Site-to-Site VPN 2.0 Requirements

1       Background

Site-to-Site VPN feature is currently available in CloudStack release. Site-to-Site VPN features allow users to establish a secure connection between a Cloud infrastructure and their own enterprise Datacenter. The feature allows users to create a VPN Tunnel between CloudStack’s Virtual Router and a physical device on the other side. This feature was supported for Cisco ISR and Juniper J-Series Routers.

This requirements document covers the additional capabilities that customers/users would like to see as enhancements to existing feature set.

Use Cases:

  • Deploying applications in multiple AZ: Users would want to deploy their applications in multiple Availability Zones and would like to connect using a Site-to-Site VPN Tunnel.
  • Proactive Tunnel Monitoring: Users want to know when their VPN Tunnel has gone down so that they can respond to these events limiting the application downtime.

2       Requirements

  • Allow a Site-to-Site VPN tunnel to be established between VR to VR. Currently, only one side of the tunnel can be a Virtual Router and the other side is expected to be a Cisco ISR or a Juniper J-Series Routers.
  • Users would also like CloudStack to monitor the tunnel state and get notified when a VPN tunnel goes up/down.

3       UI / UX Requirements

  • As part of VPC setup, allow administrator to create a Site-to-Site VPN Tunnel between two Virtual Routers
  • Alert the user when a Tunnel goes down/up.

4       Upgrade Scenarios

Following upgrade scenarios should be supported:

  • No upgrade scenarios need to be handled, as this is a new functionality.

5       Non-Requirements

  • None

6       Bugs

7       Open Items

  • None
  • No labels