Site-to-Site VPN 2.0 Requirements
1 Background
Site-to-Site VPN feature is currently available in CloudStack release. Site-to-Site VPN features allow users to establish a secure connection between a Cloud infrastructure and their own enterprise Datacenter. The feature allows users to create a VPN Tunnel between CloudStack’s Virtual Router and a physical device on the other side. This feature was supported for Cisco ISR and Juniper J-Series Routers.
This requirements document covers the additional capabilities that customers/users would like to see as enhancements to existing feature set.
Use Cases:
- Deploying applications in multiple AZ: Users would want to deploy their applications in multiple Availability Zones and would like to connect using a Site-to-Site VPN Tunnel.
- Proactive Tunnel Monitoring: Users want to know when their VPN Tunnel has gone down so that they can respond to these events limiting the application downtime.
2 Requirements
- Allow a Site-to-Site VPN tunnel to be established between VR to VR. Currently, only one side of the tunnel can be a Virtual Router and the other side is expected to be a Cisco ISR or a Juniper J-Series Routers.
- Users would also like CloudStack to monitor the tunnel state and get notified when a VPN tunnel goes up/down.
3 UI / UX Requirements
- As part of VPC setup, allow administrator to create a Site-to-Site VPN Tunnel between two Virtual Routers
- Alert the user when a Tunnel goes down/up.
4 Upgrade Scenarios
Following upgrade scenarios should be supported:
- No upgrade scenarios need to be handled, as this is a new functionality.
5 Non-Requirements
6 Bugs
7 Open Items