[openstack-dev] [Neutron][vpnaas]

HoangCX at vn.fujitsu.com HoangCX at vn.fujitsu.com
Fri Mar 23 02:30:27 UTC 2018


Yes. I think It is possible. You need to create new endpoint groups which include the current subnet and a new subnet. Then just update the ipsec connections with corresponding endpoints.

Best regards,

From: vidyadhar reddy [mailto:vidyadharreddy68 at gmail.com]
Sent: Thursday, March 22, 2018 4:06 PM
To: Cao, Xuan Hoang
Subject: Re: [openstack-dev] [Neutron][vpnaas]

Hello Hoang,
i have tried the subnet grouping seems like its working, but that method is fine when we have n subnets before setting up the vpnaas, but i just wanted to know if there is any method where we can add subnets to the existing vpnaas connection so that the newly entered subnets can communicate using the vpnaas connection which is already there.
Best Regards,
vidyadhar reddy

On Wed, Mar 21, 2018 at 3:54 AM, HoangCX at vn.fujitsu.com<mailto:HoangCX at vn.fujitsu.com> <HoangCX at vn.fujitsu.com<mailto:HoangCX at vn.fujitsu.com>> wrote:

IIUC, your use case is to connect 4 subnets from different sites (2 subnets for each site). If so, did you try with endpoint group?
If not, please refer the following docs for more detail about how to try and get more understanding [1][2]

[1] https://docs.openstack.org/neutron/latest/admin/vpnaas-scenario.html#using-vpnaas-with-endpoint-group-recommended
[2] https://docs.openstack.org/neutron-vpnaas/latest/contributor/multiple-local-subnets.html

Cao Xuan Hoang,

From: vidyadhar reddy [mailto:vidyadharreddy68 at gmail.com<mailto:vidyadharreddy68 at gmail.com>]
Sent: Tuesday, March 20, 2018 4:31 PM
To: openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>
Subject: [openstack-dev] [Neutron][vpnaas]

i have a general question regarding the working of vpnaas,
can we setup multiple vpn connections on a single router? my scenario is lets say we have two networks net 1 and net2 in two different sites respectively, each network has two subnets, two sites have one router in each, with three interfaces one for the public network and remaining two for the two subnets, can we setup a two vpnaas connections on the routers in each site to enable communication between the two subnets in each site.
i have tried this setup, it didn't work for me. just wanted to know if it is a design constraint or not, i am not sure if this issue is under development, is there any development going on or is it already been solved?
Vidyadhar reddy peddireddy

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20180323/85bb0a78/attachment.html>

More information about the OpenStack-dev mailing list