cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Abhinandan Prateek <abhinandan.prat...@shapeblue.com>
Subject Re: [PROPOSE] Dynamic inter VPC routing
Date Thu, 28 Jan 2016 03:25:19 GMT
HI PL,

  I setup two VPCs with multiple tiers and ip as per the existing addressing scheme provided
by cloudstack. With Quagga on Vrs, setup zebra and ospf conf to publish the routes behind
the routers. I did have to make iptable rule changes to make the LSA from quagga to work.
With updated iptables I can see the routes and ospf neigbours. The inter VPC traffic still
goes out of the router public interface.
 For optimization of OSPF traffic we can definitely use a dedicated network, and most probably
this will be added once the basic quagga implementation is in place.

From: Pierre-Luc Dion <pdion@cloudops.com<mailto:pdion@cloudops.com>>
Date: Thursday, 28 January 2016 at 4:24 AM
To: "dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>" <dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>>
Cc: Abhinandan Prateek <abhinandan.prateek@shapeblue.com<mailto:abhinandan.prateek@shapeblue.com>>
Subject: Re: [PROPOSE] Dynamic inter VPC routing

Hi Abhinandan,

I'm actually looking at how to perform routing between VPC, but in our case we still need
the public interface of the VPC as it is right now. Improvement such as BGP for  various public
route would be helpfull. But, when it come to internal traffic between VPCs, there is 2 way
that I see for now,  IPsec, and Private gateway. In both case it does not scale well if you
want to interconnect let's say 10 VPC's together. Look Like using things like OSPF has you
are proposing make lot of sense, but do you foresee to publish OSPF traffic against a dedicated
VLAN into a PrivateGateway instead of the public interface?

I was about to propose a feature spec around this, but I did not had success yet in a quick
POC, for some reason I had issue having Quagga+OSPF  to work between VPC thru the Privage
Gateway. probably just an iptable issue.

Looks promising...


On Wed, Jan 20, 2016 at 7:28 AM, Erik Weber <terbolous@gmail.com<mailto:terbolous@gmail.com>>
wrote:
Thans Abhi, glad to hear :-)

--
Erik


On Wed, Jan 20, 2016 at 1:06 PM, Abhinandan Prateek <abhinandan.prateek@shapeblue.com<mailto:abhinandan.prateek@shapeblue.com>>
wrote:
Erik,

Updated the doc to reflect that the CIDR partitioning is not rigid.





[ShapeBlue]<http://www.shapeblue.com>
Abhinandan Prateek
Software Architect      ,       ShapeBlue


d:       | s: +44 203 603 0540<tel:%7C%20s:%20+44%20203%20603%200540>    |      m: 
    +91 970 11 99011<tel:+91%20970%2011%2099011>

e:      abhinandan.prateek@shapeblue.com | t: <mailto:abhinandan.prateek@shapeblue.com%20%7C%20t:>
      |      w:      www.shapeblue.com<http://www.shapeblue.com>

a:      53 Chandos Place, Covent Garden London WC2N 4HS UK


[X]


Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India
LLP is a company incorporated in India and is operated under license from Shape Blue Ltd.
Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under
license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company registered by The Republic
of South Africa and is traded under license from Shape Blue Ltd. ShapeBlue is a registered
trademark.
This email and any attachments to it may be confidential and are intended solely for the use
of the individual to whom it is addressed. Any views or opinions expressed are solely those
of the author and do not necessarily represent those of Shape Blue Ltd or related companies.
If you are not the intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender if you believe
you have received this email in error.




On 05/01/16, 9:17 PM, "Erik Weber" <terbolous@gmail.com<mailto:terbolous@gmail.com>>
wrote:

>On Mon, Jan 4, 2016 at 3:10 PM, Abhinandan Prateek <
>abhinandan.prateek@shapeblue.com<mailto:abhinandan.prateek@shapeblue.com>> wrote:
>
>> Hi All,
>>
>> Currently the inter VPC traffic has to go thru the public gateway.
>> This means the traffic has to be nat-ed across public internet via
>> core-routers, which is inefficient in itself. A more efficient approach
>> will be to route the traffic locally.
>>
>> The proposal is to enable quagga- ospf on VPC routers so that the
>> traffic between VPC’s is routed efficiently.
>>
>> The design doc is here:
>> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Dynamically+routed+VPC
>>
>>
>
>Regarding Super-CIDRs it states that a Super-CIDR will be divided into /24
>and /27s, but it is unclear to me if this is hard coded or just an example.
>
>What if a user wants to use /26 as their Tier-network within a /16
>Super-CIDR?
>
>
>--
>Erik
Find out more about ShapeBlue and our range of CloudStack related services:
IaaS Cloud Design & Build<http://shapeblue.com/iaas-cloud-design-and-build//> |
CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/>
CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/> | CloudStack Software
Engineering<http://shapeblue.com/cloudstack-software-engineering/>
CloudStack Infrastructure Support<http://shapeblue.com/cloudstack-infrastructure-support/>
| CloudStack Bootcamp Training Courses<http://shapeblue.com/cloudstack-training/>


Find out more about ShapeBlue and our range of CloudStack related services:
IaaS Cloud Design & Build<http://shapeblue.com/iaas-cloud-design-and-build//> |
CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/>
CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/> | CloudStack Software
Engineering<http://shapeblue.com/cloudstack-software-engineering/>
CloudStack Infrastructure Support<http://shapeblue.com/cloudstack-infrastructure-support/>
| CloudStack Bootcamp Training Courses<http://shapeblue.com/cloudstack-training/>
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message