ipv6_opnfv_project:minutes_20150306
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
ipv6_opnfv_project:minutes_20150306 [2015/03/06 19:57] Bin Hu |
ipv6_opnfv_project:minutes_20150306 [2015/03/06 20:19] (current) Bin Hu |
||
|---|---|---|---|
| Line 23: | Line 23: | ||
| * Full support for IPv6 tcp/udp/icmp IPv6 security groups: Sridhar talked to the author of Blueprint [[https://blueprints.launchpad.net/neutron/+spec/security-group-ipv6-ra-guard|Security group rule for IPv6 RA guard and IPv6 Snooping]]. The author is looking at the feature [[http://www.cisco.com/web/about/security/intelligence/ipv6_first_hop.html| IPv6 First-Hop Security]]. | * Full support for IPv6 tcp/udp/icmp IPv6 security groups: Sridhar talked to the author of Blueprint [[https://blueprints.launchpad.net/neutron/+spec/security-group-ipv6-ra-guard|Security group rule for IPv6 RA guard and IPv6 Snooping]]. The author is looking at the feature [[http://www.cisco.com/web/about/security/intelligence/ipv6_first_hop.html| IPv6 First-Hop Security]]. | ||
| * Jonne asked why [[https://blueprints.launchpad.net/neutron/+spec/ipv6-prefix-delegation| IPv6 Prefix Delegation]] only supports /64 prefix. Sridhar and Bin indicated that it is a limitation in current implementation for Kilo. Sub-delegation capability such as /48, /54 etc. should be supported beyond Kilo, and hopefully in Liberty. | * Jonne asked why [[https://blueprints.launchpad.net/neutron/+spec/ipv6-prefix-delegation| IPv6 Prefix Delegation]] only supports /64 prefix. Sridhar and Bin indicated that it is a limitation in current implementation for Kilo. Sub-delegation capability such as /48, /54 etc. should be supported beyond Kilo, and hopefully in Liberty. | ||
| + | * Mark shared * [[http://klub.com.pl/dhcpv6/| Dibbler - A Portable DHCPv6]] | ||
| * Group agreed to look into IPv6 First-Hop Security, and use cases of Static IPv6 and Sub-delegation. Based on further investigation, we will decide possible actions, for example, Blueprints to drive IPv6 First-Hop Security, Static IPv6 and Sub-delegation capability. | * Group agreed to look into IPv6 First-Hop Security, and use cases of Static IPv6 and Sub-delegation. Based on further investigation, we will decide possible actions, for example, Blueprints to drive IPv6 First-Hop Security, Static IPv6 and Sub-delegation capability. | ||
| * Mark revised the PoC design of using VM as an IPv6 SLAAC Router for VMs. | * Mark revised the PoC design of using VM as an IPv6 SLAAC Router for VMs. | ||
| Line 28: | Line 29: | ||
| * Mark asked if Tenant Router created in Network Node is needed or not in case of IPv6, because it is needed for IPv4 but not sure for IPv6. | * Mark asked if Tenant Router created in Network Node is needed or not in case of IPv6, because it is needed for IPv4 but not sure for IPv6. | ||
| * Sridhar indicated that Tenant Router and Bridge are needed for each Tenant subnet. A dual-stack support is an easier way compared to IPv6-only design, because IPv4 is needed frequently from time to time, such as metadata. | * Sridhar indicated that Tenant Router and Bridge are needed for each Tenant subnet. A dual-stack support is an easier way compared to IPv6-only design, because IPv4 is needed frequently from time to time, such as metadata. | ||
| - | * Iben suggested a more generic diagram so that the design can be applied to other types of networks such as VXLAN, GRE, etc. through ML2 plugin. | + | * Iben suggested a more generic diagram so that the design can be applied to other types of networks such as VXLAN, GRE, etc. through ML2 plugin. For example [[http://docs.openstack.org/admin-guide-cloud/content/figures/14/a/a/common/figures/OVStunneling.png| OVS Tunnling]]. |
| - | * Bin suggested that we may have 2 diagrams. One is an simple diagram that maps to current OVS network setup, and the other one is a more generic one that can easily scalable to other networks. | + | * Bin suggested that we may have 2 diagrams. One is an simple diagram that maps to current OVS network setup, and the other one is a more generic one that can be easily scalable to other networks. |
| * Mark will revise the PoC 1 design so that: | * Mark will revise the PoC 1 design so that: | ||
| * It is targeted for dual-stack | * It is targeted for dual-stack | ||
ipv6_opnfv_project/minutes_20150306.1425671820.txt.gz · Last modified: 2015/03/06 19:57 by Bin Hu
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: Creative Commons Attribution 4.0 International License
