Re: [openstack-dev] [Neutron] Port Forwarding API

2015-09-22 Thread Carl Baldwin 
Interesting, I'll have a look.  We should get this on the neutron drivers'
agenda.  The drivers team has been dormant for a couple of weeks but I'm
sure it will pick up again very soon.

Carl
On Sep 20, 2015 12:28 AM, "Gal Sagie"  wrote:

> Hello All,
>
> I have sent a spec [1] to resume the work on port forwarding API and
> reference implementation.
>
> Its currently marked as "WIP", however i raised some "TBD" questions for
> the community.
> The way i see port forwarding is an API that is very similar to floating
> IP API and implementation
> with few changes:
>
> 1) Can only define port forwarding on the router external gateway IP (or
> additional public IPs
>that are located on the router.  (Similar to the case of centralized
> DNAT)
>
> 2) The same FIP address can be used for different mappings, for example
> FIP with IP X
> can be used with different ports to map to different VM's X:4001  ->
> VM1 IP
> X:4002 -> VM2 IP (This is the essence of port forwarding).
> So we also need the port mapping configuration fields
>
> All the rest should probably behave (in my opinion) very similar to FIP's
> (for example
> not being able to remove external gateway if port forwarding entries are
> configured,
> if the VM is deletd the port forwarding entry is deleted as well and so
> on..)
> All of these points are mentioned in the spec and i am waiting for the
> community feedback
> on them.
>
> I am trying to figure out if implementation wise, it would be smart to try
> and use the floating IP
> implementation and extend it for this (given all the above mechanism
> described above already
> works for floating IP's)
> Or, add another new implementation which behaves very similar to floating
> IP's in most aspects
> (But still differ in some)
> Or something else...
>
> Would love to hear the community feedback on the spec, even that its WIP
>
> Thanks
> Gal.
>
> [1] https://review.openstack.org/#/c/224727/
>
> __
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

[openstack-dev] [Neutron] Port Forwarding API

2015-09-20 Thread Gal Sagie 
Hello All,

I have sent a spec [1] to resume the work on port forwarding API and
reference implementation.

Its currently marked as "WIP", however i raised some "TBD" questions for
the community.
The way i see port forwarding is an API that is very similar to floating IP
API and implementation
with few changes:

1) Can only define port forwarding on the router external gateway IP (or
additional public IPs
   that are located on the router.  (Similar to the case of centralized
DNAT)

2) The same FIP address can be used for different mappings, for example FIP
with IP X
can be used with different ports to map to different VM's X:4001  ->
VM1 IP
X:4002 -> VM2 IP (This is the essence of port forwarding).
So we also need the port mapping configuration fields

All the rest should probably behave (in my opinion) very similar to FIP's
(for example
not being able to remove external gateway if port forwarding entries are
configured,
if the VM is deletd the port forwarding entry is deleted as well and so
on..)
All of these points are mentioned in the spec and i am waiting for the
community feedback
on them.

I am trying to figure out if implementation wise, it would be smart to try
and use the floating IP
implementation and extend it for this (given all the above mechanism
described above already
works for floating IP's)
Or, add another new implementation which behaves very similar to floating
IP's in most aspects
(But still differ in some)
Or something else...

Would love to hear the community feedback on the spec, even that its WIP

Thanks
Gal.

[1] https://review.openstack.org/#/c/224727/
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [Neutron] Port Forwarding API

2015-09-20 Thread Gal Sagie 
Hi shihanzhang,

As mentioned in the spec, this doesnt support distributed FIP's, it will
still work
if the VMs are on different compute nodes, similar to the way centralized
DNAT works (from the network node)

Distributing port forwarding entries in my opinion is similar to
distributing SNAT, and when
there will be a consensus in the community regarding SNAT distrubition (if
its really fully needed)
i think that any solution will also fit port forwarding distrubition.
(But thats not the scope of this proposed spec)

Gal.

