Loading...

XML

Word

Printable

Type: Story
Resolution: Unresolved
Priority: Normal
Fix Version/s: rhel-9.5
Affects Version/s: None
Component/s: NetworkManager-libreswan
Labels:

Severity:
Normal
Epic Link:
NMT-1025
Keywords:

ZStream

Pool Team:

sst_network_management
Sub-System Group:

ssg_networking

Internal Target Milestone:
13
Story Points:
5
Target Version:

rhel-9.5
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
Yes
Sprint:
NMT - RHEL-9.5 DTM 8
Release Blocker:
Approved Blocker
Target Backport Versions:

rhel-9.2.0.z

Acceptance Criteria:
Hide

User story:
As a system administrator, I need NM-libreswan to process leftsubnet configurations, to establish secure net2net IPsec tunnels between specified subnets.

Acceptance criteria:
Given a system administrator configuring IPsec connection that includes leftsubnet and rightsubnet specifications,
When they configures these parameters in NM-libreswan,
Then NM-libreswan should configure the IPsec tunnel to encrypt traffic between these subnets, ensuring that the XFRM policies reflect the specified subnet configurations.

Definition of Done:

The implementation meets the acceptance criteria

Unit test and integration test are written and pass

The code is part of a downstream build attached to an errata

The Release Note text is written following the feature-reason-result format.

The fix needs to be backported into RHEL-9.2
Show
User story: As a system administrator, I need NM-libreswan to process leftsubnet configurations, to establish secure net2net IPsec tunnels between specified subnets. Acceptance criteria: Given a system administrator configuring IPsec connection that includes leftsubnet and rightsubnet specifications, When they configures these parameters in NM-libreswan, Then NM-libreswan should configure the IPsec tunnel to encrypt traffic between these subnets, ensuring that the XFRM policies reflect the specified subnet configurations. Definition of Done: The implementation meets the acceptance criteria Unit test and integration test are written and pass The code is part of a downstream build attached to an errata The Release Note text is written following the feature-reason-result format. The fix needs to be backported into RHEL-9.2
Git Pull Request:
https://gitlab.gnome.org/GNOME/NetworkManager-libreswan/-/merge_requests/30
Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/130888

Release Note Type:
Unspecified Release Note Type - Unknown

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

To fulfill the requirements of net2net IPsec scenarios, such as those encountered in OpenShift clusters, NM-libreswan needs to implement support for `leftsubnet`. This functionality will enable the creation of XFRM policies for specified network subnets.

For more details on the use case, see https://docs.google.com/document/d/1togmmRF6u3gEorwQU2Zv1PQ--yILOC00GgykhwoAEAg/edit?usp=sharing

blocks

RHEL-24857 [RFE] Support net2net configuration in nmstate Libreswan

Planning

links to

RHBA-2024:130888 NetworkManager-libreswan bug fix and enhancement update

Test Requirement (KNET-296105)

Assignee:: Beniamino Galvani

Reporter:: Stanislas Faye

Developer:: Network Management Team

QA Contact:: Vladimir Benes

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2024/02/27 10:23 AM

Updated:: 2024/05/13 11:37 AM

Target end:: 2024/05/27

Details

Description

Attachments

Issue Links

Activity

People

Dates

Hide