Difference between revisions of "NEUTRON-IPV6-MANUAL"
John a joyce (talk | contribs) (Created page with "The purpose of this wiki is to describe how the features and functionality available in openstack (using neutron networking) as of the Kilo release. The functionality describ...") |
John a joyce (talk | contribs) |
||
| Line 1: | Line 1: | ||
The purpose of this wiki is to describe how the features and functionality available in openstack (using neutron networking) as of the Kilo release. The functionality describe is based on the in-Tree supported components. It is intended to serve as a guide for how to deploy IPv6 enabled instances. Where appropriate features planned for Liberty or beyond may be described. | The purpose of this wiki is to describe how the features and functionality available in openstack (using neutron networking) as of the Kilo release. The functionality describe is based on the in-Tree supported components. It is intended to serve as a guide for how to deploy IPv6 enabled instances. Where appropriate features planned for Liberty or beyond may be described. | ||
| − | + | = The Basics = | |
Openstack Neutron has supported IPV6 tenant subnets for a number of releases, but the Kilo release adds a number of new features, functionality and bug fixes to make it more robust. The focus of the document is to describe: | Openstack Neutron has supported IPV6 tenant subnets for a number of releases, but the Kilo release adds a number of new features, functionality and bug fixes to make it more robust. The focus of the document is to describe: | ||
| − | + | * How to enable dual IPv4 and IPv6 enabled instances. | |
| − | + | * How those instances receive an IPV6 address. | |
| − | + | * How those instance communicate across a router to other subnets or the internet. | |
| − | + | * How those instance interact with other openstack services. | |
To enable a dual stack network in neutron simply requires creating a subnet with the v6 flag set. In addition the address mode needs to be chosen. This is described more completely below. Finally, the subnets prefix needs to be provided. The guest instance is created normally the procedure is not changed for dual stack versus how it was done for IPv4 only. | To enable a dual stack network in neutron simply requires creating a subnet with the v6 flag set. In addition the address mode needs to be chosen. This is described more completely below. Finally, the subnets prefix needs to be provided. The guest instance is created normally the procedure is not changed for dual stack versus how it was done for IPv4 only. | ||
| − | + | = Not in Scope = | |
Things not in the scope of this document include: | Things not in the scope of this document include: | ||
| − | + | * Single stack IPv6 tenant networking | |
| − | + | * Openstack control communication between servers and services over an IPv6 network. | |
| − | + | * Connection to the Openstack APIs via an IPv6 transport network | |
| − | + | * IPv6 multicast | |
| − | + | * IPv6 support in conjunction with any out of tree routers, switches, services or agents whether in physical or virtual form factors. | |
| − | + | = Tenant Network Considerations = | |
| − | + | == Dataplane == | |
Both the linuxbridge and the OVS dataplane modules support forwarding IPV6 packets amongst the guests and router ports. Similar to IPv4 there is no special configuration or setup required to enable the dataplane to properly forward packets from the source to the destination. | Both the linuxbridge and the OVS dataplane modules support forwarding IPV6 packets amongst the guests and router ports. Similar to IPv4 there is no special configuration or setup required to enable the dataplane to properly forward packets from the source to the destination. | ||
| − | + | == Address Modes for Subnets == | |
I would start this section by cut and pasting from Rohit’s whitepaper using the IPv6 addressing support in Neutron section. We probably want to have placeholders for some of the Liberty work like prefix delegation, etc. | I would start this section by cut and pasting from Rohit’s whitepaper using the IPv6 addressing support in Neutron section. We probably want to have placeholders for some of the Liberty work like prefix delegation, etc. | ||
| − | + | == IPV6 Neutron Router == | |
Describe which modes the default router can use and configuration related to it, especially its interaction with provider networks and the upstream gateway. | Describe which modes the default router can use and configuration related to it, especially its interaction with provider networks and the upstream gateway. | ||
| − | + | === IPv6 Neutron Router === | |
I would start this section by cut and pasting from Rohit’s whitepaper using the Router ports section | I would start this section by cut and pasting from Rohit’s whitepaper using the Router ports section | ||
| − | + | === IPV6 Distributed Virtual Router === | |
