SlideShare a Scribd company logo

IPv6 Support in OpenStack Neutron Technical Brief

Rohit Agarwalla
Rohit Agarwalla

OpenStack Neutron has expanded its support for IPv6 addressing in tenant networks. It now supports stateless address autoconfiguration (SLAAC), DHCPv6-stateless, and DHCPv6-stateful addressing schemes. Neutron also allows dual-stack configuration of IPv4 and IPv6 addresses on ports and routers. Additional changes were made to security groups and port behavior to support IPv6. Future development is focused on IPv6 prefix delegation to simplify assignment of global unique IPv6 addresses for tenant networks.

Technology
1 of 8
Download to read offline
Page 1 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 8 IPv6 support in OpenStack Neutron Technical Brief Last Update: 05/04/15 OpenStack Neutron has made and continues to make a lot of progress to enable IPv6 tenant networks. From supporting various IPv6 addressing schemes for tenant networks to enabling features that support and use IPv6 capabilities, the IPv6 footprint in Neutron is expanding. In this technical brief, we’ll cover the various IPv6 Neutron changes that have either been already merged into the Neutron Juno and Kilo release or are undergoing discussions as part of the Liberty development release cycle. The reader will also be able to understand the different IPv6 deployment use cases that are possible with Neutron. Terminology Tenant Networks and Routers – Neutron resources that are provisioned by the tenant and available only to the OpenStack tenant for network connectivity. Provider Network and Routers – Neutron resources that are provisioned by the OpenStack administrator and also provide access to existing network infrastructure in the data center for tenant network connectivity. External Network and Routers – External Network resource that is provisioned by the OpenStack administrator to enable outside access for tenant networks and also provide connectivity to external routers in the Data Center configured outside of OpenStack. IPv6 addressing support in Neutron IPv6 supports three different addressing schemes for address configuration and for providing optional network information. • Stateless Address Auto Configuration (SLAAC) – Address configuration using Router Advertisement (RA) • DHCPv6-stateless – Address configuration using RA and optional information using DHCPv6 • DHCPv6-stateful – Address configuration and optional information using DHCPv6
Page 2 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 2 of 8 Tenant can either configure Neutron or rely on external routers and services to provide RA, DHCPv6 address and optional information for their networks. There are two Neutron subnet attributes - ipv6_ra_mode and ipv6_address_mode – that determine how IPv6 addressing and network information is provided to tenant instances. • ipv6_ra_mode – Determines who sends RA. • ipv6_address_mode – Determines how instances obtain IPv6 address, default gateway, and/or optional information. For the above two attributes to be effective, enable_dhcp must be set to True in Neutron. With enable_dhcp set to True, if neither attribute is configured, it is considered to be a case of DHCPv6-stateful. SLAAC For SLAAC, the possible combinations for the attributes are - ipv6_ra_mode ipv6_address_mode Result SLAAC Not specified Address using Neutron router Not specified SLAAC Address using external router SLAAC SLAAC Address using Neutron router Setting SLAAC for ipv6_ra_mode configures Neutron router with radvd agent to send RA. This results in the following values set for the address configuration flags in the RA messages. Address Configuration Flags Value Auto 1 Managed 0 Other 0 Deployment scenarios with SLAAC are captured below.
Page 3 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 3 of 8 The following blueprints were implemented in the Juno development release cycle to achieve the above – • https://blueprints.launchpad.net/neutron/+spec/ipv6-two-attributes • https://blueprints.launchpad.net/neutron/+spec/ipv6-provider-nets-slaac • https://blueprints.launchpad.net/neutron/+spec/neutron-ipv6-radvd-ra (Cisco lead) DHCPv6-stateless For DHCPv6-stateless, the possible combinations are – ipv6_ra_mode ipv6_address_mode Result DHCPv6-stateless Not specified Address using Neutron router and optional information using external DHCP service Not specified DHCPv6-stateless Address using external router and optional information using Neutron DHCP implementation DHCPv6-stateless DHCPv6-stateless Address and optional information using Neutron router and DHCP implementation respectively Setting DHCPv6-stateless for ipv6_ra_mode configures Neutron router with radvd agent to send RA. The table below captures the values set for the address configuration flags in the RA messages in this scenario. Similarly, setting DHCPv6-stateless for ipv6_address_mode configures Neutron DHCP implementation to provide the additional network information. Address Configuration Flags Value Auto 1 Managed 0 Other 1 Deployment scenarios are captured below.
Page 4 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 4 of 8 This Juno blueprint implementation captures the details – • https://blueprints.launchpad.net/neutron/+spec/dnsmasq-ipv6-dhcpv6-stateless DHCPv6-stateful For DHCPv6-stateful, the possible combinations are - ipv6_ra_mode ipv6_address_mode Result DHCPv6-stateful Not specified Address and optional information using external DHCP service Not specified DHCPv6-stateful Address and optional information using Neutron DHCP implementation DHCPv6-stateful DHCPv6-stateful Address and optional information using Neutron DHCP implementation Setting DHCPv6-stateful for ipv6_ra_mode results in the configuration of Auto, Managed and Others flag in the RA message as captured in the table below. Setting DHCPv6-statelful for ipv6_address_mode configures Neutron DHCP implementation to provide the address and optional information. The above diagram also captures the deployment scenarios for DHCPv6-stateful. Address Configuration Flags Value Auto 0 Managed 1 Other 1 This Juno blueprint implementation captures the details – • https://blueprints.launchpad.net/neutron/+spec/dnsmasq-ipv6-dhcpv6-stateful Also, to enable scalable and production IPv6 deployments with stateful addressing and for IPv4 address management as well, Cisco OpenStack team is working on Cisco Prime Network Registrar integration to provide alternate to the reference DHCP implementation in Neutron that uses dnsmasq. Security fixes to support IPv6 addressing From an instance network security point of view, to support IPv6 addressing, a few important patches were submitted in security group implementation. This included enabling passing certain ICMPv6 messages by default and permitting ICMPv6 RA messages from known routers. Also, traffic hairpinning to permit communication of instances from private IPv4 to floating IPv4 address had to be disabled for IPv6. This was needed to handle IPv6 Duplicate Address Detection (DAD) multicast messages in SLAAC addressing mode. These fixes are already available as part of the Juno release.
