SlideShare une entreprise Scribd logo

OpenStack Neutron Service Chaining and Insertion

Télécharger en tant que PPTX, PDF
S
Sumit Naiksatam

This is the service insertion and chaining proposal which was presented during the OpenStack Icehouse Design Summit (Hong Kong, Nov 2013).

Technologie
1  sur  19
OpenStack Neutron Service Insertion and Chaining Icehouse Summit Nov 2013 Sumit Naiksatam, Kanzhe Jiang
Resource Model
Service Insertion Context and different insertion modes
Service Insertion Context
L3 insertion
L3 Insertion
L3 Insertion
L3 Insertion
L2 Insertion
Bump in the Wire
Tap
Service Chain Resource
Create and insert individual service
Chooses Service Provider Name from list of available service providers. $ neutron service-provider-list ----------------------------------------------------| Service Type | Name | Default | |---------------------------------------------------| FIREWALL | IPTables | True | | FIREWALL | VendorA | False | | VPN | OpenSwan | True | | VPN | VendorB | False | -----------------------------------------------------
Create service instance (firewall in this case) $ neutron firewall-create <firewall_policy_id> OR $ neutron firewall-create <firewall_policy_id> --provider VendorA OR $ neutron firewall-create <firewall_policy_id> --provider VendorA --insertion-context router_id=<router_id>
Create a Service Chain
Chooses Service Provider Name from list of available service providers. $ neutron service-provider-list ----------------------------------------------------| Service Type | Name | Default | |---------------------------------------------------| FIREWALL | IPTables | True | | FIREWALL | VendorA | False | | VPN | OpenSwan | True | | VPN | VendorB | False | ----------------------------------------------------$ neutron service-chain-provider-list ----------------------------------------------| Chain Name | Services | |---------------------------------------------|Firewall-VPN-Ref-Chain| [IPTables,OpenSwan] | -----------------------------------------------
Create each service in the eventual chain $ neutron firewall-create <firewall_policy_id> --provider IPTables –-in-chain True … … … $ neutron vpn-service-create --provider OpenSwan –-in-chain True … … …
Create chain $ neutron service-chain-create --provider Firewall-VPN-Ref-Chain --services <firewall_instance_id, vpn_instance_id> --name my_fw_vpn_chain --source-insertion-context --router_id=<router_id> … … …

Recommandé

3
33
3
Biswajit23455
 
Introduce to OpenVirteX
Introduce to OpenVirteXIntroduce to OpenVirteX
Introduce to OpenVirteX
sangyun han
 
OpenVirtex (OVX) Tutorial
OpenVirtex (OVX) TutorialOpenVirtex (OVX) Tutorial
OpenVirtex (OVX) Tutorial
동호 손
 
OVNC 2015-Enabling Software-Defined Transformation of Service Provider Networks
OVNC 2015-Enabling Software-Defined Transformation of Service Provider NetworksOVNC 2015-Enabling Software-Defined Transformation of Service Provider Networks
OVNC 2015-Enabling Software-Defined Transformation of Service Provider Networks
NAIM Networks, Inc.
 
Implementing SDN Testbed(ONOS & OpenVirteX)
Implementing SDN Testbed(ONOS & OpenVirteX)Implementing SDN Testbed(ONOS & OpenVirteX)
Implementing SDN Testbed(ONOS & OpenVirteX)
sangyun han
 
ONOS-Based VIM Implementation
ONOS-Based VIM ImplementationONOS-Based VIM Implementation
ONOS-Based VIM Implementation
OPNFV
 
Open stack with_openflowsdn-torii
Open stack with_openflowsdn-toriiOpen stack with_openflowsdn-torii
Open stack with_openflowsdn-torii
Hui Cheng
 
Virt july-2013-meetup
Virt july-2013-meetupVirt july-2013-meetup
Virt july-2013-meetup
nvirters
 

Recommandé

3
33
3
Biswajit23455
 
Introduce to OpenVirteX
Introduce to OpenVirteXIntroduce to OpenVirteX
Introduce to OpenVirteX
sangyun han
 
