Excerpts from Curtis's message of 2016-10-02 16:22:52 -0600: > On Sat, Oct 1, 2016 at 3:39 PM, Clint Byrum <cl...@fewbar.com> wrote: > > Excerpts from Jonathan Proulx's message of 2016-09-30 10:15:26 -0400: > >> > >> Starting to think refactoring my SDN world (currently just neutron > >> ml2/ovs inside OpenStack) in preparation for maybe finally lighting up > >> that second Region I've been threatening for the past year... > >> > >> Networking is always the hardest design challeng. Has anyone seen my > >> unicorn? I dream of something the first works with neutron of course > >> but also can extend the same network features to hardware out side > >> openstack and into random public cloud infrastructures through VM and/or > >> containerised gateways. Also I don't want to hire a whole networking > >> team to run it. > >> > >> I'm fairly certain this is still fantasy though I've heard various > >> vendors promise the earth and stars but I'd love to hear if anyone is > >> actually getting close to this in production systems and if so what > >> your experience has been like. > >> > > > > I know it's hard to believe, but this world was foretold long ago and > > what you want requires no special equipment or changes to OpenStack, > > just will-power. You can achieve it now if you can use operating system > > versions published in the last 5 or so years. > > > > The steps to do this: > > > > 1) Fix your apps to work via IPv6 > > 2) Fix your internal users to have v6 native > > 3) Attach your VMs and containers to a provider network with v6 subnets > > 4) Use IPSec and firewalls for critical isolation. (What we use L2 > > separation for now) > > > > This is not complicated, but your SDN vendor probably doesn't want you > > to know that. You can still attach v4 addresses to your edge endpoints > > so they can talk to legacy stuff while you migrate. But the idea here > > is, if you control both ends of a connection, there is no reason you > > should still be using v4 except tradition. > > It would be great for everyone to use ipv6. However, I'm not sure what > major public clouds support it. For example I'm pretty sure AWS does > not (maybe for some services). I'd love to be wrong on that. :) >
IPv6 is already rolling out on Amazon [1] (ELB also has had IPv6 for quite some time), though right now that only helps you for egress traffic from your own cloud (EC2 won't give your instances a native IPv6 address). You can still use a tunnel provider to use ipv6 on AWS, just like any other hosting provider. However, another idea is, take your business elsewhere, to a provider that _will_ give you IPv6, and will also run a cloud that is aligned with your interests as an OpenStack user [2]. [1] https://aws.amazon.com/blogs/aws/now-available-ipv6-support-for-amazon-s3/ [2] https://www.openstack.org/marketplace/public-clouds/ _______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
