openstack/openstack-manuals
Code Issues Proposed changes

Merge "Cleaned up VPNaas Section"

Browse Source
This commit is contained in:
Jenkins 2016-07-27 07:50:41 +00:00 committed by Gerrit Code Review
commit 63e48423fd
1 changed files with 15 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
doc/admin-guide/source/networking_introduction.rst
View File

@ -320,23 +320,21 @@ Virtual-Private-Network-as-a-Service (VPNaaS)
The VPNaaS extension enables OpenStack tenants to extend private networks The VPNaaS extension enables OpenStack tenants to extend private networks
across the internet. across the internet.
This extension introduces these resources: VPNaas is a :term:`service`. It is a parent object that associates a VPN
with a specific subnet and router. Only one VPN service object can be
created for each router and each subnet. However, each VPN service object
can have any number of IP security connections.
- :term:`service`. A parent object that associates VPN with a specific subnet The Internet Key Exchange (IKE) policy specifies the authentication and
and router. encryption algorithms to use during phase one and two negotiation of a VPN
connection. The IP security policy specifies the authentication and encryption
algorithm and encapsulation mode to use for the established VPN connection.
Note that you cannot update the IKE and IPSec parameters for live tunnels.
- The Internet Key Exchange (IKE) policy that identifies the authentication You can set parameters for site-to-site IPsec connections, including peer
and encryption algorithm to use during phase one and two negotiation of a CIDRs, MTU, authentication mode, peer address, DPD settings, and status.
VPN connection.
- The IP security policy that specifies the authentication and encryption The current implementation of the VPNaaS extension provides:
algorithm and encapsulation mode to use for
the established VPN connection.
- Details for the site-to-site IPsec connection, including the peer CIDRs,
MTU, authentication mode, peer address, DPD settings, and status.
This initial implementation of the VPNaaS extension provides:
- Site-to-site VPN that connects two private networks. - Site-to-site VPN that connects two private networks.
@ -350,3 +348,6 @@ This initial implementation of the VPNaaS extension provides:
- Dead Peer Detection (DPD) with hold, clear, restart, disabled, or - Dead Peer Detection (DPD) with hold, clear, restart, disabled, or
restart-by-peer actions. restart-by-peer actions.
The VPNaaS driver plugin can be configured in the neutron configuration file.
You can then enable the service.