I am checking the vyatta driver now and they replaced l3 agent with their own agent and also using a vrouter image for router creation. Our appliance is not virtual :) So for the linkage between services, can service chaining help me?
On Mon, Nov 23, 2015 at 8:25 AM, Germy Lure <germy.l...@gmail.com> wrote: > Hi, > Under current FWaaS architecture or framework, only integrating hardware > firewall is not easy. That requires neutron support service level multiple > vendors. In another word, vendors must fit each other for their services > while currently vendors just provides all services through controller. > > I think the root cause is Neutron just doesn't known how the network > devices connect each other. Neutron provides FW, LB, VPN and other > advanced network functionalists as services. But as the implementation > layer, Neutron needs TOPO info to make right decision, routing traffic to > the right device. For example, from namespace router to hardware firewall, > Neutron should add some internal routes even extra L3 interfaces according > to the connection relationship between them. If the firewall service is > integrated with router, like Vyatta, it's simple. The only thing you need > to do is just enable the firewall itself. > > All in all, it requires linkage between services, especially between > advanced services and L3 router. > > Germy > . > > On Fri, Nov 20, 2015 at 9:19 PM, Somanchi Trinath < > trinath.soman...@freescale.com> wrote: > >> Hi- >> >> >> >> As I understand you are not sure on “How to locate the Hardware >> Appliance” which you have as your FW? >> >> >> >> Am I right? If so you can look into, >> https://github.com/jumpojoy/generic_switch kind of approach. >> >> >> >> - >> >> Trinath >> >> >> >> >> >> >> >> *From:* Oguz Yarimtepe [mailto:oguzyarimt...@gmail.com] >> *Sent:* Friday, November 20, 2015 5:52 PM >> *To:* OpenStack Development Mailing List (not for usage questions) < >> openstack-dev@lists.openstack.org> >> *Subject:* Re: [openstack-dev] [neutron][fwaas]some architectural advice >> on fwaas driver writing >> >> >> >> I created a sample driver by looking at vArmour driver that is at the >> Github FWaaS repo. I am planning to call the FW's REST API from the >> suitable functions. >> >> The problem is, i am still not sure how to locate the hardware appliance. >> One of the FWaaS guy says that Service Chaining can help, any body has an >> idea or how to insert the fw to OpenStack? >> >> On 11/02/2015 02:36 PM, Somanchi Trinath wrote: >> >> Hi- >> >> >> >> I’m confused. Do you really have an PoC implementation of what is to be >> achieved? >> >> >> >> As I look into these type of Implementations, I would prefer to have >> proxy driver/plugin to get the configuration from Openstack to external >> controller/device and do the rest of the magic. >> >> >> >> - >> >> Trinath >> >> >> >> __________________________________________________________________________ >> OpenStack Development Mailing List (not for usage questions) >> Unsubscribe: >> openstack-dev-requ...@lists.openstack.org?subject:unsubscribe >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> >> > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > -- Oğuz Yarımtepe http://about.me/oguzy
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