Page 5 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 8 Neutron Port behavior change for IPv6 addressing Network Ports In order to support both IPv4 and IPv6 addressing for various ports in Neutron, port behavior changes have been introduced. New or existing Neutron networks that get associated with a SLAAC enabled IPv6 subnet result in all Neutron ports within the network to get an IPv6 address assigned automatically. This is because when RA multicast messages are sent out on a Neutron network, they are received by all IPv6 capable interfaces on the network and configure an IPv6 address. The capability to reflect the IPv6 SLAAC address in addition to other IPv4 address on the network port has been added. Additionally, in case of IPv4, subnet delete was not permitted when ports existed with an IPv4 address assigned from that subnet. However, with IPv6 SLAAC addressing, tenant networks that no longer want to configure IPv6 address based on RA from the tenant router, should be able to delete the IPv6 subnet even though ports exist that have an IPv6 address configured from the SLAAC subnet. This IPv6 subnet delete operation results in clearing of the IPv6 SLAAC address from the existing port and new ports on the tenant network no longer get configured automatically with a IPv6 SLAAC address. Router ports Internal and external router port behavior has changed as well to accommodate the IPv6 addressing. Internal router ports, that act as default gateway ports for a network, will share a common port for all IPv6 subnets associated with the network. This implies that there will be an IPv6 internal router interface with multiple IPv6 addresses from each of the IPv6 subnets associated with the network and a separate IPv4 internal router interface for the IPv4 subnet. On the other hand, external router ports can now have a dual-stack configuration with an IPv4 and an IPv6 address assigned to them.
Page 6 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 6 of 8 The following blueprint was implemented as part of the Kilo development cycle – • https://blueprints.launchpad.net/neutron/+spec/multiple-ipv6-prefixes (Cisco lead) Handling IPv6 Global Unique Addresses (GUA) for Neutron networks IPv6 Prefix Delegation (PD) in Neutron IPv6 prefixes that use Global Unicast Address (GUA) format generate globally unique routable addresses. For IPv4 Neutron networks, tenants provide IPv4 CIDR when creating subnets and these addresses can overlap across tenants. However, incase of IPv6 subnets that use GUA format, prefixes and addresses among tenants cannot overlap, as they are unique. To simplify the process of IPv6 GUA subnet prefix selection for tenant networks and to avoid any conflict among tenants for IPv6 global addresses, IPv6 Prefix Delegation (PD) mechanism is being discussed in the Neutron community. IPv6 PD provides a mechanism to automatically configure IPv6 prefixes and addresses on routers and hosts, and can be used in Neutron so that tenants can determine their address based on the prefix provided by an external service. The current spec proposal design has a prefix delegating router (or a PD server outside of Neutron) that is configured with a set of prefixes. A PD process will start when a Neutron router acting as a PD requester (or PD client) requests configuration information through DHCPv6 messages. When the PD server receives the request, it will then select an available prefix for delegation to the PD client.
Page 7 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 7 of 8 The following blueprint is being developed and reviewed as part of the Liberty development cycle – • https://blueprints.launchpad.net/neutron/+spec/ipv6-prefix-delegation (Cisco lead) IPv6 Routing for Neutron Networks Neutron tenant networks that are assigned GUA prefixes and addresses don’t require NAT on the Neutron router external gateway port to access the outside world. This implies, as compared to the IPv4 implementation in Neutron, a IPv6 external gateway port doesn’t require a GUA and that a GUA IPv6 subnet prefix is not necessarily needed for the Neutron external network. By default, a IPv6 LLA associated with the external gateway port can be used for routing purposes. To handle the above IPv6 routing capability, the implementation of router-gateway-set API in Neutron is modified so that an IPv6 subnet is not required for the external network that is associated with the Neutron router. Additionally, two mechanisms are available to support explicit next hop configuration on the Neutron router. In the absence of an upstream RA, ipv6_gateway flag can be set with the external router gateway LLA in the Neutron L3 agent configuration file. If the RA is enabled, the external gateway port can learn the LLA address of the upstream router. This will enable instances that have a GUA address to route traffic to the external network without any NAT.
Page 8 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 8 of 8 The following blueprint was implemented as part of the Kilo development cycle – • https://blueprints.launchpad.net/neutron/+spec/ipv6-router (Cisco lead) Summary As OpenStack deployments increase in size and those that require advance networking capabilities, adoption of Neutron and IPv6 will continue to grow. The Neutron community and developers from various companies including Comcast, Cisco, IBM, RedHat, Nephos6 and others have been active and instrumental in developing and reviewing IPv6 code in Neutron. If you would like to contribute, either send a note to the OpenStack dev mailing list or join the weekly Neutron IPv6 meeting to learn more.