On Mon, Sep 21, 2015 at 4:57 AM, shihanzhang  wrote:

>
>  2) The same FIP address can be used for different mappings, for
> example FIP with IP X
>   can be used with different ports to map to different VM's
> X:4001  -> VM1 IP
>   X:4002 -> VM2 IP (This is the essence of port forwarding).
>  So we also need the port mapping configuration fields
>
> For the second use case, I have a question, does it support DVR?  if VM1
> and VM2 are on
> different compute nodes, how does it work?
>
>
>
>
> 在 2015-09-20 14:26:23,"Gal Sagie"  写道:
>
> Hello All,
>
> I have sent a spec [1] to resume the work on port forwarding API and
> reference implementation.
>
> Its currently marked as "WIP", however i raised some "TBD" questions for
> the community.
> The way i see port forwarding is an API that is very similar to floating
> IP API and implementation
> with few changes:
>
> 1) Can only define port forwarding on the router external gateway IP (or
> additional public IPs
>that are located on the router.  (Similar to the case of centralized
> DNAT)
>
> 2) The same FIP address can be used for different mappings, for example
> FIP with IP X
> can be used with different ports to map to different VM's X:4001  ->
> VM1 IP
> X:4002 -> VM2 IP (This is the essence of port forwarding).
> So we also need the port mapping configuration fields
>
> All the rest should probably behave (in my opinion) very similar to FIP's
> (for example
> not being able to remove external gateway if port forwarding entries are
> configured,
> if the VM is deletd the port forwarding entry is deleted as well and so
> on..)
> All of these points are mentioned in the spec and i am waiting for the
> community feedback
> on them.
>
> I am trying to figure out if implementation wise, it would be smart to try
> and use the floating IP
> implementation and extend it for this (given all the above mechanism
> described above already
> works for floating IP's)
> Or, add another new implementation which behaves very similar to floating
> IP's in most aspects
> (But still differ in some)
> Or something else...
>
> Would love to hear the community feedback on the spec, even that its WIP
>
> Thanks
> Gal.
>
> [1] https://review.openstack.org/#/c/224727/
>
>
>
>
>
> __
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>


-- 
Best Regards ,

The G.
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [Neutron] Port Forwarding API

2015-09-20 Thread shihanzhang 


 2) The same FIP address can be used for different mappings, for example 
FIP with IP X

  can be used with different ports to map to different VM's X:4001  -> 
VM1 IP

  X:4002 -> VM2 IP (This is the essence of port forwarding).

 So we also need the port mapping configuration fields


For the second use case, I have a question, does it support DVR?  if VM1 and 
VM2 are on
different compute nodes, how does it work?





在 2015-09-20 14:26:23,"Gal Sagie"  写道:

Hello All,


I have sent a spec [1] to resume the work on port forwarding API and reference 
implementation.


Its currently marked as "WIP", however i raised some "TBD" questions for the 
community.

The way i see port forwarding is an API that is very similar to floating IP API 
and implementation

with few changes:


1) Can only define port forwarding on the router external gateway IP (or 
additional public IPs

   that are located on the router.  (Similar to the case of centralized DNAT)


2) The same FIP address can be used for different mappings, for example FIP 
with IP X

can be used with different ports to map to different VM's X:4001  -> VM1 IP 
  

X:4002 -> VM2 IP (This is the essence of port forwarding).

So we also need the port mapping configuration fields


All the rest should probably behave (in my opinion) very similar to FIP's (for 
example

not being able to remove external gateway if port forwarding entries are 
configured,

if the VM is deletd the port forwarding entry is deleted as well and so on..)

All of these points are mentioned in the spec and i am waiting for the 
community feedback

on them.


I am trying to figure out if implementation wise, it would be smart to try and 
use the floating IP

implementation and extend it for this (given all the above mechanism described 
above already

works for floating IP's)

Or, add another new implementation which behaves very similar to floating IP's 
in most aspects

(But still differ in some)

Or something else...


Would love to hear the community feedback on the spec, even that its WIP


Thanks
Gal.

[1] https://review.openstack.org/#/c/224727/
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev