iPbwNTmjaxzNDIBuivUUyN+Bdwpdzaz2L8fARD725wVINKeyWHc42F9Gi9h9/b3K9z+tO/6041NlANlyejxy1QyPHhgFDc3kXfY72wG04/17SDFWZgCAoMV2kaYsSN1CQf+TS4NBKz8h8lMKlZ2yqU9U6pYXfPJAPBzV7X3ZqMptILCedIZumBE43+FB3WI2amsOAQQhvV13jmX3BOHMwww1sMt7jscljm41N3hY33r532tO2PF/6GAW0Fo9Y+geUy6ADwHP8BEsgAAADItyqzC7vIgfehrqKSpzC7deD/l+6Z5OzWRnaYQ/ZZ49jUnwmOhC6aGUq3DGD9qDug5aZiZJjmhqvSouExFoyuZZIrCaTq4n2SKQ90t5u712fms729manp9Z7c5n+gXR6oD9T5Yp+ivbAYXI1wvWuugw3sMFSh9IS72XdNZ56b68LFWZinVbrdYoKx0ovAAFf3kW/R3sgm3xk3XDBWEaSI1iNvxvGuwTRh3kX/aTznDQYTPgDvsZIg6+n5cKJrhn/YEO8oatLauoNn7dL/jnPIdHJCU7W3twVHj4pu0+5BNntqT1IuiJD8xWPuPIuWsVZEE01VJWouq7wCk/ePjc0grnxZJq7ksuRRruHFZ26/Tsn/3+Rvnnz8n9bQzS1TNsrs+xG0VCh2jGx2jFdsTz461Y/62Qpm5MduP0nVHgVyshyJvSqVG/ecwPgAipA4IN7700gsiQZ6WeYras/76BZmmJqbPr1I7Y6hmJsTPRHuXvtTA1DMQeZw6iwExqVpG+QHfM7Gtop1T8mqZaWFHls4qUA0Kf4+8a+ilErVdN0I6CpW7n4aHAll0Nrs6zXVdzLVXj5ANBL/EPwGv/vw5WIVPtv5sZItsKHJq+lOsNB3T0RXUomFtSeubj7qHDjm5lrF9qjnXLDeEyJzfaqa2uaxXq1mhl4igr77/LAJiqU6gGV7+MumMZP4CAAZ74ARm1cdCgSCYUiEdzVSkir8YOvAQAA//8BAAD//1WUXwoAAAEAAAACC4UPG0qtXw889QABA+gAAAAA2F2ghAAAAADdZi82/jf+xAhtA/EAAQADAAIAAAAAAAAAAQAAA9j+7wAACJj+N/43CG0AAQAAAAAAAAAAAAAAAAAAABgCsgBQAMgAAAJGAC4BLQBNAvoATQKZAE0CVABNAiz/+QIPACoCPQAnAgYAJAI7AEEBFAA3AR4AQQIrACQBjgBBAbsAFQF/ABECCwAMAwgAGAIQAEYCEAAeARQAQQAA/60AAAAsACwAWABkAJYAuADaAPYBLgFgAZQBtgHCAd4CCgIqAmYCjAKoAuAC+AMkAzADRgAAAAEAAAAYAJAADABjAAcAAQAAAAAAAAAAAAAAAAAEAAN4nJyUz24bVRTGf05s0wrBAkVVuonugkWR6NhUSdU2K4fUikUUB48LQkJIE8/4jzKeGXkmDuEJWPMWvEVXPATPgVij+Xzs2AXRJoqSfHfu+fOdc75zgR3+ZptK9SHwRz0xXGGvfm54iwf1E8PbtOtbhqs8qf1puEZYmxuu83mtZ/gj3lZ/M/yA/epPhh+yW20b/phn1R3Dn2w7/jL8Kfu8XeAKvOBXwxV2yQxvscOPhrd5hMWsVHlE03CNz9gzXGcP6DOhIGZCwgjHkAkjrpgRkeMTMWPCkIgQR4cWMYW+JgRCjtF/fg3wKZgRKOKYAkeMT0xAztgi/iKvlHNlHOo0s7sWBWMCLuRxSUCCI2VESkLEpeIUFGS8okGDnIH4ZhTkeORMiPFImTGiQZc2p/QZMyHH0VakkplPypCCawLld2ZRdmZAREJurK5ICMXTiV8k7w6nOLpksl2PfLoR4Usc38m75JbK9is8/bo1Zpt5l2wC5upnrK7EurnWBMe6LfO2+Fa44BXuXv3ZZPL+HoX6XyjyBVeaf6hJJWKS4NwuLXwpyHePcRzp3MFXR76nQ58Turyhr3OLHj1anNGnw2v5dunh+JouZxzLoyO8uGtLMWf8gOMbOrIpY0fWn8XEIn4mM3Xn4jhTHVMy9bxk7qnWSBXefcLlDqUb6sjlM9AelZZO80u0ZwEjU0UmhlP1cqmN3PoXmiKmqqWc7e19uQ1z273lFt+QaodLtS44lZNbMHrfVL13NHOtH4+AkJQLWQxImdKg4Ea8zwm4IsZxrO6daEsKWiufMs+NVBIxFYMOieLMyPQ3MN34xn2woXtnb0ko/5Lp5aqq+2Rx6tXtjN6oe8s737ocrU2gYVNN19Q0ENfEtB9pp9b5+/LN9bqlPOWIlJjwXy/AMzya7HPAIWNlGOhmbq9DUy9Ek5ccqvpLIlkNpefIIhzg8ZwDDnjJ83f6uGTijItbcVnP3eKYI7ocflAVC/suR7xeffv/rL+LaVO1OJ6uTi/uPcUnd1DrF9qz2/eyp4mVk5hbtNutOCNgWnJxu+s1ucd4/wAAAP//AQAA///0t09ReJxiYGYAg//nGIwYsAAAAAAA//8BAAD//y8BAgMAAAA=");
