[openstack-dev] [neutron] openwrt VM as service

Wed, 15 Apr 2015 00:42:24 -0700 

I’d like to propose openwrt VM as service.

What’s openWRT VM as service:

a)            Tenant can download openWRT VM from http://downloads.openwrt.org/
b)            Tenant can create WAN interface from external public network
c)            Tenant can create private network and create instance from 
private network
d)            Tenent can configure openWRT for several services including DHCP, 
route, QoS, ACL and VPNs.

What’s need to change in neutron:

a)            Neutron support to create port for openWRT VM. (I assume it 
already support it and just integrate it)
b)            Move metadata proxy to openWRT VM.

Why openstack need it?

a)            It is easy for tenant to configure/customize  network service.
Especially, openstack doesn’t support specified VPN.  Tenent can configure VPN 
and don’t need develop new one and request cloud admin to deploy new VPN.
b)            It is easy for openstack to deploy new network service.

Case 1: SNAT load balance. (We may propose it in neutron)

Currently, neutron l3 support one gateway IP. Neutron L3 does SNAT from private 
network to public network.

   Private network -----SNAT--- public network

If the public network is down, all private network cannot access to external 
network.

If we do SNAT load balance, private network can do SNAT to 2 public network.
How to implement in openwrt VM:

1.            Create port1 from public network 1
2.            Create port2 from public network 2
3.            Create port3 from private network
4.            Create openwrt VM including port1, port2 and port3
5.            Configure openwrt to do SNAT load balance from private network to 
public network 1 and publice network2

Case 2: VPN Service

I want to use OpenVPN. Without openwrt VM, I need to develop OpenVPN as VPN 
plugin and ask  openstack admin to deploy it (possibly, openstack cloud admin 
reject it)

How to implement in openwrt VM:

1.            Create port1 from public network 1
2.            Create port2 from private network
3.            Create vpn server/client
4.            NAT from private network to vpn network

What do you think?

Thanks,
-Ruijing

__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: [email protected]?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Reply via email to