Recommended

Deploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack EnvironmentsDeploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack EnvironmentsShannon McFarland
 
OpenStack Icehouse Over IPv6
OpenStack Icehouse Over IPv6OpenStack Icehouse Over IPv6
OpenStack Icehouse Over IPv6Shixiong Shang
 
OpenStack Havana over IPv6
OpenStack Havana over IPv6OpenStack Havana over IPv6
OpenStack Havana over IPv6Shixiong Shang
 
EIGRP
EIGRPEIGRP
EIGRPnewbie2019
 
CCNA RSE Routing concept
CCNA RSE Routing conceptCCNA RSE Routing concept
CCNA RSE Routing conceptnewbie2019
 
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantImplementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantShixiong Shang
 
Ccna rse chp9 nat fo i_pv4
Ccna rse chp9 nat fo i_pv4Ccna rse chp9 nat fo i_pv4
Ccna rse chp9 nat fo i_pv4newbie2019
 
Ccna rse dynamic routing
Ccna rse dynamic routingCcna rse dynamic routing
Ccna rse dynamic routingnewbie2019
 

Recommended

Deploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack EnvironmentsDeploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack EnvironmentsShannon McFarland
 
OpenStack Icehouse Over IPv6
OpenStack Icehouse Over IPv6OpenStack Icehouse Over IPv6
OpenStack Icehouse Over IPv6Shixiong Shang
 
OpenStack Havana over IPv6
OpenStack Havana over IPv6OpenStack Havana over IPv6
OpenStack Havana over IPv6Shixiong Shang
 
EIGRP
EIGRPEIGRP
EIGRPnewbie2019
 
CCNA RSE Routing concept
CCNA RSE Routing conceptCCNA RSE Routing concept
CCNA RSE Routing conceptnewbie2019
 
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantImplementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantShixiong Shang
 
Ccna rse chp9 nat fo i_pv4
Ccna rse chp9 nat fo i_pv4Ccna rse chp9 nat fo i_pv4
Ccna rse chp9 nat fo i_pv4newbie2019
 
Ccna rse dynamic routing
Ccna rse dynamic routingCcna rse dynamic routing
Ccna rse dynamic routingnewbie2019
 
ether channel_hsrp
ether channel_hsrpether channel_hsrp
ether channel_hsrpnewbie2019
 
Ccna rse chp2
Ccna rse chp2Ccna rse chp2
Ccna rse chp2newbie2019
 
IPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletIPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletРегистар националног Интернет домена Србије - РНИДС
 
A comparison of Segment Routing Data-Plane encodings
A comparison of Segment Routing Data-Plane encodingsA comparison of Segment Routing Data-Plane encodings
A comparison of Segment Routing Data-Plane encodingsGunter Van de Velde
 
ONS Summit 2017 SKT TINA
ONS Summit 2017 SKT TINAONS Summit 2017 SKT TINA
ONS Summit 2017 SKT TINAJunho Suh
 
IPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletIPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletРегистар националног Интернет домена Србије - РНИДС
 
IPv6 deployment planning Jordi Palet
IPv6 deployment planning Jordi PaletIPv6 deployment planning Jordi Palet
IPv6 deployment planning Jordi PaletРегистар националног Интернет домена Србије - РНИДС
 
Sca nv6 instructorppt_chapter2
Sca nv6 instructorppt_chapter2Sca nv6 instructorppt_chapter2
Sca nv6 instructorppt_chapter2newbie2019
 
Service Function Chaining with SRv6
Service Function Chaining with SRv6Service Function Chaining with SRv6
Service Function Chaining with SRv6Ahmed AbdelSalam
 
A comparison of segment routing data-plane encodings
A comparison of segment routing data-plane encodingsA comparison of segment routing data-plane encodings
A comparison of segment routing data-plane encodingsGunter Van de Velde
 
Cisco Connect Montreal 2017 - Segment Routing - Technology Deep-dive and Adva...
Cisco Connect Montreal 2017 - Segment Routing - Technology Deep-dive and Adva...Cisco Connect Montreal 2017 - Segment Routing - Technology Deep-dive and Adva...
Cisco Connect Montreal 2017 - Segment Routing - Technology Deep-dive and Adva...Cisco Canada
 
BigData Clusters Redefined
BigData Clusters RedefinedBigData Clusters Redefined
BigData Clusters RedefinedDataWorks Summit
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksSkeeve Stevens
 
Ipv6 application in 5G bearer network--C&T RF Antennas Inc
Ipv6 application in 5G bearer network--C&T RF Antennas IncIpv6 application in 5G bearer network--C&T RF Antennas Inc
Ipv6 application in 5G bearer network--C&T RF Antennas IncAntenna Manufacturer Coco
 
Traffic Engineering Using Segment Routing
Traffic Engineering Using Segment Routing Traffic Engineering Using Segment Routing
Traffic Engineering Using Segment Routing Cisco Canada
 
Segment Routing Technology Deep Dive and Advanced Use Cases
Segment Routing Technology Deep Dive and Advanced Use CasesSegment Routing Technology Deep Dive and Advanced Use Cases
Segment Routing Technology Deep Dive and Advanced Use CasesCisco Canada
 
