Configuring Neutron for VPN as a service
A Virtual Private Network (VPN) connects two endpoints on different Networks over a public Internet connection in such a way that the endpoints appear to be directly connected to each other. VPNs also provide you with the confidentiality and integrity of the transmitted data.
VPN connectivity between two Networks can be implemented at different layers of an OSI stack. A VPN that connects the endpoints at Layer 2 is called L2 VPN while a VPN that connects the endpoints at Layer 3 (for example, an IP layer) is called L3 VPN.
Neutron provides a service plugin that enables OpenStack users to connect two Networks using a VPN. The reference implementation of the VPN plugin in Neutron uses Openswan to create an IPSEC based L3 VPN. IPSEC is a suite of protocols that provides a secure connection between two endpoints by encrypting each IP packet transferred between them. An IPSEC endpoint consists of the following two parts:
- A daemon to negotiate session keys...