OpenVirtex (OVX) Tutorial
OpenVirtex (OVX) TutorialOpenVirtex (OVX) Tutorial
OpenVirtex (OVX) Tutorial
동호 손
 
OVNC 2015-Enabling Software-Defined Transformation of Service Provider Networks
OVNC 2015-Enabling Software-Defined Transformation of Service Provider NetworksOVNC 2015-Enabling Software-Defined Transformation of Service Provider Networks
OVNC 2015-Enabling Software-Defined Transformation of Service Provider Networks
NAIM Networks, Inc.
 
Implementing SDN Testbed(ONOS & OpenVirteX)
Implementing SDN Testbed(ONOS & OpenVirteX)Implementing SDN Testbed(ONOS & OpenVirteX)
Implementing SDN Testbed(ONOS & OpenVirteX)
sangyun han
 
ONOS-Based VIM Implementation
ONOS-Based VIM ImplementationONOS-Based VIM Implementation
ONOS-Based VIM Implementation
OPNFV
 
Open stack with_openflowsdn-torii
Open stack with_openflowsdn-toriiOpen stack with_openflowsdn-torii
Open stack with_openflowsdn-torii
Hui Cheng
 
Virt july-2013-meetup
Virt july-2013-meetupVirt july-2013-meetup
Virt july-2013-meetup
nvirters
 
C#. NET ONLINE TRAINING
C#. NET ONLINE TRAININGC#. NET ONLINE TRAINING
C#. NET ONLINE TRAINING
TRAINING ICON
 
C#.net online training
C#.net online trainingC#.net online training
C#.net online training
TRAINING ICON
 
Randolf Geist – IT-Tage 2015 – Oracle Parallel Execution – Analyse und Troubl...
Randolf Geist – IT-Tage 2015 – Oracle Parallel Execution – Analyse und Troubl...Randolf Geist – IT-Tage 2015 – Oracle Parallel Execution – Analyse und Troubl...
Randolf Geist – IT-Tage 2015 – Oracle Parallel Execution – Analyse und Troubl...
Informatik Aktuell
 
(NET301) New Capabilities for Amazon Virtual Private Cloud
(NET301) New Capabilities for Amazon Virtual Private Cloud(NET301) New Capabilities for Amazon Virtual Private Cloud
(NET301) New Capabilities for Amazon Virtual Private Cloud
Amazon Web Services
 
SAP XI PI ONLINE TRAINING
SAP XI PI ONLINE TRAININGSAP XI PI ONLINE TRAINING
SAP XI PI ONLINE TRAINING
TRAINING ICON
 
Ruby on rails online training
Ruby on rails online trainingRuby on rails online training
Ruby on rails online training
TRAINING ICON
 
RUBY ON RAILS ONLINE TRAINING
RUBY ON RAILS ONLINE TRAINING RUBY ON RAILS ONLINE TRAINING
RUBY ON RAILS ONLINE TRAINING
TRAINING ICON
 
SAS ONLINE TRAINING
SAS ONLINE TRAININGSAS ONLINE TRAINING
SAS ONLINE TRAINING
TRAINING ICON
 
Sas online training
Sas online trainingSas online training
Sas online training
TRAINING ICON
 
NTC 409 RANK Become Exceptional--ntc409rank.com
NTC 409 RANK Become Exceptional--ntc409rank.comNTC 409 RANK Become Exceptional--ntc409rank.com
NTC 409 RANK Become Exceptional--ntc409rank.com
shanaabe69
 
ドキュメントデータベースとして MySQLを使う!? ~MySQL JSON UDF~
ドキュメントデータベースとして MySQLを使う!? ~MySQL JSON UDF~ドキュメントデータベースとして MySQLを使う!? ~MySQL JSON UDF~
ドキュメントデータベースとして MySQLを使う!? ~MySQL JSON UDF~
yoyamasaki
 