Segment routing tutorial
Segment routing tutorialSegment routing tutorial
Segment routing tutorialYi-Sung Chiu
 
Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Jhoni Guerrero
 
7 slaac-rick graziani
7 slaac-rick graziani7 slaac-rick graziani
7 slaac-rick grazianiAlejandro Reyes
 
Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)newbie2019
 
Personajes de fairy tail
Personajes de fairy tailPersonajes de fairy tail
Personajes de fairy tailFMDV12
 
Documento1
Documento1Documento1
Documento1gabo2087
 

More Related Content

What's hot

ether channel_hsrp
ether channel_hsrpether channel_hsrp
ether channel_hsrpnewbie2019
 
A comparison of Segment Routing Data-Plane encodings
A comparison of Segment Routing Data-Plane encodingsA comparison of Segment Routing Data-Plane encodings
A comparison of Segment Routing Data-Plane encodingsGunter Van de Velde
 
ONS Summit 2017 SKT TINA
ONS Summit 2017 SKT TINAONS Summit 2017 SKT TINA
ONS Summit 2017 SKT TINAJunho Suh
 
Sca nv6 instructorppt_chapter2
Sca nv6 instructorppt_chapter2Sca nv6 instructorppt_chapter2
Sca nv6 instructorppt_chapter2newbie2019
 
Service Function Chaining with SRv6
Service Function Chaining with SRv6Service Function Chaining with SRv6
Service Function Chaining with SRv6Ahmed AbdelSalam
 
A comparison of segment routing data-plane encodings
A comparison of segment routing data-plane encodingsA comparison of segment routing data-plane encodings
A comparison of segment routing data-plane encodingsGunter Van de Velde
 
Cisco Connect Montreal 2017 - Segment Routing - Technology Deep-dive and Adva...
Cisco Connect Montreal 2017 - Segment Routing - Technology Deep-dive and Adva...Cisco Connect Montreal 2017 - Segment Routing - Technology Deep-dive and Adva...
Cisco Connect Montreal 2017 - Segment Routing - Technology Deep-dive and Adva...Cisco Canada
 
BigData Clusters Redefined
BigData Clusters RedefinedBigData Clusters Redefined
BigData Clusters RedefinedDataWorks Summit
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksSkeeve Stevens
 
Ipv6 application in 5G bearer network--C&T RF Antennas Inc
Ipv6 application in 5G bearer network--C&T RF Antennas IncIpv6 application in 5G bearer network--C&T RF Antennas Inc
Ipv6 application in 5G bearer network--C&T RF Antennas IncAntenna Manufacturer Coco
 
Traffic Engineering Using Segment Routing
Traffic Engineering Using Segment Routing Traffic Engineering Using Segment Routing
Traffic Engineering Using Segment Routing Cisco Canada
 
Segment Routing Technology Deep Dive and Advanced Use Cases
Segment Routing Technology Deep Dive and Advanced Use CasesSegment Routing Technology Deep Dive and Advanced Use Cases
Segment Routing Technology Deep Dive and Advanced Use CasesCisco Canada
 
Segment routing tutorial
Segment routing tutorialSegment routing tutorial
Segment routing tutorialYi-Sung Chiu
 
Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Jhoni Guerrero
 
Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)newbie2019
 

What's hot (20)

ether channel_hsrp
ether channel_hsrpether channel_hsrp
ether channel_hsrp
 
Ccna rse chp2
Ccna rse chp2Ccna rse chp2
Ccna rse chp2
 
IPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletIPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi Palet
 
A comparison of Segment Routing Data-Plane encodings
A comparison of Segment Routing Data-Plane encodingsA comparison of Segment Routing Data-Plane encodings
A comparison of Segment Routing Data-Plane encodings
 
ONS Summit 2017 SKT TINA
ONS Summit 2017 SKT TINAONS Summit 2017 SKT TINA
ONS Summit 2017 SKT TINA
 
IPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletIPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi Palet
 
IPv6 deployment planning Jordi Palet
IPv6 deployment planning Jordi PaletIPv6 deployment planning Jordi Palet
IPv6 deployment planning Jordi Palet
 
Sca nv6 instructorppt_chapter2
Sca nv6 instructorppt_chapter2Sca nv6 instructorppt_chapter2
Sca nv6 instructorppt_chapter2
 
Service Function Chaining with SRv6
Service Function Chaining with SRv6Service Function Chaining with SRv6
Service Function Chaining with SRv6
 
A comparison of segment routing data-plane encodings
A comparison of segment routing data-plane encodingsA comparison of segment routing data-plane encodings
A comparison of segment routing data-plane encodings
 
Cisco Connect Montreal 2017 - Segment Routing - Technology Deep-dive and Adva...
Cisco Connect Montreal 2017 - Segment Routing - Technology Deep-dive and Adva...Cisco Connect Montreal 2017 - Segment Routing - Technology Deep-dive and Adva...
Cisco Connect Montreal 2017 - Segment Routing - Technology Deep-dive and Adva...
 
