Dynamic Routing (IPv4 and IPv6)

Project Introduction

This is the followup of Static Routing IPv4 (Routed mode)

Community discussion: https://lists.apache.org/thread/zngwtqp3ms8rwmzjnt9h825zvsr85qtd

Related links

• Static routing IPv4 (target to 4.20): https://github.com/apache/cloudstack/pull/9346

• AS Number Management #9410

Functional Description

The next step on this journey is to add some kind of dynamic routing. One way that I have in mind is using dynamic BGP:

1 - Operator configures one or more BGP peers for a given Zone (with different metrics)

2 - Operator presents a pool of Private AS numbers to the Zone (just like we do for VLANs)

3 - When a network is created with an offering which has dynamic routing enabled an AS number is allocated

4 - ACS configures the BGP session on the VR, advertising all its connected networks

Please note

• ALL VPC tiers share the same AS number
• ALL VPC tiers share the list of BGP peers. However, the FRR config will be generated only for the VPC tiers with routingmode=Dynamic.

High-level Design

Database Changes

• new table : bgp_peers

• new table: bgp_peer_network_map
• new table: bgp_peer_details

New APIs

• create/list/remove/update of BgpPeers
• changeBgpPeersForNetwork
• changeBgpPeersForVPC

New API parameters or responses

• bgppeers in network response
• bgppeers in vpc response
• create network with bgppeerids
• create vpc with bgppeerids

VR changes

• rebuild new systemvm template with frr
• generate frr config when
  • create network/vpc tier
  • delete network/vpc tier
  • restart VR
  • recreate VR

VR script changes

• manage bgppeers in /etc/cloudstack/bgppeers
• generate frr config using CsBgpPeer.py

UI changes

• manage BGP peers
• Update network/vpc bgp peers
• create network/vpc with bgp peer ids

integration test

append to https://github.com/apache/cloudstack/pull/9346

1. test_10_bgp_peers

# 1. Create bgppeer
# 2. List bgppeer
# 3. Update bgppeer
# 4. dedicate bgppeer to domain
# 5. released dedicated bgppeer
# 6. dedicate bgppeer to sub-domain/account
# 7. released dedicated bgppeer
# 8. delete bgppeer

2. test_11_isolated_network_with_dynamic_routed_mode

# 1. Create Isolated network with bgp_peer_1
# 2. Create VM in the network
# 3. Verify frr.conf in network VR
# 4. Update network BGP peers (to bgp_peer_1 and bgp_peer_2)
# 5. Verify frr.conf in network VR
# 6. Reboot VR
# 7. Verify frr.conf in network VR
# 8. Update network BGP peers (to null)
# 9. Verify frr.conf in network VR

3. test_12_vpc_and_tier_with_dynamic_routed_mode

# 1. Create bgp peers
# 2. Create VPC
# 3. Create Network ACL (egress = Deny, ingress = Deny)
# 4. Create VPC tier with Network ACL in the VPC
# 5. Create VM in the VPC tier
# 6. Verify frr.conf in VPC VR
# 7. Update network BGP peers (to bgp_peer_1 and bgp_peer_2)
# 8. Verify frr.conf in VPC VR
# 9. Create VPC tier-2 with Network ACL in the VPC
# 10. Create VM-2 in the VPC tier-2
# 11. Verify frr.conf in VPC VR
# 12. Reboot VPC VR
# 13. Verify frr.conf in VPC VR
# 14. Update network BGP peers (to null)
# 15. Verify frr.conf in VPC VR

Considerations

Non-Functional Requirements

to be added.

User Interface

to be added.

Milestones

Glossary

BGP - Border Gateway Protocol

References

• NSX integration #7919
• https://docs.cloudstack.apache.org/en/latest/plugins/ipv6.html
• Static Routing IPv4 (Routed mode)
• https://lists.apache.org/thread/zngwtqp3ms8rwmzjnt9h825zvsr85qtd
• https://github.com/apache/cloudstack/pull/9346
• https://github.com/apache/cloudstack/pull/9410