Does this need its own section? | Does this need its own section? | ||
| − | + | = Services Consideration = | |
| − | + | == VPNaaS == | |
Need help on this. Is it a future? | Need help on this. Is it a future? | ||
| − | + | == FWaaS == | |
Need help on this. Is it a future? | Need help on this. Is it a future? | ||
| − | + | == LBaaS == | |
Need help on this. Is it a future? | Need help on this. Is it a future? | ||
| − | + | == NAT & Floating IPs == | |
At the current time Openstack Neutron does not provide any facilitates to support and flavor of NAT with IPv6. Unlike IPv4 there is no current embedded support for floating IPs with IPV6. It is assumed that the IPv6 addressing amongst the tenants are GUA addresses with no over-lap across the tenants. | At the current time Openstack Neutron does not provide any facilitates to support and flavor of NAT with IPv6. Unlike IPv4 there is no current embedded support for floating IPs with IPV6. It is assumed that the IPv6 addressing amongst the tenants are GUA addresses with no over-lap across the tenants. | ||
| − | + | = Security Considerations = | |
Initially this is probably just stating the security group rules relative to Ipv6 that are applied. | Initially this is probably just stating the security group rules relative to Ipv6 that are applied. | ||
| − | + | = Configuring Interfaces of the Guest = | |
| − | + | = Openstack Control & Management Network Considerations = | |
Probably this just gets lefts as Future item. | Probably this just gets lefts as Future item. | ||
| − | + | = References = | |
Point to other Ipv6 documents | Point to other Ipv6 documents | ||
Revision as of 22:07, 20 April 2015
The purpose of this wiki is to describe how the features and functionality available in openstack (using neutron networking) as of the Kilo release. The functionality describe is based on the in-Tree supported components. It is intended to serve as a guide for how to deploy IPv6 enabled instances. Where appropriate features planned for Liberty or beyond may be described.
Contents
The Basics
Openstack Neutron has supported IPV6 tenant subnets for a number of releases, but the Kilo release adds a number of new features, functionality and bug fixes to make it more robust. The focus of the document is to describe:
- How to enable dual IPv4 and IPv6 enabled instances.
- How those instances receive an IPV6 address.
- How those instance communicate across a router to other subnets or the internet.
- How those instance interact with other openstack services.
To enable a dual stack network in neutron simply requires creating a subnet with the v6 flag set. In addition the address mode needs to be chosen. This is described more completely below. Finally, the subnets prefix needs to be provided. The guest instance is created normally the procedure is not changed for dual stack versus how it was done for IPv4 only.
Not in Scope
Things not in the scope of this document include:
- Single stack IPv6 tenant networking
- Openstack control communication between servers and services over an IPv6 network.
- Connection to the Openstack APIs via an IPv6 transport network
- IPv6 multicast
- IPv6 support in conjunction with any out of tree routers, switches, services or agents whether in physical or virtual form factors.
Tenant Network Considerations
Dataplane
Both the linuxbridge and the OVS dataplane modules support forwarding IPV6 packets amongst the guests and router ports. Similar to IPv4 there is no special configuration or setup required to enable the dataplane to properly forward packets from the source to the destination.
Address Modes for Subnets
I would start this section by cut and pasting from Rohit’s whitepaper using the IPv6 addressing support in Neutron section. We probably want to have placeholders for some of the Liberty work like prefix delegation, etc.
IPV6 Neutron Router
Describe which modes the default router can use and configuration related to it, especially its interaction with provider networks and the upstream gateway.
IPv6 Neutron Router
I would start this section by cut and pasting from Rohit’s whitepaper using the Router ports section
IPV6 Distributed Virtual Router
Does this need its own section?
Services Consideration
VPNaaS
Need help on this. Is it a future?
FWaaS
Need help on this. Is it a future?
LBaaS
Need help on this. Is it a future?
NAT & Floating IPs
At the current time Openstack Neutron does not provide any facilitates to support and flavor of NAT with IPv6. Unlike IPv4 there is no current embedded support for floating IPs with IPV6. It is assumed that the IPv6 addressing amongst the tenants are GUA addresses with no over-lap across the tenants.
Security Considerations
Initially this is probably just stating the security group rules relative to Ipv6 that are applied.
Configuring Interfaces of the Guest
Openstack Control & Management Network Considerations
Probably this just gets lefts as Future item.
References
Point to other Ipv6 documents