NTC 409 RANK Introduction Education--ntc409rank.com
NTC 409 RANK Introduction Education--ntc409rank.comNTC 409 RANK Introduction Education--ntc409rank.com
NTC 409 RANK Introduction Education--ntc409rank.com
GVlaxmi16
 
Compute 101 - OpenStack Summit Vancouver 2015
Compute 101 - OpenStack Summit Vancouver 2015Compute 101 - OpenStack Summit Vancouver 2015
Compute 101 - OpenStack Summit Vancouver 2015
Stephen Gordon
 
Spring MVC - The Basics
Spring MVC - The BasicsSpring MVC - The Basics
Spring MVC - The Basics
Ilio Catallo
 
Shared networks to support VNF high availability across OpenStack multi-regio...
Shared networks to support VNF high availability across OpenStack multi-regio...Shared networks to support VNF high availability across OpenStack multi-regio...
Shared networks to support VNF high availability across OpenStack multi-regio...
Joe Huang
 
CCNP Switching Chapter 7
CCNP Switching Chapter 7CCNP Switching Chapter 7
CCNP Switching Chapter 7
Chaing Ravuth
 
Training Slides: Advanced 304: Upgrading From Native MySQL Replication To Tun...
Training Slides: Advanced 304: Upgrading From Native MySQL Replication To Tun...Training Slides: Advanced 304: Upgrading From Native MySQL Replication To Tun...
Training Slides: Advanced 304: Upgrading From Native MySQL Replication To Tun...
Continuent
 
Sydney Oracle Meetup - access paths
Sydney Oracle Meetup - access pathsSydney Oracle Meetup - access paths
Sydney Oracle Meetup - access paths
paulguerin
 
What is new in neutron QoS?
What is new in neutron QoS?What is new in neutron QoS?
What is new in neutron QoS?
Sławomir Kapłoński
 
Writing efficient sql
Writing efficient sqlWriting efficient sql
Writing efficient sql
j9soto
 
Open stack gbp final sn-4-slideshare
Open stack gbp final sn-4-slideshareOpen stack gbp final sn-4-slideshare
Open stack gbp final sn-4-slideshare
Sumit Naiksatam
 
Group-based Policy for Networking
Group-based Policy for NetworkingGroup-based Policy for Networking
Group-based Policy for Networking
Sumit Naiksatam
 

Contenu connexe

Similaire à OpenStack Neutron Service Chaining and Insertion

Shared networks to support VNF high availability across OpenStack multi-regio...
Shared networks to support VNF high availability across OpenStack multi-regio...Shared networks to support VNF high availability across OpenStack multi-regio...
Shared networks to support VNF high availability across OpenStack multi-regio...
Joe Huang
 
Training Slides: Advanced 304: Upgrading From Native MySQL Replication To Tun...
Training Slides: Advanced 304: Upgrading From Native MySQL Replication To Tun...Training Slides: Advanced 304: Upgrading From Native MySQL Replication To Tun...
Training Slides: Advanced 304: Upgrading From Native MySQL Replication To Tun...
Continuent
 
Sydney Oracle Meetup - access paths
Sydney Oracle Meetup - access pathsSydney Oracle Meetup - access paths
Sydney Oracle Meetup - access paths
paulguerin
 
Writing efficient sql
Writing efficient sqlWriting efficient sql
Writing efficient sql
j9soto
 

Similaire à OpenStack Neutron Service Chaining and Insertion (20)

C#. NET ONLINE TRAINING
C#. NET ONLINE TRAININGC#. NET ONLINE TRAINING
C#. NET ONLINE TRAINING
 
C#.net online training
C#.net online trainingC#.net online training
C#.net online training
 
Randolf Geist – IT-Tage 2015 – Oracle Parallel Execution – Analyse und Troubl...
Randolf Geist – IT-Tage 2015 – Oracle Parallel Execution – Analyse und Troubl...Randolf Geist – IT-Tage 2015 – Oracle Parallel Execution – Analyse und Troubl...
Randolf Geist – IT-Tage 2015 – Oracle Parallel Execution – Analyse und Troubl...
 
