cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marcus Sorensen <shadow...@gmail.com>
Subject Re: Status of VPC
Date Tue, 04 Sep 2012 20:11:30 GMT
Thanks for replying.

On Tue, Sep 4, 2012 at 1:41 PM, Alena Prokharchyk
<Alena.Prokharchyk@citrix.com> wrote:
> On 9/4/12 10:21 AM, "Marcus Sorensen" <shadowsor@gmail.com> wrote:
>
>>I've been working on bringing KVM up to speed on the VPC stuff, and
>>there are a few things I've come across that seem to be incomplete for
>>Xen as well. I'd just like to get some feedback on the current state
>>of VPC. I believe these are not specific issues to my implementation,
>>but if they should be working please say something so I can find my
>>problem.
>>
>>static routes - currently there doesn't seem to be anything creating
>>ip rules to point to the static_route table, nor does there seem to be
>>anything creating the static_route table, although vpc_staticroute.sh
>>attempts to modify it
>
> Anthony, do we add static_route table automatically when the private
> gateway is created?
>

I grepped through the code, and the only thing I could find adding ip
rules was ipassoc.sh (the Table_eth* tables) and the only thing I
could find doing stuff with a static_route routing table was
vpc_staticroute.sh (which complains that table static_route doesn't
exist).

>
>>
>>vpn - there is a script vpc_vpn_l2tp.sh, but I can't find anything
>>actually utilizing it. I assume there is no working vpn support in any
>>platform's Vpc implementation.
>
> There is no RemoteAccessVPN support in VPC. We support S2S VPN only.
>

So that vpc_vpn_l2tp.sh is to be ignored/removed? I do see that there
are existing Site2Site commands in both the Citrix resouce and the KVM
one, I believe they are the existing ones that call ipsectunnel.sh,
this will work with VPC without modification, or is the Xen stuff just
not that far along yet? Or perhaps better stated, please tell me what
VPN support Xen currently has with VPC and the associated commands so
I may emulate them for KVM.

>>
>>password - I've seen some emails regarding this, that the password
>>server doesn't seem to be set up for the various private nics
>
> I'll put the fix to master branch today.
>
>>
>>network ACLs - The functional spec states that all outgoing traffic
>>for guest networks is allowed, however I don't see any acls whatsoever
>>when creating new tiers
>
>
> I suspect it wasn't merged to master branch yet. Anthony, please do it.
>>
>
>

Mime
View raw message