BigData Clusters Redefined
BigData Clusters RedefinedBigData Clusters Redefined
BigData Clusters Redefined
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP Networks
 
Ipv6 application in 5G bearer network--C&T RF Antennas Inc
Ipv6 application in 5G bearer network--C&T RF Antennas IncIpv6 application in 5G bearer network--C&T RF Antennas Inc
Ipv6 application in 5G bearer network--C&T RF Antennas Inc
 
Traffic Engineering Using Segment Routing
Traffic Engineering Using Segment Routing Traffic Engineering Using Segment Routing
Traffic Engineering Using Segment Routing
 
Segment Routing Technology Deep Dive and Advanced Use Cases
Segment Routing Technology Deep Dive and Advanced Use CasesSegment Routing Technology Deep Dive and Advanced Use Cases
Segment Routing Technology Deep Dive and Advanced Use Cases
 
Segment routing tutorial
Segment routing tutorialSegment routing tutorial
Segment routing tutorial
 
Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6Transitioning IPv4 to IPv6
Transitioning IPv4 to IPv6
 
7 slaac-rick graziani
7 slaac-rick graziani7 slaac-rick graziani
7 slaac-rick graziani
 
Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)
 

Viewers also liked

Personajes de fairy tail
Personajes de fairy tailPersonajes de fairy tail
Personajes de fairy tailFMDV12
 
Documento1
Documento1Documento1
Documento1gabo2087
 
Presentation ploumis
Presentation ploumisPresentation ploumis
Presentation ploumisguerillero
 
Resumen, conclusiones y testimonios del I Congreso Internacional de Detección...
Resumen, conclusiones y testimonios del I Congreso Internacional de Detección...Resumen, conclusiones y testimonios del I Congreso Internacional de Detección...
Resumen, conclusiones y testimonios del I Congreso Internacional de Detección...Biotica Bioquimica Analitica S.L.
 
Extraction of qrs complexes using automated bayesian regularization neural ne...
Extraction of qrs complexes using automated bayesian regularization neural ne...Extraction of qrs complexes using automated bayesian regularization neural ne...
Extraction of qrs complexes using automated bayesian regularization neural ne...iaemedu
 
130128_M N Gopinath_Nagarajan
130128_M N Gopinath_Nagarajan130128_M N Gopinath_Nagarajan
130128_M N Gopinath_NagarajanM N Gopinath
 
Setting up for Success: Reactive meets Preventive
Setting up for Success: Reactive meets PreventiveSetting up for Success: Reactive meets Preventive
Setting up for Success: Reactive meets PreventiveSchoolDude
 
Anemia perioperatoria y algoritmos. COMTenerife. Dr García Erce 2016
Anemia perioperatoria y algoritmos. COMTenerife. Dr García Erce 2016Anemia perioperatoria y algoritmos. COMTenerife. Dr García Erce 2016
Anemia perioperatoria y algoritmos. COMTenerife. Dr García Erce 2016José Antonio García Erce
 
Advul Festo
Advul FestoAdvul Festo
Advul FestoArve
 

Viewers also liked (18)

Personajes de fairy tail
Personajes de fairy tailPersonajes de fairy tail
Personajes de fairy tail
 
Documento1
Documento1Documento1
Documento1
 
Presentation ploumis
Presentation ploumisPresentation ploumis
Presentation ploumis
 
Śniadanie Daje Moc
Śniadanie Daje MocŚniadanie Daje Moc
Śniadanie Daje Moc
 
Resumen, conclusiones y testimonios del I Congreso Internacional de Detección...
Resumen, conclusiones y testimonios del I Congreso Internacional de Detección...Resumen, conclusiones y testimonios del I Congreso Internacional de Detección...
Resumen, conclusiones y testimonios del I Congreso Internacional de Detección...
 
Hatzidakis
HatzidakisHatzidakis
Hatzidakis
 
Politika
PolitikaPolitika
Politika
 
Extraction of qrs complexes using automated bayesian regularization neural ne...
Extraction of qrs complexes using automated bayesian regularization neural ne...Extraction of qrs complexes using automated bayesian regularization neural ne...
Extraction of qrs complexes using automated bayesian regularization neural ne...
 
130128_M N Gopinath_Nagarajan
130128_M N Gopinath_Nagarajan130128_M N Gopinath_Nagarajan
130128_M N Gopinath_Nagarajan
 
Setting up for Success: Reactive meets Preventive
Setting up for Success: Reactive meets PreventiveSetting up for Success: Reactive meets Preventive
Setting up for Success: Reactive meets Preventive
 
παρουσίαση
παρουσίασηπαρουσίαση
παρουσίαση
 
Deber de informatica
Deber de informaticaDeber de informatica
Deber de informatica
 
Espectres
EspectresEspectres
Espectres
 
Nspf 2016 Water-id -Biotica presentation
Nspf 2016 Water-id -Biotica presentationNspf 2016 Water-id -Biotica presentation
Nspf 2016 Water-id -Biotica presentation
 
Anemia perioperatoria y algoritmos. COMTenerife. Dr García Erce 2016
Anemia perioperatoria y algoritmos. COMTenerife. Dr García Erce 2016Anemia perioperatoria y algoritmos. COMTenerife. Dr García Erce 2016
Anemia perioperatoria y algoritmos. COMTenerife. Dr García Erce 2016
 
Advul Festo
Advul FestoAdvul Festo
Advul Festo
 
Clase 5(1)
Clase 5(1)Clase 5(1)
Clase 5(1)
 
Blue Ocean Strategy
Blue Ocean StrategyBlue Ocean Strategy
Blue Ocean Strategy
 

Similar to IPv6 Support in OpenStack Neutron Technical Brief

OpenStack Neutron IPv6 Lessons
OpenStack Neutron IPv6 LessonsOpenStack Neutron IPv6 Lessons
OpenStack Neutron IPv6 LessonsAkihiro Motoki
 