+}
+.d2-2916352944 .text-italic {
+	font-family: "d2-2916352944-font-italic";
+}
+@font-face {
+	font-family: d2-2916352944-font-italic;
+	src: url("data:application/font-woff;base64,d09GRgABAAAAAAugAAoAAAAAEiQAARhRAAAAAAAAAAAAAAAAAAAAAAAAAABPUy8yAAAA9AAAAGAAAABgW1SVeGNtYXAAAAFUAAAAlgAAAMADhgO7Z2x5ZgAAAewAAAVcAAAG9B7SDdhoZWFkAAAHSAAAADYAAAA2G7Ur2mhoZWEAAAeAAAAAJAAAACQLeAi8aG10eAAAB6QAAABgAAAAYCkDA41sb2NhAAAIBAAAADIAAAAyFqYVCm1heHAAAAg4AAAAIAAAACAAMAD2bmFtZQAACFgAAAMmAAAIMgntVzNwb3N0AAALgAAAACAAAAAg/8YAMgADAeEBkAAFAAACigJY//EASwKKAlgARAFeADIBIwAAAgsFAwMEAwkCBCAAAHcAAAADAAAAAAAAAABBREJPAAEAIP//Au7/BgAAA9gBESAAAZMAAAAAAeYClAAAACAAA3icfM09SsMAAIbhJyb+xxj/VskV9ApODoqTu6CgIAgiehlFRMS5UFro0rOUHuQrhM5912d4USgVqFWGONUqNTrnLly6duPWnQdPnr1485Ggc9b71dLvPfb+6j3JLPNMM8k4owzyn7/85iff+cpnf1tV4diJNaXKug2btmzbsau2p7GvdeDQEQsAAAD//wEAAP//FLwnKQAAeJx8VFtsG1kZ/s+ZyUwujuN4fImdxJc545nEHTuJx56Jm9iOc3Vj50rTa5xLRaAJLYSCoKgNbROpKqAWU0VIIARI5YGKtyIeKiEQUIkIqW8IgRBIIMhKm32KoqpbrcerGbtptyvty+jIx+f7vvN93/mhDgQA/GW8CxQ0QAvYwQmgcEGKUjSNuClFkgjLahLHscI22tv+MT1y4f9dP/9Q9tMTdx7nP1j5Fd4tX0G3i7du6Rfvra2dPTjQw+hvBwAACJKVIxzBPwE/QB0viol4Gisxl5sVRcJbsdPhcikxVXMzDOLzl9XeC1uF/rk2lVPFk8vDAj850DUSIELRMnJ9emr3mxNauDsgpT5/fXCgmAi0x/wRk4MAwBEuAWXoViiyM72DS+XN13v4t7gEHnOPcyua8Q9OVTXCUoSSCMOwFNkpJl30+J+KO/lCg9dCz/xBTrloxlo/iUv6T+/dQ5fKm+iavHHiof4LtPhQXpf1BzXsL+AScK+xVdVEP0ad/mGYZqyNY/mdqd0TNNPSOI5L+uJ3+q4qaLG8iR7dVzZi+s8AAJtYEVyCJnCYaDGX08EwhFCcElMTcZEQsvN08drkndPr8ezy2kYht4ZLk2dmv9inv0QTszNJper3PADO4hI0AyiUwrlcNVXo/sBMe109RXsS3t+c1h/jkr6buKomvhJHV0yrAINUOUIv0SE4DDVu/jgsRVMoohGGkWKqph0n9+uhgjy5pEipVppLr2bqaXLOLs4IsjPWIYwk/H2Wiwvj31pUuoIp3ZsL9QxFe/4h8uFTxVgmdcyHJbwHTqOBn+D7bMKTdsomTpVqjNOhdxmlwPLvyv3vUmIIVY7Q79EheCH0Np/hNBtkjptIKarhuEh45n9n1iP5xV4t67PU6c8aAiPhzqTb1zn3owqm7N0ksWTZWB3bnJejs7EOxZqZDXlaFacfhZramjv6/AuAjN6jv+O9Wv9YVlFVM1vWLGEiTniGpfwPpnptdPe8nE7UpwuDNJ3ryEXH8N5BivRk+/2C/hckO9qa8+Go/stKxcCEV/gJFsEFAAy4c9Xs5coRvMJ7YDdul4gbXWQYp6N2ratZ5sbUFkKtFMOiRpcl0+rBXyr/gG2g7AgP0PSbDvwTHUILdL7tkdNhxVLM9IXwBqjrrzNL8uRSbGZZzi+FI3OKGjM+lssXx762EK1+h4Y3R4cnRjZHh8dNfYYXN9Eh2KpemFa4WbFqwWqmie4sRDzOdptXKPhTaL8opxpG6zMD+nNAlY8qR2gLHYJkqpI0M61EXJSMmWJ6Wp0phjS3GSnzqK/o6XUPieFUd380KZ+So5MdUU4Jin1qIB3vnbfEu0R/V5R4Jb833X0iGxJ8XQ5vxO8T7fygHBkNGZoHK0foHL4CHTU3VI0jGaywCksog6tm7tOhOI2SE00FIdt+w7KVpDp4q7ep1dZjyURavM3Inqy7ezetv2+3+3yNdRrbYmAPAKD/oP1Pv9XtiYJAMzTdKnDfn9LLaF9/j+SJcEpAHt1bzXocAP8Z7UPwnbNvVhShRLE6idZJwYYQolvabbfzrRgj2uq13cr9a9lq/trZ8g20r/+XH+X5UR753lp5USPJCUKO6C8AgRcA3cbfhiYARVM4oqmaQimst/l7K19tXNAGvr5tGUL/jln48h+HAFDlBQB6hr9rnCNamqp2h5VqL8CK2SDbWL/yYKlHSQSyvCSf7Z0/F56/+TnksETnblw6H5UHg/5esfv8aGJpZTM3XOsQPEf7r2e9f3XqEto3TUEwgfPwBD8x9HFmVtUpep3zEbejk+C82+UJtrk8gY8BAAD//wEAAP//AOps1AABAAAAARhRyMu1O18PPPUAAQPoAAAAANhdoMwAAAAA3WYvN/69/t0IHQPJAAIAAwACAAAAAAAAAAEAAAPY/u8AAAhA/r39vAgdA+gAwv/RAAAAAAAAAAAAAAAYAnQAJADIAAACJgA5APwAIwLBACMCawAjAiYAIwHwAFICGQAnAhcAJwHhACUCCwAfAO0AHwD4ACwCAwAnAVYAHwGS//wBRQA8AcAAOwLDAEYB4AAaAeD/9gDtAB8AAABHAAAALgAuAGAAbgCcAMIA5gEEATwBdAGuAdgB5AIGAjQCUgKOArwC2gMUAywDVgNkA3oAAAABAAAAGACMAAwAZgAHAAEAAAAAAAAAAAAAAAAABAADeJyclNtOG1cUhj8H2216uqhQRG7QvkylZEyjECXhypSgjIpw6nF6kKpKgz0+iPHMyDOYkifodd+ib5GrPkafoup1tX8vgx1FQSAE/Hv2OvxrrX9tYJP/2KBWvwv83ZwbrrHd/NnwHb5oHhneYL/5meE6Dxv/GG4waLw13ORBo2v4E97V/zT8KU/qvxm+y1b90PDnPK5vGv5yw/Gv4a94wrsFrsEz/jBcY4vC8B02+dXwBvewmLU699gx3OBrtg032QZ6TKhImZAxwjFkwogzZiSURCTMmDAkYYAjpE1Kpa8ZsZBj9MGvMREVM2JFHFPhSIlIiSkZW8S38sp5rYxDnWZ216ZiTMyJPE6JyXDkjMjJSDhVnIqKghe0aFHSF9+CipKAkgkpATkzRrTocMgRPcZMKHEcKpJnFpEzpOKcWPmdWfjO9EnIKI3VGRkD8XTil8g75AhHh0K2q5GP1iI8xPGjvD23XLbfEujXrTBbz7tkEzNXP1N1JdXNuSY41q3P2+YH4YoXuFv1Z53J9T0a6H+lyCecaf4DTSoTkwzntmgTSUGRu49jX+eQSB35iZAer+jwhp7Obbp0aXNMj5CX8u3QxfEdHY45kEcovLg7lGKO+QXH94Sy8bET689iYgm/U5i6S3GcqY4phXrumQeqNVGFN5+w36F8TR2lfPraI2/pNL9MexYzMlUUYjhVL5faKK1/A1PEVLX42V7d+22Y2+4tt/iCXDvs1brg5Ce3YHTdVIP3NHOun4CYATknsuiTM6VFxYV4vybmjBTHgbr3SltS0b708XkupJKEqRiEZIozo9Df2HQTGff+mu6dvSUD+Xump5dV3SaLU6+uZvRG3VveRdblZGUCLZtqvqKmvrhmpv1EO7XKP5Jvqdct5xGh4i52+0OvwA7P2WWPsbL0dTO/vPOvhLfYUwdOSWQ1lKZ9DY8J2CXgKbvs8pyn7/VyycYZH7fGZzV/mwP26bB3bTUL2w77vFyL9vHMf4ntjupxPLo8Pbv1NB/cQLXfaN+u3s2uJuenMbdoV9txTMzUc3FbqzW5+wT/AwAA//8BAAD//3KhUUAAAAADAAD/9QAA/84AMgAAAAAAAAAAAAAAAAAAAAAAAAAA");
+}]]></style><style type="text/css"><![CDATA[.shape {
+  shape-rendering: geometricPrecision;
+  stroke-linejoin: round;
+}
+.connection {
+  stroke-linecap: round;
+  stroke-linejoin: round;
+}
+.blend {
+  mix-blend-mode: multiply;
+  opacity: 0.5;
+}
+
+		.d2-2916352944 .fill-N1{fill:#0A0F25;}
+		.d2-2916352944 .fill-N2{fill:#676C7E;}
+		.d2-2916352944 .fill-N3{fill:#9499AB;}
+		.d2-2916352944 .fill-N4{fill:#CFD2DD;}
+		.d2-2916352944 .fill-N5{fill:#DEE1EB;}
+		.d2-2916352944 .fill-N6{fill:#EEF1F8;}
+		.d2-2916352944 .fill-N7{fill:#FFFFFF;}
+		.d2-2916352944 .fill-B1{fill:#000536;}
+		.d2-2916352944 .fill-B2{fill:#0F66B7;}
+		.d2-2916352944 .fill-B3{fill:#4393DD;}
