On Mon, Dec 12, 2011 at 8:49 AM, Thiago Morello <morel...@gmail.com> wrote:
> Hi Guys, > > We have been playing with Quantum here at Locaweb to help us configure > networks for our VMs, but we would like to extend Quantum to give some > Layer 3 support (specifically to provide firewall rules configuration). > Is the quantum idea to provide this kind of network services in the future > as well? > Have you guys thought about what would be the best abstraction for this > model (as you did for the layer 2 model existent in quantum today)? > We are really excited about quantum and we would like to contribute the > best way we can for this project. > Hi Thiago, Great to have you participating in the Quantum community. You are correct that Quantum will be expanding its scope to touch on L3 + L4 firewall-style filtering. I expect this type of filtering will be achievable in (at least) two different ways in quantum in the future: - Exposing "security groups" that can be configured on a Quantum network port. Security groups are currently part of nova, but there are some compelling (I think) reasons that they should be part of Quantum. I have a half written email on this that has been sitting in my drafts folder for some time. We're pretty busy with the Essex-2 release this week, but hopefully after that we can revive the discussion. - As part of a more general Layer-3 "router" abstraction in Quantum, possibly including L3 forwarding, filtering, NAT, ACLs, etc. This is work that we'll focus on more toward the end of the Essex release cycle, as the first part is more focused on shoring up the existing L2 functionality, improved testing, and better integration with existing network-related capabilities in Nova. I expect the "F-series" summit will be were we really hash out proposals for an "official" Quantum L3 API, but I think we can probably make good progress on proposals/prototypes even during Essex. There are a good number of people who've already been thinking about L3 and Quantum, with lots of different opinions, so my goal is to make sure proposals are as concrete and well-developed going into the summit. We're happy to have you contributing to the process. What are your thoughts on how you would like to participate? As a user of Openstack + Quantum, it would be great to get a set of proposed requirements + use cases you're looking to tackle. If you have resources for development, all the better :) This week things are pretty busy with the Essex-2 release (due out thursday), but we'll definitely get back to you soon, Dan > Cheers, > > Thiago > > -- > Mailing list: https://launchpad.net/~netstack > Post to : netstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~netstack > More help : https://help.launchpad.net/ListHelp > > -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~ Dan Wendlandt Nicira Networks: www.nicira.com twitter: danwendlandt ~~~~~~~~~~~~~~~~~~~~~~~~~~~
-- Mailing list: https://launchpad.net/~netstack Post to : netstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~netstack More help : https://help.launchpad.net/ListHelp
