Difference between revisions of "Adoption"

From nftables wiki
Jump to: navigation, search
(add backlink to nftables from distributions)
(virtualization / cloud / infrastructure: add link to docker and IPv6 with nftables)
 
(One intermediate revision by the same user not shown)
Line 20: Line 20:
  
 
* https://github.com/zevenet/nftlb -- nftlb by Zevenet is a nftables-based loadbalancer which can outperform LVS by 10x
 
* https://github.com/zevenet/nftlb -- nftlb by Zevenet is a nftables-based loadbalancer which can outperform LVS by 10x
* https://www.docker.com/ -- Some discussion happened in the Docker community regarding a native integration with nftables, which could ease some of their use cases ([https://github.com/moby/moby/issues/26824 link]) ([https://github.com/robbertkl/docker-ipv6nat/issues/17 link])
+
* https://www.docker.com/ -- Some discussion happened in the Docker community regarding a native integration with nftables, which could ease some of their use cases ([https://github.com/moby/moby/issues/26824 link]) ([https://github.com/robbertkl/docker-ipv6nat/issues/17 link]) ([https://stephank.nl/p/2017-06-05-ipv6-on-production-docker.html running docker with IPv6 using nftables])
 
* https://kubernetes.io/ -- Kubernetes does not support nftables yes, but some discussion happened already ([https://github.com/kubernetes/kubernetes/issues/45385 link]). Compat tools may be used to trick kubernetes into using nftables transparently.
 
* https://kubernetes.io/ -- Kubernetes does not support nftables yes, but some discussion happened already ([https://github.com/kubernetes/kubernetes/issues/45385 link]). Compat tools may be used to trick kubernetes into using nftables transparently.
 
* http://openstack.org/ -- Openstack does not support nftables yet. Compat tools may be used to trick neutron and other components into using nftables transparently.
 
* http://openstack.org/ -- Openstack does not support nftables yet. Compat tools may be used to trick neutron and other components into using nftables transparently.
Line 37: Line 37:
 
* VPN -- nftables can be combined with other software packages like OpenVPN to build great VPN solutions ([http://ral-arturo.org/2017/04/07/openvpn-debian-stretch.html link])
 
* VPN -- nftables can be combined with other software packages like OpenVPN to build great VPN solutions ([http://ral-arturo.org/2017/04/07/openvpn-debian-stretch.html link])
 
* [https://github.com/mdlayher/netlink netlink golang package] -- the Golang Netlink package got batching support to be able to work with nftables ([https://github.com/mdlayher/netlink/issues/81 link])
 
* [https://github.com/mdlayher/netlink netlink golang package] -- the Golang Netlink package got batching support to be able to work with nftables ([https://github.com/mdlayher/netlink/issues/81 link])
 +
* [https://github.com/google/nftables nftables golang library] -- This nftables golang integration library was made by Google
  
 
= See also =
 
= See also =

Latest revision as of 14:25, 17 December 2018

This page offers some light and data about current nftables adoption in the wider community. As you probably know, the focus of the Netfilter project and community is in replacing the iptables framework with nftables, adding brand new features and refreshing some workflows along the way.

Lots of upstream projects use iptables to handle NAT, filtering, mangling or other networking stuff. Here, the info we know about them, their relationship with nftables and the possibilities for them to migrate to nftables.

Cases

Known cases and examples we could heard of. TODO: extend with more current data.

All major Linux distributions contains the nftables framework ready to use. Check Nftables from distributions.

system / firewalling / management

virtualization / cloud / infrastructure

others

See also