Skip to content

[Draft] VR: allow outgoing traffic from Remote access VPN clients #10083

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1 commit into
base: 4.20
Choose a base branch
from
Draft

[Draft] VR: allow outgoing traffic from Remote access VPN clients #10083

wants to merge 1 commit into from
+2 −0

Conversation

weizhouapache
Copy link
Member

Description

This PR enables VR to allow outgoing traffic from Remote access VPN clients via CloudStack VR.

This PR is a draft. Ideally there is a global/account configuration, or new property of remote access VPN (similar as remote.access.vpn.client.iprange)

Remote access vpn (setup by L2tp in CloudStack VR) does not support split tunneling. Where are two options when user connects to the RAV server

  • Do not use the VPN connection for the client. User has to manually add static route to the VMs on guest network.
  • Use the VPN connection for the client. All traffic will go through the RAV server (cloudstack VR). Currently, if uses choose this option, the RAV client will lose connection to the Internet. This PR fixes the issue.

Note, there is no option for L2TP clients to "Use the VPN connection only on the resource of the network".

Types of changes

  • Breaking change (fix or feature that would cause existing functionality to change)
  • New feature (non-breaking change which adds functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • Enhancement (improves an existing feature and functionality)
  • Cleanup (Code refactoring and cleanup, that may add test cases)
  • build/CI
  • test (unit or integration test code)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

  • Major
  • Minor

Bug Severity

  • BLOCKER
  • Critical
  • Major
  • Minor
  • Trivial

Screenshots (if appropriate):

How Has This Been Tested?

How did you try to break this feature and the system with this change?

@weizhouapache weizhouapache mentioned this pull request Dec 11, 2024
Open
@codecov Codecov
Copy link

codecov bot commented Dec 11, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 16.03%. Comparing base (e57a82a) to head (1497d59).

Additional details and impacted files 
@@             Coverage Diff              @@
##               4.20   #10083      +/-   ##
============================================
- Coverage     16.03%   16.03%   -0.01%     
  Complexity    12814    12814              
============================================
  Files          5637     5637              
  Lines        493506   493506              
  Branches      59831    59831              
============================================
- Hits          79129    79127       -2     
- Misses       405601   405602       +1     
- Partials       8776     8777       +1
Flag Coverage Δ
uitests 4.02% <ø> (ø)
unittests 16.87% <ø> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@DaanHoogland DaanHoogland added this to the 4.20.1 milestone Dec 11, 2024
@blueorangutan
Copy link

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 11804

@Pearl1594
Copy link
Contributor

@weizhouapache is this ready for review?

@Pearl1594 Pearl1594 moved this to In Progress in ACS 4.20.1 Mar 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
component:networking component:virtual-router Python Warning... Python code Ahead!
Projects
ACS 4.20.1
Status: In Progress
Milestone
4.20.1
Development

Successfully merging this pull request may close these issues.
4 participants
@weizhouapache @blueorangutan @Pearl1594 @DaanHoogland