(NET301) New Capabilities for Amazon Virtual Private Cloud
(NET301) New Capabilities for Amazon Virtual Private Cloud(NET301) New Capabilities for Amazon Virtual Private Cloud
(NET301) New Capabilities for Amazon Virtual Private Cloud
 
SAP XI PI ONLINE TRAINING
SAP XI PI ONLINE TRAININGSAP XI PI ONLINE TRAINING
SAP XI PI ONLINE TRAINING
 
Ruby on rails online training
Ruby on rails online trainingRuby on rails online training
Ruby on rails online training
 
RUBY ON RAILS ONLINE TRAINING
RUBY ON RAILS ONLINE TRAINING RUBY ON RAILS ONLINE TRAINING
RUBY ON RAILS ONLINE TRAINING
 
SAS ONLINE TRAINING
SAS ONLINE TRAININGSAS ONLINE TRAINING
SAS ONLINE TRAINING
 
Sas online training
Sas online trainingSas online training
Sas online training
 
NTC 409 RANK Become Exceptional--ntc409rank.com
NTC 409 RANK Become Exceptional--ntc409rank.comNTC 409 RANK Become Exceptional--ntc409rank.com
NTC 409 RANK Become Exceptional--ntc409rank.com
 
ドキュメントデータベースとして MySQLを使う!? ~MySQL JSON UDF~
ドキュメントデータベースとして MySQLを使う!? ~MySQL JSON UDF~ドキュメントデータベースとして MySQLを使う!? ~MySQL JSON UDF~
ドキュメントデータベースとして MySQLを使う!? ~MySQL JSON UDF~
 
NTC 409 RANK Introduction Education--ntc409rank.com
NTC 409 RANK Introduction Education--ntc409rank.comNTC 409 RANK Introduction Education--ntc409rank.com
NTC 409 RANK Introduction Education--ntc409rank.com
 
Compute 101 - OpenStack Summit Vancouver 2015
Compute 101 - OpenStack Summit Vancouver 2015Compute 101 - OpenStack Summit Vancouver 2015
Compute 101 - OpenStack Summit Vancouver 2015
 
Spring MVC - The Basics
Spring MVC - The BasicsSpring MVC - The Basics
Spring MVC - The Basics
 
Shared networks to support VNF high availability across OpenStack multi-regio...
Shared networks to support VNF high availability across OpenStack multi-regio...Shared networks to support VNF high availability across OpenStack multi-regio...
Shared networks to support VNF high availability across OpenStack multi-regio...
 
CCNP Switching Chapter 7
CCNP Switching Chapter 7CCNP Switching Chapter 7
CCNP Switching Chapter 7
 
Training Slides: Advanced 304: Upgrading From Native MySQL Replication To Tun...
Training Slides: Advanced 304: Upgrading From Native MySQL Replication To Tun...Training Slides: Advanced 304: Upgrading From Native MySQL Replication To Tun...
Training Slides: Advanced 304: Upgrading From Native MySQL Replication To Tun...
 
Sydney Oracle Meetup - access paths
Sydney Oracle Meetup - access pathsSydney Oracle Meetup - access paths
Sydney Oracle Meetup - access paths
 
What is new in neutron QoS?
What is new in neutron QoS?What is new in neutron QoS?
What is new in neutron QoS?
 
Writing efficient sql
Writing efficient sqlWriting efficient sql
Writing efficient sql
 

Plus de Sumit Naiksatam

Network Policy Abstractions in OpenStack Neutron
Network Policy Abstractions in OpenStack NeutronNetwork Policy Abstractions in OpenStack Neutron
Network Policy Abstractions in OpenStack Neutron
Sumit Naiksatam
 
Quantum services' chaining open stack havana design summit, portland 2013
Quantum services' chaining open stack havana design summit, portland 2013Quantum services' chaining open stack havana design summit, portland 2013
Quantum services' chaining open stack havana design summit, portland 2013
Sumit Naiksatam
 