Network Configuration Example: Configuring a Dual Stack That Uses NDRA and DH...
Network Configuration Example: Configuring a Dual Stack That Uses NDRA and DH...Network Configuration Example: Configuring a Dual Stack That Uses NDRA and DH...
Network Configuration Example: Configuring a Dual Stack That Uses NDRA and DH...Juniper Networks
 
Configuringadualstackthatusesndra 131018075723-phpapp02
Configuringadualstackthatusesndra 131018075723-phpapp02Configuringadualstackthatusesndra 131018075723-phpapp02
Configuringadualstackthatusesndra 131018075723-phpapp02Christine Joy Lanzar
 
Internet Protocol Version 6 By Suvo 2002
Internet Protocol Version 6 By Suvo 2002Internet Protocol Version 6 By Suvo 2002
Internet Protocol Version 6 By Suvo 2002suvobgd
 
464XLAT Tutorial
464XLAT Tutorial464XLAT Tutorial
464XLAT TutorialAPNIC
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICAPNIC
 
2012 11-09 facex - i pv6 transition planning-
2012 11-09 facex - i pv6 transition planning-2012 11-09 facex - i pv6 transition planning-
2012 11-09 facex - i pv6 transition planning-Eduardo Coelho
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methodsAhmad Hijazi
 
IPv6 .pdf
IPv6 .pdfIPv6 .pdf
IPv6 .pdfniran10
 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2srmanjuskp
 
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...gogo6
 
Performance Analysis of Ipv4 Ipv6 Transition Techniques
Performance Analysis of Ipv4 Ipv6 Transition TechniquesPerformance Analysis of Ipv4 Ipv6 Transition Techniques
Performance Analysis of Ipv4 Ipv6 Transition TechniquesAndy Juan Sarango Veliz
 
Review of IPv4 and IPv6 and various implementation methods of IPv6
Review of IPv4 and IPv6 and various implementation methods of IPv6Review of IPv4 and IPv6 and various implementation methods of IPv6
Review of IPv4 and IPv6 and various implementation methods of IPv6IRJET Journal
 
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNICIndonesia Network Operators Group
 
IPv6 deployment at APNIC
IPv6 deployment at APNICIPv6 deployment at APNIC
IPv6 deployment at APNICAPNIC
 

Similar to IPv6 Support in OpenStack Neutron Technical Brief (20)

Deploying IPv6 on OpenStack
Deploying IPv6 on OpenStackDeploying IPv6 on OpenStack
Deploying IPv6 on OpenStack
 
OpenStack Neutron IPv6 Lessons
OpenStack Neutron IPv6 LessonsOpenStack Neutron IPv6 Lessons
OpenStack Neutron IPv6 Lessons
 
Network Configuration Example: Configuring a Dual Stack That Uses NDRA and DH...
Network Configuration Example: Configuring a Dual Stack That Uses NDRA and DH...Network Configuration Example: Configuring a Dual Stack That Uses NDRA and DH...
Network Configuration Example: Configuring a Dual Stack That Uses NDRA and DH...
 
Configuringadualstackthatusesndra 131018075723-phpapp02
Configuringadualstackthatusesndra 131018075723-phpapp02Configuringadualstackthatusesndra 131018075723-phpapp02
Configuringadualstackthatusesndra 131018075723-phpapp02
 
3hows
3hows3hows
3hows
 
Internet Protocol Version 6 By Suvo 2002
Internet Protocol Version 6 By Suvo 2002Internet Protocol Version 6 By Suvo 2002
Internet Protocol Version 6 By Suvo 2002
 
464XLAT Tutorial
464XLAT Tutorial464XLAT Tutorial
464XLAT Tutorial
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNIC
 
2012 11-09 facex - i pv6 transition planning-
2012 11-09 facex - i pv6 transition planning-2012 11-09 facex - i pv6 transition planning-
2012 11-09 facex - i pv6 transition planning-
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methods
 
IPv6 .pdf
IPv6 .pdfIPv6 .pdf
IPv6 .pdf
 
IPv6
IPv6IPv6
IPv6
 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2
 
Ipv6 routing
Ipv6 routingIpv6 routing
Ipv6 routing
 
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
 
Performance Analysis of Ipv4 Ipv6 Transition Techniques
Performance Analysis of Ipv4 Ipv6 Transition TechniquesPerformance Analysis of Ipv4 Ipv6 Transition Techniques
Performance Analysis of Ipv4 Ipv6 Transition Techniques
 
Review of IPv4 and IPv6 and various implementation methods of IPv6
Review of IPv4 and IPv6 and various implementation methods of IPv6Review of IPv4 and IPv6 and various implementation methods of IPv6
Review of IPv4 and IPv6 and various implementation methods of IPv6
 
IPv6 at CSCS
IPv6 at CSCSIPv6 at CSCS
IPv6 at CSCS
 
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
 
IPv6 deployment at APNIC
IPv6 deployment at APNICIPv6 deployment at APNIC
IPv6 deployment at APNIC
 

More from Rohit Agarwalla

PSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google CloudPSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google CloudRohit Agarwalla
 
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...Rohit Agarwalla
 
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...Rohit Agarwalla
 
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...Rohit Agarwalla
 

More from Rohit Agarwalla (6)

PSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google CloudPSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
 
BRKSDN-2115
BRKSDN-2115 BRKSDN-2115
BRKSDN-2115
 
BRKDCT-2445
BRKDCT-2445BRKDCT-2445
BRKDCT-2445
 
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...
PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San ...
 
