diff options
author | Bin Hu <bh526r@att.com> | 2015-06-23 12:00:30 -0700 |
---|---|---|
committer | Bin Hu <bh526r@att.com> | 2015-06-23 12:01:24 -0700 |
commit | 6c3236b04bf6913c40e7b0e4fb8e4f2883520f97 (patch) | |
tree | d5a02946ce39dd4aefbceee8566c231cedcbb17f | |
parent | 087d3c405c1c4d08f820fac4ec8f7ad72f1c1fa5 (diff) |
JIRA: IPVSIX-2
Change-Id: Ifddda2ead55601db368e3d4a69767de412bc66cf
Signed-off-by: Bin Hu <bh526r@att.com>
-rw-r--r-- | INFO | 25 | ||||
-rw-r--r-- | requirements/Requirement-Analysis-Kilo.txt | 141 |
2 files changed, 166 insertions, 0 deletions
@@ -0,0 +1,25 @@ +Project: IPv6-enabled OPNFV Project (ipv6) +Project Creation Date: November 25, 2014 +Project Category: Integration & Testing +Lifecycle State: Incubation +Primary Contact: Bin Hu +Project Lead: Bin Hu +Gerrit Repository: ipv6 +Jira Project Name: IPv6-enabled OPNFV Project +Jira Project Prefix: IPVSIX +Mailing list tag: [ipv6] +IRC: Server:freenode.net Channel:#opnfv-ipv6 +Etherpad: http://etherpad.opnfv.org/p/ipv6 + +Committers: +bh526r@att.com +tnadeau@brocade.com +plee@clearpathnet.com +mmedina@clearpathnet.com +jonne.soininen@nsn.com +gessau@cisco.com +prakash.ramchandran@huawei.com +sgaddam@redhat.com +sridhar.gaddam@redhat.com + + diff --git a/requirements/Requirement-Analysis-Kilo.txt b/requirements/Requirement-Analysis-Kilo.txt new file mode 100644 index 0000000..d6e5f45 --- /dev/null +++ b/requirements/Requirement-Analysis-Kilo.txt @@ -0,0 +1,141 @@ +===== Top Down Use Case and Gap Analysis =====
+
+Here are some top down use cases of VIM-agnostic IPv6 functionality, including
+infrastructure layer and VNF (VM) layer, and its gap analysis with Neutron
+in Juno release:
+
+(1) Use Case / Requirement 1: All topologies work in a multi-tenant environment
+Supported in Neutron, Kilo Release: Yes
+Notes: The IPv6 design is following the Neutron tenant networks model; dnsmasq
+is being used inside DHCP network namespaces, while radvd is being used inside
+Neutron routers namespaces to provide full isolation between tenants.
+Tenant isolation can be based on VLANs, GRE, or VXLAN encapsulation. In case of
+overlays, the transport network (and VTEPs) must be IPv4 based as of today.
+
+(2) Use Case / Requirement 2: IPv6 VM to VM only
+Supported in Neutron, Kilo Release: Yes
+Notes: It is possible to assign IPv6-only addresses to VMs. Both switching
+(within VMs on the same tenant network) as well as east/west routing (between
+different networks of the same tenant) are supported.
+
+(3) Use Case / Requirement 3: IPv6 external L2 VLAN directly attached to a VM
+Supported in Neutron, Kilo Release: Yes
+Notes: IPv6 provider network model; RA messages from upstream (external) router
+are forwarded into the VMs.
+
+(4) Use Case / Requirement 4: IPv6 subnet routed via L3 agent to an external
+IPv6 network
+(a) Both VLAN and overlay (e.g. GRE, VXLAN) subnet attached to VMs;
+(b) Must be able to support multiple L3 agents for a given external network to
+support scaling (neutron scheduler to assign vRouters to the L3 agents)
+Supported in Neutron, Kilo Release: (a) Yes (b) Yes
+Notes: Configuration is enhanced in Kilo to allow easier setup of the upstream
+gateway, without the user forced to create an IPv6 subnet for the external network.
+
+(5) Use Case / Requirement 5: Ability for a NIC to support both IPv4 and IPv6
+(dual stack) address;
+(a) VM with a single interface associated with a network, which is then
+associated with two subnets.
+(b) VM with two different interfaces associated with two different networks
+and two different subnets.
+Supported in Neutron, Kilo Release: (a) Yes (b) Yes
+Notes: Dual-stack is supported in Neutron with the addition of "Multiple IPv6
+Prefixes" Blueprint
+(https://blueprints.launchpad.net/neutron/+spec/multiple-ipv6-prefixes)
+
+(6) Use Case / Requirement 6: Support IPv6 Address assignment modes.
+(a) SLAAC
+(b) DHCPv6 Stateless
+(c) DHCPv6 Stateful
+Supported in Neutron, Kilo Release: (a) Yes (b) Yes (c) Yes
+
+(7) Use Case / Requirement 7: Ability to create a port on an IPv6 DHCPv6
+Stateful subnet and assign a specific IPv6 address to the port and have it
+taken out of the DHCP address pool.
