incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Murali Reddy <Murali.Re...@citrix.com>
Subject Re: [4.1 feature RFC] L4-L7 network services in shared network
Date Thu, 06 Dec 2012 08:31:38 GMT
Checked in this feature into master with commits

    7fcfcdf91e49d64375171c9ae7fe61067aa59b6e
    d4c604cfd8ec6b385de7abf694a936e89add0f38
    6657246cd44629c30e6ea21cc4bbd43a42788e12
    0de5a145e4f06420a4eb1867309af674c16ace7c
    28bbf6c52798c9bd298952844250fbc3cb92dce0

Now with this feature, one can enable PF/LB/Source and Static NAT/Firewall
services in the shared networks as well.

I have unit-tested with service combinations

- FW + PF + Source NAT
- FW + Source NAT 
- FW + LB + Source NAT
- Source NAT +LB 

Also unit-tested below service provider combinations

- Virtual Router providing DNS, DHCP, Firewall, LB, PF, Source Nat services
- VR providing DNS, DHCP services and SRX providing Firewall/NAT/PF
services
- VR providing DNS, DHCP services, SRX providing Firewall/NAT/PF services
and NetScaler providing LB service.

This is only a framework level change, so no expectation on specific
network service provider. All the combination of network services and
network service providers that are possible in 'isolated' networks are
possible with 'Shared' network as well. This feature only enables services
in the shared network in the advanced zone only.

On 16/10/12 8:27 PM, "Murali Reddy" <Murali.Reddy@citrix.com> wrote:

>CloudStack supports guest networks of type isolated and shared. While
>there is rich support of L4-L7 network services like firewall, NAT, LB in
>the isolated networks, similar network services are not available in the
>networks of shared type. While there is EIP and ELB services which
>provides NAT and LB service in basic zone which uses shared network,
>there are no firewall, NAT, LB services available to the shared networks
>created in the advanced zone. For enterprise/private clouds and simple
>deployments it make sense to enable L4-L7 services in the shared
>networks. I am proposing that CloudStack should enable L4-L7 network
>services in the shared networks created in the advanced zone. I opened
>new feature request for 4.1 release [1] and documented the functional
>requirements at [2]. Please comment.
>
>[1].https://issues.apache.org/jira/browse/CLOUDSTACK-312
>[2].https://cwiki.apache.org/confluence/display/CLOUDSTACK/L4-L7+network+s
>ervices+in+shared+network
>



Mime
View raw message