+		.d2-2916352944 .fill-B4{fill:#87BFF3;}
+		.d2-2916352944 .fill-B5{fill:#BCDDFB;}
+		.d2-2916352944 .fill-B6{fill:#E5F3FF;}
+		.d2-2916352944 .fill-AA2{fill:#7639C5;}
+		.d2-2916352944 .fill-AA4{fill:#C1A2F3;}
+		.d2-2916352944 .fill-AA5{fill:#DACEFB;}
+		.d2-2916352944 .fill-AB4{fill:#EA99C6;}
+		.d2-2916352944 .fill-AB5{fill:#FFDEF1;}
+		.d2-2916352944 .stroke-N1{stroke:#0A0F25;}
+		.d2-2916352944 .stroke-N2{stroke:#676C7E;}
+		.d2-2916352944 .stroke-N3{stroke:#9499AB;}
+		.d2-2916352944 .stroke-N4{stroke:#CFD2DD;}
+		.d2-2916352944 .stroke-N5{stroke:#DEE1EB;}
+		.d2-2916352944 .stroke-N6{stroke:#EEF1F8;}
+		.d2-2916352944 .stroke-N7{stroke:#FFFFFF;}
+		.d2-2916352944 .stroke-B1{stroke:#000536;}
+		.d2-2916352944 .stroke-B2{stroke:#0F66B7;}
+		.d2-2916352944 .stroke-B3{stroke:#4393DD;}
+		.d2-2916352944 .stroke-B4{stroke:#87BFF3;}
+		.d2-2916352944 .stroke-B5{stroke:#BCDDFB;}
+		.d2-2916352944 .stroke-B6{stroke:#E5F3FF;}
+		.d2-2916352944 .stroke-AA2{stroke:#7639C5;}
+		.d2-2916352944 .stroke-AA4{stroke:#C1A2F3;}
+		.d2-2916352944 .stroke-AA5{stroke:#DACEFB;}
+		.d2-2916352944 .stroke-AB4{stroke:#EA99C6;}
+		.d2-2916352944 .stroke-AB5{stroke:#FFDEF1;}
+		.d2-2916352944 .background-color-N1{background-color:#0A0F25;}
+		.d2-2916352944 .background-color-N2{background-color:#676C7E;}
+		.d2-2916352944 .background-color-N3{background-color:#9499AB;}
+		.d2-2916352944 .background-color-N4{background-color:#CFD2DD;}
+		.d2-2916352944 .background-color-N5{background-color:#DEE1EB;}
+		.d2-2916352944 .background-color-N6{background-color:#EEF1F8;}
+		.d2-2916352944 .background-color-N7{background-color:#FFFFFF;}
+		.d2-2916352944 .background-color-B1{background-color:#000536;}
+		.d2-2916352944 .background-color-B2{background-color:#0F66B7;}
+		.d2-2916352944 .background-color-B3{background-color:#4393DD;}
+		.d2-2916352944 .background-color-B4{background-color:#87BFF3;}
+		.d2-2916352944 .background-color-B5{background-color:#BCDDFB;}
+		.d2-2916352944 .background-color-B6{background-color:#E5F3FF;}
+		.d2-2916352944 .background-color-AA2{background-color:#7639C5;}
+		.d2-2916352944 .background-color-AA4{background-color:#C1A2F3;}
+		.d2-2916352944 .background-color-AA5{background-color:#DACEFB;}
+		.d2-2916352944 .background-color-AB4{background-color:#EA99C6;}
+		.d2-2916352944 .background-color-AB5{background-color:#FFDEF1;}
+		.d2-2916352944 .color-N1{color:#0A0F25;}
+		.d2-2916352944 .color-N2{color:#676C7E;}
