Skip to content

Commit

Permalink
OVN_Kubernetes IPv6 support
Browse files Browse the repository at this point in the history 
Signed-off-by: Aswin Suryanarayanan <asuryana@redhat.com>
  • Loading branch information
@aswinsuryan
aswinsuryan committed Dec 25, 2024
1 parent 7b2b505 commit 6394e98
Showing 1 changed file with 93 additions and 0 deletions.
93 changes: 93 additions & 0 deletions submariner/IPV6-OVN.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@

# **Submariner Enhancement for IPv6 Support**

## **Summary**

Check failure on line 4 in submariner/IPV6-OVN.md

View workflow job for this annotation

GitHub Actions / Markdown 

Headings should be surrounded by blank lines [Expected: 1; Actual: 0; Below] [Context: "## **Summary**"]
This proposal outlines the changes required in Submariner for OVN Kubernetes CNI to enable IPv6 support, ensuring seamless connectivity between clusters using Submariner.
The main proposal has the full design https://github.com/submariner-io/enhancements/blob/devel/submariner/IPV6-datapath.md. This covers only the OVN CNI part of it.

---

## Design Details

The OVNKubernetes handler programs network policies and routes to direct traffic from the gateway and non-gateway nodes to direct the traffic to the remote cluster.
At present the routes are only programmed for IPv4 for addresses. We need to enhance this to support IPV6 addresses as well.

The handler for creating the Gateway and NonGateway routes needs to be enhanced.

### GatewayRoute CRD:

The GatewayRoute will now populate Ipv4 and Ipv6 addresses for the next hops and remote CIDRs for a dual-stack environment. For Ipv6 only it uses just the IPv6 address
for these fields. Ipv4 will continue as it is.

The next hop will be the interface IP of ovn-k8s-mp0 interface, which is expected to have two IPs in the case of dual-stack environments.


Check failure on line 24 in submariner/IPV6-OVN.md

View workflow job for this annotation

GitHub Actions / Markdown 

Multiple consecutive blank lines [Expected: 1; Actual: 2]
```yaml
apiVersion: submariner.io/v1alpha1
kind: GatewayRoute
metadata:
name: remote-cluster-route
spec:
nextHops:
- "fd00:abcd::1"
- "192.168.1.1"
remoteCIDRs:
- "fd00:4321::/64"
- "10.0.0.0/8"
```
### NonGatewayRoute CRD:
The NonGatewayRoute will follow the same pattern as GatewayRoute for populating next hops and remotecidrs.
The nexthops will be the transit switch IP of the gateway node.
#### **NonGatewayRoute CRD Example**
```yaml
apiVersion: submariner.io/v1alpha1
kind: NonGatewayRoute
metadata:
name: non-gw-route
spec:
nextHops:
- "fd00:cafe::1"
- "172.16.0.1"
remoteCIDRs:
- "fd00:5678::/64"
- "192.168.0.0/16"
```
### GatewayRoute Handler
The gateway route handler should iterate through the ips configured and must identify the ipv4 remote CIDR and nextHop and Ipv6 remote CIDR pairs from the gateway route.
It will program one or two logical route policies and logical routes based on the network configuration. For dual-stack, it will be two LRPs. Similarly a logical route will
be added to route the traffic from the non-gateway nodes and will be resubmitted to hit the above added Logical route policy.
```plaintext
match: "ip6.dst==fd00:5678::/64"
action: reroute
nexthops: ["fd00:abcd::1"]
priority: 20000
```
```plaintext
destination: "fd00:1234::/64"
nexthop: "fd00:cafe::1"
priority: 200
```
### NonGatewayRoute Handler
The NonGatewayRoute handler should iterate through the ips configured and must identify the ipv4 remote CIDR and nextHop and Ipv6 remote CIDR pairs from the gateway route.
It will program one or two logical route policies and logical routes based on the network configuration. For dual stack it will be two LRPs.
```plaintext
match: "ip6.dst==fd00:5678::/64"
action: reroute
nexthops: ["fd00:abcd::1"]
priority: 20000
```
---

0 comments on commit 6394e98

Please sign in to comment.