yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1491317] [NEW] Add port fowrading extension to L3

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Gal Sagie <gal.sagie@xxxxxxxxxx>
Date: Wed, 02 Sep 2015 09:52:44 -0000
Reply-to: Bug 1491317 <1491317@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

I have searched and found many past efforts to implement port forwarding in Neutron.
I have found two incomplete blueprints [1], [2] and an abandoned patch [3].

There is even a project in Stackforge [4], [5] that claims
to implement this, but the L3 parts in it seems older then current master.

I have recently came across this requirement for various use cases, one of them is
providing feature compliance with Docker port-mapping feature (for Kuryr), and saving floating
IP's space.
There has been many discussions in the past that require this feature, so i assume
there is a demand to make this formal, just a small examples [6], [7], [8], [9]

The idea in a nutshell is to support port forwarding (TCP/UDP ports) on the external router
leg from the public network to internal ports, so user can use one Floating IP (the external
gateway router interface IP) and reach different internal ports depending on the port numbers.
This should happen on the network node (and can also be leveraged for security reasons).

I think that the POC implementation in the Stackforge project shows that this needs to be
implemented inside the L3 parts of the current reference implementation, it will be hard
to maintain something like that in an external repository.
(I also think that the API/DB extensions should be close to the current L3 reference
implementation)

I would like to renew the efforts on this feature and propose  a spec for this to the next release.
And of course if any of the people interested or any of the people that worked on this before
want to join the effort, you are more then welcome to join and comment.

[1] https://blueprints.launchpad.net/neutron/+spec/router-port-forwarding
[2] https://blueprints.launchpad.net/neutron/+spec/fip-portforwarding
[3] https://review.openstack.org/#/c/60512/
[4] https://github.com/stackforge/networking-portforwarding
[5] https://review.openstack.org/#/q/port+forwarding,n,z

[6] https://ask.openstack.org/en/question/75190/neutron-port-forwarding-qrouter-vms/
[7] http://www.gossamer-threads.com/lists/openstack/dev/34307
[8] http://openstack.10931.n7.nabble.com/Neutron-port-forwarding-for-router-td46639.html
[9] http://openstack.10931.n7.nabble.com/Neutron-port-forwarding-from-gateway-to-internal-hosts-td32410.html

** Affects: neutron
     Importance: Undecided
     Assignee: Gal Sagie (gal-sagie)
         Status: New


** Tags: rfe

** Changed in: neutron
     Assignee: (unassigned) => Gal Sagie (gal-sagie)

** Tags added: rfe

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1491317

Title:
  Add port fowrading extension to L3

Status in neutron:
  New

Bug description:
  I have searched and found many past efforts to implement port forwarding in Neutron.
  I have found two incomplete blueprints [1], [2] and an abandoned patch [3].

  There is even a project in Stackforge [4], [5] that claims
  to implement this, but the L3 parts in it seems older then current master.

  I have recently came across this requirement for various use cases, one of them is
  providing feature compliance with Docker port-mapping feature (for Kuryr), and saving floating
  IP's space.
  There has been many discussions in the past that require this feature, so i assume
  there is a demand to make this formal, just a small examples [6], [7], [8], [9]

  The idea in a nutshell is to support port forwarding (TCP/UDP ports) on the external router
  leg from the public network to internal ports, so user can use one Floating IP (the external
  gateway router interface IP) and reach different internal ports depending on the port numbers.
  This should happen on the network node (and can also be leveraged for security reasons).

  I think that the POC implementation in the Stackforge project shows that this needs to be
  implemented inside the L3 parts of the current reference implementation, it will be hard
  to maintain something like that in an external repository.
  (I also think that the API/DB extensions should be close to the current L3 reference
  implementation)

  I would like to renew the efforts on this feature and propose  a spec for this to the next release.
  And of course if any of the people interested or any of the people that worked on this before
  want to join the effort, you are more then welcome to join and comment.

  [1] https://blueprints.launchpad.net/neutron/+spec/router-port-forwarding
  [2] https://blueprints.launchpad.net/neutron/+spec/fip-portforwarding
  [3] https://review.openstack.org/#/c/60512/
  [4] https://github.com/stackforge/networking-portforwarding
  [5] https://review.openstack.org/#/q/port+forwarding,n,z

  [6] https://ask.openstack.org/en/question/75190/neutron-port-forwarding-qrouter-vms/
  [7] http://www.gossamer-threads.com/lists/openstack/dev/34307
  [8] http://openstack.10931.n7.nabble.com/Neutron-port-forwarding-for-router-td46639.html
  [9] http://openstack.10931.n7.nabble.com/Neutron-port-forwarding-from-gateway-to-internal-hosts-td32410.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1491317/+subscriptions

Follow ups

[Bug 1491317] Re: [RFE] Add TCP/UDP port forwarding extension to L3
From: LIU Yulong, 2019-06-14
[Bug 1491317] Re: [RFE] Add TCP/UDP port forwarding extension to L3
From: Armando Migliaccio, 2016-08-23
[Bug 1491317] Re: [RFE] Add TCP/UDP port forwarding extension to L3
From: Oleg Ilin, 2016-08-23
[Bug 1491317] Re: [RFE] Add TCP/UDP port forwarding extension to L3
From: Launchpad Bug Tracker, 2016-03-04