November 6-8, 2017

Event Details

Neutron-Neutron interconnections

Provide network interconnections between Openstack clouds ? between regions ? DC pods ?

Neutron today offers floating IPs and IPSec VPNaaS. However these are not always good enough: sometimes private addressing and network isolation is needed, but avoiding the overhead of IPSec encryption would be preferable.

How to avoid the overhead of adding an orchestrator ?

Solutions also exists to create interconnections in ways specific to each overlay technology or SDN backends, but they will require central coordination via an orchestrator (not always possible), and sometimes also the provisioing of network devices (not always simple).

"Neutron talking to Neutron"

This talk exposes and showcases a solution where Openstack projects define their network interconnection needs across regions or clouds, and Neutron endpoints in the different regions coordinate together in a simple way to setup these private isolated interconnections. Without orchestration nor network device configuration.

What can I expect to learn?

This talk will explore:

  • the motivations for having network interconnections between Openstack clouds or regions, with private addressing and without IPSec encryption
  • the reasons why adding an orchestrator on top is not always an option
  • the reasons why requiring network device automation is not always simple
  • how we designed a interconnection solution with simple Neutron-to-Neutron exchanges between regions and a reuse of WAN VPN routing

This talk will feature a demo of a prototype implementation of a simple Neutron service to deliver this service reusing existing drivers.


Tuesday, November 7, 1:50pm-2:00pm
Level: Advanced
Thomas is at Orange Labs, mainly involved on SDN and network virtualization for IaaS platforms with activities ranging from architecture/ engineering studies, to lab and software development. Thomas is also active in the IETF, where he contributes to RFCs and has during a few years co-chaired BESS, the working group defining the evolutions of BGP VPN specifications. He has been focusing on... FULL PROFILE