+		.d2-2916352944 .color-N3{color:#9499AB;}
+		.d2-2916352944 .color-N4{color:#CFD2DD;}
+		.d2-2916352944 .color-N5{color:#DEE1EB;}
+		.d2-2916352944 .color-N6{color:#EEF1F8;}
+		.d2-2916352944 .color-N7{color:#FFFFFF;}
+		.d2-2916352944 .color-B1{color:#000536;}
+		.d2-2916352944 .color-B2{color:#0F66B7;}
+		.d2-2916352944 .color-B3{color:#4393DD;}
+		.d2-2916352944 .color-B4{color:#87BFF3;}
+		.d2-2916352944 .color-B5{color:#BCDDFB;}
+		.d2-2916352944 .color-B6{color:#E5F3FF;}
+		.d2-2916352944 .color-AA2{color:#7639C5;}
+		.d2-2916352944 .color-AA4{color:#C1A2F3;}
+		.d2-2916352944 .color-AA5{color:#DACEFB;}
+		.d2-2916352944 .color-AB4{color:#EA99C6;}
+		.d2-2916352944 .color-AB5{color:#FFDEF1;}.appendix text.text{fill:#0A0F25}.md{--color-fg-default:#0A0F25;--color-fg-muted:#676C7E;--color-fg-subtle:#9499AB;--color-canvas-default:#FFFFFF;--color-canvas-subtle:#EEF1F8;--color-border-default:#000536;--color-border-muted:#0F66B7;--color-neutral-muted:#EEF1F8;--color-accent-fg:#0F66B7;--color-accent-emphasis:#0F66B7;--color-attention-subtle:#676C7E;--color-danger-fg:red;}.sketch-overlay-B1{fill:url(#streaks-darker-d2-2916352944);mix-blend-mode:lighten}.sketch-overlay-B2{fill:url(#streaks-dark-d2-2916352944);mix-blend-mode:overlay}.sketch-overlay-B3{fill:url(#streaks-dark-d2-2916352944);mix-blend-mode:overlay}.sketch-overlay-B4{fill:url(#streaks-normal-d2-2916352944);mix-blend-mode:color-burn}.sketch-overlay-B5{fill:url(#streaks-normal-d2-2916352944);mix-blend-mode:color-burn}.sketch-overlay-B6{fill:url(#streaks-bright-d2-2916352944);mix-blend-mode:darken}.sketch-overlay-AA2{fill:url(#streaks-dark-d2-2916352944);mix-blend-mode:overlay}.sketch-overlay-AA4{fill:url(#streaks-normal-d2-2916352944);mix-blend-mode:color-burn}.sketch-overlay-AA5{fill:url(#streaks-normal-d2-2916352944);mix-blend-mode:color-burn}.sketch-overlay-AB4{fill:url(#streaks-normal-d2-2916352944);mix-blend-mode:color-burn}.sketch-overlay-AB5{fill:url(#streaks-bright-d2-2916352944);mix-blend-mode:darken}.sketch-overlay-N1{fill:url(#streaks-darker-d2-2916352944);mix-blend-mode:lighten}.sketch-overlay-N2{fill:url(#streaks-dark-d2-2916352944);mix-blend-mode:overlay}.sketch-overlay-N3{fill:url(#streaks-normal-d2-2916352944);mix-blend-mode:color-burn}.sketch-overlay-N4{fill:url(#streaks-normal-d2-2916352944);mix-blend-mode:color-burn}.sketch-overlay-N5{fill:url(#streaks-bright-d2-2916352944);mix-blend-mode:darken}.sketch-overlay-N6{fill:url(#streaks-bright-d2-2916352944);mix-blend-mode:darken}.sketch-overlay-N7{fill:url(#streaks-bright-d2-2916352944);mix-blend-mode:darken}.light-code{display: block}.dark-code{display: none}]]></style><g class="TklDIHZJUA==" style='opacity:0.800000'><g class="shape" ><rect x="81.000000" y="12.000000" width="95.000000" height="66.000000" stroke="black" fill="#F8EC17" style="stroke-width:2;" /></g><text x="128.500000" y="50.500000" fill="#004E5A" class="text-bold" style="text-anchor:middle;font-size:16px">NIC vIP</text></g><g class="TklDIFZNIDE=" style='opacity:0.800000'><g class="shape" ><rect x="138.000000" y="265.000000" width="105.000000" height="66.000000" stroke="black" fill="#F8EC17" style="stroke-width:2;" /></g><text x="190.500000" y="303.500000" fill="#004E5A" class="text-bold" style="text-anchor:middle;font-size:16px">NIC VM 1</text></g><g class="TklDIFZNIDI=" style='opacity:0.800000'><g class="shape" ><rect x="13.000000" y="265.000000" width="105.000000" height="66.000000" stroke="black" fill="#F8EC17" style="stroke-width:2;" /></g><text x="65.500000" y="303.500000" fill="#004E5A" class="text-bold" style="text-anchor:middle;font-size:16px">NIC VM 2</text></g><g class="KE5JQyB2SVAgLSZndDsgTklDIFZNIDIpWzBd"><marker id="mk-d2-2916352944-3488378134" markerWidth="10.000000" markerHeight="12.000000" refX="7.000000" refY="6.000000" viewBox="0.000000 0.000000 10.000000 12.000000" orient="auto" markerUnits="userSpaceOnUse"> <polygon points="0.000000,0.000000 10.000000,6.000000 0.000000,12.000000" fill="#000536" class="connection fill-B1" stroke-width="2" /> </marker><path d="M 112.666000 80.000000 L 112.666000 108.000000 S 112.666000 118.000000 102.666000 118.000000 L 76.000000 118.000000 S 66.000000 118.000000 66.000000 128.000000 L 66.000000 261.000000" stroke="#000536" fill="none" class="connection stroke-B1" style="stroke-width:2;" marker-end="url(#mk-d2-2916352944-3488378134)" mask="url(#d2-2916352944)" /><text x="66.000000" y="146.000000" fill="#676C7E" class="text-italic fill-N2" style="text-anchor:middle;font-size:16px"><tspan x="66.000000" dy="0.000000">allowed address </tspan><tspan x="66.000000" dy="18.500000"> whitelist</tspan></text></g><g class="KE5JQyB2SVAgLSZndDsgTklDIFZNIDEpWzBd"><path d="M 144.332993 80.000000 L 144.332993 108.000000 S 144.332993 118.000000 154.332993 118.000000 L 181.000000 118.000000 S 191.000000 118.000000 191.000000 128.000000 L 191.000000 261.000000" stroke="#000536" fill="none" class="connection stroke-B1" style="stroke-width:2;" marker-end="url(#mk-d2-2916352944-3488378134)" mask="url(#d2-2916352944)" /><text x="191.000000" y="146.000000" fill="#676C7E" class="text-italic fill-N2" style="text-anchor:middle;font-size:16px"><tspan x="191.000000" dy="0.000000">allowed address </tspan><tspan x="191.000000" dy="18.500000"> whitelist</tspan></text></g><mask id="d2-2916352944" maskUnits="userSpaceOnUse" x="-88" y="-89" width="433" height="521">
+<rect x="-88" y="-89" width="433" height="521" fill="white"></rect>
+<rect x="103.500000" y="34.500000" width="50" height="21" fill="rgba(0,0,0,0.75)"></rect>
+<rect x="160.500000" y="287.500000" width="60" height="21" fill="rgba(0,0,0,0.75)"></rect>
+<rect x="35.500000" y="287.500000" width="60" height="21" fill="rgba(0,0,0,0.75)"></rect>
+<rect x="12.000000" y="130.000000" width="108" height="37" fill="black"></rect>
+<rect x="137.000000" y="130.000000" width="108" height="37" fill="black"></rect>
+</mask></svg></svg>
diff --git a/example.env b/example.env
new file mode 100644
index 0000000..d707323
--- /dev/null
+++ b/example.env
@@ -0,0 +1,4 @@
+# STACKIT Service Account Token
+export TF_VAR_STACKIT_SERVICE_ACCOUNT_TOKEN=
+# STACKIT ProjectID
+export TF_VAR_STACKIT_PROJECT_ID=
\ No newline at end of file
diff --git a/keepalive.conf b/keepalive.conf
new file mode 100644
index 0000000..51eefbd
--- /dev/null
+++ b/keepalive.conf
@@ -0,0 +1,30 @@
+global_defs {
+	router_id 1337
+
+    # This 3 settings make sure that the inital garp request will be sended 5 times with 1 sec in between to make
+    # sure the garp will be processed also if one request was missed by openstack.
+	vrrp_garp_master_repeat 5
+	vrrp_garp_interval 1
+	vrrp_garp_lower_prio_repeat 1
+
+    # Send garp every 5 min again to make sure everything is set in openstack if something failes.
+	vrrp_garp_master_refresh 300
+	vrrp_garp_master_refresh_repeat 1
+
+    # Make sure that in case 2 keepalived are in master state that the new master will send a garp again.
+	vrrp_higher_prio_send_advert true
+}
+vrrp_instance VI_1 {
+        state BACKUP
+        interface enp6s0
+        virtual_router_id 51
+        priority 254
+        advert_int 1
+        authentication {
+              auth_type PASS
+              auth_pass 12345
+        }
+        virtual_ipaddress {
+              10.1.2.64/24
+        }
+}
\ No newline at end of file