+Supported in Neutron, Kilo Release: Yes
+
+(8) Use Case / Requirement 8: Ability to create a port with fixed_ip for a
+SLAAC/DHCPv6-Stateless Subnet.
+Supported in Neutron, Kilo Release: No
+Notes: The following patch disables this operation:
+https://review.openstack.org/#/c/129144/
+
+(9) Use Case / Requirement 9: Support for private IPv6 to external IPv6
+floating IP; Ability to specify floating IPs via Neutron API (REST and CLI)
+as well as via Horizon, including combination of IPv6/IPv4 and IPv4/IPv6
+floating IPs if implemented.
+Supported in Neutron, Kilo Release: Rejected
+Notes: Blueprint proposed in upstream and got rejected. General expectation is
+to avoid NAT with IPv6 by assigning GUA to tenant VMs. See
+https://review.openstack.org/#/c/139731/ for discussion
+
+(10) Use Case / Requirement 10: Provide IPv6/IPv4 feature parity in support for
+pass-through capabilities (e.g., SR-IOV).
+Supported in Neutron, Kilo Release: Roadmap
+Notes: The L3 configuration should be transparent for the SR-IOV implementation.
+SR-IOV networking support introduced in Juno based on the sriovnicswitch ML2
+driver is expected to work with IPv4 and IPv6 enabled VMs.
+
+(11) Use Case / Requirement 11: Additional IPv6 extensions, for example: IPSEC,
+IPv6 Anycast, Multicast
+Supported in Neutron, Kilo Release: No
+Notes: It doesn't appear to be considered yet (lack of clear requirements)
+
+(12) Use Case / Requirement 12: VM access to the meta-data server to obtain
+user data, SSH keys, etc. using cloud-init with IPv6 only interfaces.
+Supported in Neutron, Kilo Release: No
+Notes: This is currently not supported. Config-drive or dual-stack IPv4/IPv6
+can be used as a workaround (so that the IPv4 network is used to obtain
+connectivity with the metadata service). See email discussion thread
+(http://openstack.10931.n7.nabble.com/Neutron-cloud-init-IPv6-support-td45386.html)
+
+(13) Use Case / Requirement 13: Full support for IPv6 matching (i.e. IPv6,
+ICMPv6, TCP, UDP) in security groups. Ability to control and manage all IPv6
+security group capabilities via Neutron/Nova API (REST and CLI) as well as via
+Horizon.
+Supported in Neutron, Kilo Release: Yes
+
+(14) Use Case / Requirement 14: During network/subnet/router create, there
+should be an option to allow user to specify the type of address management
+they would like. This includes all options including those low priority if
+implemented (e.g., toggle on/off router and address prefix advertisements);
+It must be supported via Neutron API (REST and CLI) as well as via Horizon.
+Supported in Neutron, Kilo Release: Yes
+Notes: Two new Subnet attributes were introduced to control IPv6 address
+assignment options:
+(a) "ipv6-ra-mode" - to determine who sends Router Advertisements, and
+(b) "ipv6-address-mode" - to determine how VM obtains IPv6 address, default
+gateway, and/or optional information.
+
+(15) Use Case / Requirement 15: Security groups anti-spoofing: Prevent VM from
+using a source IPv6/MAC address which is not assigned to the VM.
+Supported in Neutron, Kilo Release: Yes
+
+(16) Use Case / Requirement 16: Protect tenant and provider network from rough RAs
+Supported in Neutron, Kilo Release: Yes
+Notes: When using a tenant network, Neutron is going to automatically handle the
+filter rules to allow connectivity of RAs to the VMs only from the Neutron
+router port; with provider networks, users are required to specify the LLA of
+the upstream router during the subnet creation, or otherwise manually edit the
+security-groups rules to allow incoming traffic from this specific address.
+
+(17) Use Case / Requirement 17: Support the ability to assign multiple IPv6
+addresses to an interface; both for Neutron router interfaces and VM interfaces.
+Supported in Neutron, Kilo Release: Yes
+
+(18) Use Case / Requirement 18: Ability for a VM to support a mix of multiple
+IPv4 and IPv6 networks, including multiples of the same type.
+Supported in Neutron, Kilo Release: Yes
+
+(19) Use Case / Requirement 19: Support for IPv6 Prefix Delegation.
+Supported in Neutron, Kilo Release: Roadmap
+Notes: Planned for Liberty
+
+(20) Use Case / Requirement 20: Distributed Virtual Routing (DVR) support for IPv6
+Supported in Neutron, Kilo Release: No
+Notes: Blueprint proposed upstream, pending discussion.
+
+(21) Use Case / Requirement 21: IPv6 First-Hop Security, IPv6 ND spoofing.
+Supported in Neutron, Kilo Release: Roadmap
+Notes: Blueprint proposed upstream. Some patches are under review.
+
|