-
Feature Request
-
Resolution: Unresolved
-
Undefined
-
None
-
openshift-4.10.z, openshift-4.8.z, openshift-4.11.z
-
None
-
False
-
None
-
False
-
SDN
-
Not Selected
-
-
-
-
-
1. Proposed title of this feature request
Provide IPSec over transport mode for NetApp OnTap 9.8+
2. What is the nature and description of the request?
NetApp does not do IPSec over tunnels, only transport mode. See:
3. Why does the customer need this? (List the business requirements here)
Many OCP customers - Government, FSI, et al. - use NetApp storage devices and require encrypted data-in-motion. NetApp does provide encrypted transmission over Kerberized NFS, but the performance is 20% that of IPSec.
Unfortunately, NetApp does not provide support for IPSec over tunnel, only transport mode.
4. List any affected packages or components.
SDN/OVN
The following epics are related, but for IPSec over tunnel mode:
https://issues.redhat.com/browse/HATSTRAT-33
https://issues.redhat.com/browse/CTONET-2505
- is related to
-
OCPSTRAT-499 Add nm-libreswan to RHCOS
- Closed