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions - Cisco Live! US ...
 
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...
BRKDCT-2445 Agile OpenStack Networking with Cisco Solutions-Cisco Live! US 20...
 

Recently uploaded

Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 

Recently uploaded (20)

Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 

IPv6 Support in OpenStack Neutron Technical Brief

  • 1. Page 1 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 8 IPv6 support in OpenStack Neutron Technical Brief Last Update: 05/04/15 OpenStack Neutron has made and continues to make a lot of progress to enable IPv6 tenant networks. From supporting various IPv6 addressing schemes for tenant networks to enabling features that support and use IPv6 capabilities, the IPv6 footprint in Neutron is expanding. In this technical brief, we’ll cover the various IPv6 Neutron changes that have either been already merged into the Neutron Juno and Kilo release or are undergoing discussions as part of the Liberty development release cycle. The reader will also be able to understand the different IPv6 deployment use cases that are possible with Neutron. Terminology Tenant Networks and Routers – Neutron resources that are provisioned by the tenant and available only to the OpenStack tenant for network connectivity. Provider Network and Routers – Neutron resources that are provisioned by the OpenStack administrator and also provide access to existing network infrastructure in the data center for tenant network connectivity. External Network and Routers – External Network resource that is provisioned by the OpenStack administrator to enable outside access for tenant networks and also provide connectivity to external routers in the Data Center configured outside of OpenStack. IPv6 addressing support in Neutron IPv6 supports three different addressing schemes for address configuration and for providing optional network information. • Stateless Address Auto Configuration (SLAAC) – Address configuration using Router Advertisement (RA) • DHCPv6-stateless – Address configuration using RA and optional information using DHCPv6 • DHCPv6-stateful – Address configuration and optional information using DHCPv6
  • 2. Page 2 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 2 of 8 Tenant can either configure Neutron or rely on external routers and services to provide RA, DHCPv6 address and optional information for their networks. There are two Neutron subnet attributes - ipv6_ra_mode and ipv6_address_mode – that determine how IPv6 addressing and network information is provided to tenant instances. • ipv6_ra_mode – Determines who sends RA. • ipv6_address_mode – Determines how instances obtain IPv6 address, default gateway, and/or optional information. For the above two attributes to be effective, enable_dhcp must be set to True in Neutron. With enable_dhcp set to True, if neither attribute is configured, it is considered to be a case of DHCPv6-stateful. SLAAC For SLAAC, the possible combinations for the attributes are - ipv6_ra_mode ipv6_address_mode Result SLAAC Not specified Address using Neutron router Not specified SLAAC Address using external router SLAAC SLAAC Address using Neutron router Setting SLAAC for ipv6_ra_mode configures Neutron router with radvd agent to send RA. This results in the following values set for the address configuration flags in the RA messages. Address Configuration Flags Value Auto 1 Managed 0 Other 0 Deployment scenarios with SLAAC are captured below.
  • 3. Page 3 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 3 of 8 The following blueprints were implemented in the Juno development release cycle to achieve the above – • https://blueprints.launchpad.net/neutron/+spec/ipv6-two-attributes • https://blueprints.launchpad.net/neutron/+spec/ipv6-provider-nets-slaac • https://blueprints.launchpad.net/neutron/+spec/neutron-ipv6-radvd-ra (Cisco lead) DHCPv6-stateless For DHCPv6-stateless, the possible combinations are – ipv6_ra_mode ipv6_address_mode Result DHCPv6-stateless Not specified Address using Neutron router and optional information using external DHCP service Not specified DHCPv6-stateless Address using external router and optional information using Neutron DHCP implementation DHCPv6-stateless DHCPv6-stateless Address and optional information using Neutron router and DHCP implementation respectively Setting DHCPv6-stateless for ipv6_ra_mode configures Neutron router with radvd agent to send RA. The table below captures the values set for the address configuration flags in the RA messages in this scenario. Similarly, setting DHCPv6-stateless for ipv6_address_mode configures Neutron DHCP implementation to provide the additional network information. Address Configuration Flags Value Auto 1 Managed 0 Other 1 Deployment scenarios are captured below.
  • 4. Page 4 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 4 of 8 This Juno blueprint implementation captures the details – • https://blueprints.launchpad.net/neutron/+spec/dnsmasq-ipv6-dhcpv6-stateless DHCPv6-stateful For DHCPv6-stateful, the possible combinations are - ipv6_ra_mode ipv6_address_mode Result DHCPv6-stateful Not specified Address and optional information using external DHCP service Not specified DHCPv6-stateful Address and optional information using Neutron DHCP implementation DHCPv6-stateful DHCPv6-stateful Address and optional information using Neutron DHCP implementation Setting DHCPv6-stateful for ipv6_ra_mode results in the configuration of Auto, Managed and Others flag in the RA message as captured in the table below. Setting DHCPv6-statelful for ipv6_address_mode configures Neutron DHCP implementation to provide the address and optional information. The above diagram also captures the deployment scenarios for DHCPv6-stateful. Address Configuration Flags Value Auto 0 Managed 1 Other 1 This Juno blueprint implementation captures the details – • https://blueprints.launchpad.net/neutron/+spec/dnsmasq-ipv6-dhcpv6-stateful Also, to enable scalable and production IPv6 deployments with stateful addressing and for IPv4 address management as well, Cisco OpenStack team is working on Cisco Prime Network Registrar integration to provide alternate to the reference DHCP implementation in Neutron that uses dnsmasq. Security fixes to support IPv6 addressing From an instance network security point of view, to support IPv6 addressing, a few important patches were submitted in security group implementation. This included enabling passing certain ICMPv6 messages by default and permitting ICMPv6 RA messages from known routers. Also, traffic hairpinning to permit communication of instances from private IPv4 to floating IPv4 address had to be disabled for IPv6. This was needed to handle IPv6 Duplicate Address Detection (DAD) multicast messages in SLAAC addressing mode. These fixes are already available as part of the Juno release.