Quantum firewall as a service open stack havana design summit, portland 2013
Quantum firewall as a service open stack havana design summit, portland 2013Quantum firewall as a service open stack havana design summit, portland 2013
Quantum firewall as a service open stack havana design summit, portland 2013
Sumit Naiksatam
 

Plus de Sumit Naiksatam (8)

Open stack gbp final sn-4-slideshare
Open stack gbp final sn-4-slideshareOpen stack gbp final sn-4-slideshare
Open stack gbp final sn-4-slideshare
 
Group-based Policy for Networking
Group-based Policy for NetworkingGroup-based Policy for Networking
Group-based Policy for Networking
 
Group-based Policy For OpenStack Networking
Group-based Policy For OpenStack NetworkingGroup-based Policy For OpenStack Networking
Group-based Policy For OpenStack Networking
 
Network Policy Abstractions in OpenStack Neutron
Network Policy Abstractions in OpenStack NeutronNetwork Policy Abstractions in OpenStack Neutron
Network Policy Abstractions in OpenStack Neutron
 
Quantum services' chaining open stack havana design summit, portland 2013
Quantum services' chaining open stack havana design summit, portland 2013Quantum services' chaining open stack havana design summit, portland 2013
Quantum services' chaining open stack havana design summit, portland 2013
 
Quantum firewall as a service open stack havana design summit, portland 2013
Quantum firewall as a service open stack havana design summit, portland 2013Quantum firewall as a service open stack havana design summit, portland 2013
Quantum firewall as a service open stack havana design summit, portland 2013
 
Quantum L3 (forwarding) model - OpenStack Folsom Design Summit
Quantum L3 (forwarding) model - OpenStack Folsom Design SummitQuantum L3 (forwarding) model - OpenStack Folsom Design Summit
Quantum L3 (forwarding) model - OpenStack Folsom Design Summit
 
OpenStack Quantum
OpenStack QuantumOpenStack Quantum
OpenStack Quantum
 

Dernier

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Dernier (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 

OpenStack Neutron Service Chaining and Insertion

  • 1. OpenStack Neutron Service Insertion and Chaining Icehouse Summit Nov 2013 Sumit Naiksatam, Kanzhe Jiang
  • 3. Service Insertion Context and different insertion modes
  • 10. Bump in the Wire
  • 11. Tap
  • 13. Create and insert individual service
  • 14. Chooses Service Provider Name from list of available service providers. $ neutron service-provider-list ----------------------------------------------------| Service Type | Name | Default | |---------------------------------------------------| FIREWALL | IPTables | True | | FIREWALL | VendorA | False | | VPN | OpenSwan | True | | VPN | VendorB | False | -----------------------------------------------------
  • 15. Create service instance (firewall in this case) $ neutron firewall-create <firewall_policy_id> OR $ neutron firewall-create <firewall_policy_id> --provider VendorA OR $ neutron firewall-create <firewall_policy_id> --provider VendorA --insertion-context router_id=<router_id>
  • 17. Chooses Service Provider Name from list of available service providers. $ neutron service-provider-list ----------------------------------------------------| Service Type | Name | Default | |---------------------------------------------------| FIREWALL | IPTables | True | | FIREWALL | VendorA | False | | VPN | OpenSwan | True | | VPN | VendorB | False | ----------------------------------------------------$ neutron service-chain-provider-list ----------------------------------------------| Chain Name | Services | |---------------------------------------------|Firewall-VPN-Ref-Chain| [IPTables,OpenSwan] | -----------------------------------------------
  • 18. Create each service in the eventual chain $ neutron firewall-create <firewall_policy_id> --provider IPTables –-in-chain True … … … $ neutron vpn-service-create --provider OpenSwan –-in-chain True … … …
  • 19. Create chain $ neutron service-chain-create --provider Firewall-VPN-Ref-Chain --services <firewall_instance_id, vpn_instance_id> --name my_fw_vpn_chain --source-insertion-context --router_id=<router_id> … … …