  • 5. Page 5 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 8 Neutron Port behavior change for IPv6 addressing Network Ports In order to support both IPv4 and IPv6 addressing for various ports in Neutron, port behavior changes have been introduced. New or existing Neutron networks that get associated with a SLAAC enabled IPv6 subnet result in all Neutron ports within the network to get an IPv6 address assigned automatically. This is because when RA multicast messages are sent out on a Neutron network, they are received by all IPv6 capable interfaces on the network and configure an IPv6 address. The capability to reflect the IPv6 SLAAC address in addition to other IPv4 address on the network port has been added. Additionally, in case of IPv4, subnet delete was not permitted when ports existed with an IPv4 address assigned from that subnet. However, with IPv6 SLAAC addressing, tenant networks that no longer want to configure IPv6 address based on RA from the tenant router, should be able to delete the IPv6 subnet even though ports exist that have an IPv6 address configured from the SLAAC subnet. This IPv6 subnet delete operation results in clearing of the IPv6 SLAAC address from the existing port and new ports on the tenant network no longer get configured automatically with a IPv6 SLAAC address. Router ports Internal and external router port behavior has changed as well to accommodate the IPv6 addressing. Internal router ports, that act as default gateway ports for a network, will share a common port for all IPv6 subnets associated with the network. This implies that there will be an IPv6 internal router interface with multiple IPv6 addresses from each of the IPv6 subnets associated with the network and a separate IPv4 internal router interface for the IPv4 subnet. On the other hand, external router ports can now have a dual-stack configuration with an IPv4 and an IPv6 address assigned to them.
  • 6. Page 6 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 6 of 8 The following blueprint was implemented as part of the Kilo development cycle – • https://blueprints.launchpad.net/neutron/+spec/multiple-ipv6-prefixes (Cisco lead) Handling IPv6 Global Unique Addresses (GUA) for Neutron networks IPv6 Prefix Delegation (PD) in Neutron IPv6 prefixes that use Global Unicast Address (GUA) format generate globally unique routable addresses. For IPv4 Neutron networks, tenants provide IPv4 CIDR when creating subnets and these addresses can overlap across tenants. However, incase of IPv6 subnets that use GUA format, prefixes and addresses among tenants cannot overlap, as they are unique. To simplify the process of IPv6 GUA subnet prefix selection for tenant networks and to avoid any conflict among tenants for IPv6 global addresses, IPv6 Prefix Delegation (PD) mechanism is being discussed in the Neutron community. IPv6 PD provides a mechanism to automatically configure IPv6 prefixes and addresses on routers and hosts, and can be used in Neutron so that tenants can determine their address based on the prefix provided by an external service. The current spec proposal design has a prefix delegating router (or a PD server outside of Neutron) that is configured with a set of prefixes. A PD process will start when a Neutron router acting as a PD requester (or PD client) requests configuration information through DHCPv6 messages. When the PD server receives the request, it will then select an available prefix for delegation to the PD client.
  • 7. Page 7 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 7 of 8 The following blueprint is being developed and reviewed as part of the Liberty development cycle – • https://blueprints.launchpad.net/neutron/+spec/ipv6-prefix-delegation (Cisco lead) IPv6 Routing for Neutron Networks Neutron tenant networks that are assigned GUA prefixes and addresses don’t require NAT on the Neutron router external gateway port to access the outside world. This implies, as compared to the IPv4 implementation in Neutron, a IPv6 external gateway port doesn’t require a GUA and that a GUA IPv6 subnet prefix is not necessarily needed for the Neutron external network. By default, a IPv6 LLA associated with the external gateway port can be used for routing purposes. To handle the above IPv6 routing capability, the implementation of router-gateway-set API in Neutron is modified so that an IPv6 subnet is not required for the external network that is associated with the Neutron router. Additionally, two mechanisms are available to support explicit next hop configuration on the Neutron router. In the absence of an upstream RA, ipv6_gateway flag can be set with the external router gateway LLA in the Neutron L3 agent configuration file. If the RA is enabled, the external gateway port can learn the LLA address of the upstream router. This will enable instances that have a GUA address to route traffic to the external network without any NAT.
  • 8. Page 8 of 8 © 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 8 of 8 The following blueprint was implemented as part of the Kilo development cycle – • https://blueprints.launchpad.net/neutron/+spec/ipv6-router (Cisco lead) Summary As OpenStack deployments increase in size and those that require advance networking capabilities, adoption of Neutron and IPv6 will continue to grow. The Neutron community and developers from various companies including Comcast, Cisco, IBM, RedHat, Nephos6 and others have been active and instrumental in developing and reviewing IPv6 code in Neutron. If you would like to contribute, either send a note to the OpenStack dev mailing list or join the weekly Neutron IPv6 meeting to learn more.