[openstack-dev] [Neutron] DVR SNAT shortcut

Zang MingJie zealot0630 at gmail.com
Wed Jun 25 10:34:13 UTC 2014


On Wed, Jun 25, 2014 at 5:42 PM, Yongsheng Gong <gongysh at unitedstack.com> wrote:
> Hi,
> for each compute node to have SNAT to Internet, I think we have the
> drawbacks:
> 1. SNAT is done in router, so each router will have to consume one public IP
> on each compute node, which is money.

SNAT can save more ips than wasted on floating ips

> 2. for each compute node to go out to Internet, the compute node will have
> one more NIC, which connect to physical switch, which is money too
>

Floating ip also need a public NIC on br-ex. Also we can use a
separate vlan to handle the network, so this is not a problem

> So personally, I like the design:
>  floating IPs and 1:N SNAT still use current network nodes, which will have
> HA solution enabled and we can have many l3 agents to host routers. but
> normal east/west traffic across compute nodes can use DVR.

BTW, does HA implementation still active ? I haven't seen it has been
touched for a while

>
> yong sheng gong
>
>
> On Wed, Jun 25, 2014 at 4:30 PM, Zang MingJie <zealot0630 at gmail.com> wrote:
>>
>> Hi:
>>
>> In current DVR design, SNAT is north/south direction, but packets have
>> to go west/east through the network node. If every compute node is
>> assigned a public ip, is it technically able to improve SNAT packets
>> w/o going through the network node ?
>>
>> SNAT versus floating ips, can save tons of public ips, in trade of
>> introducing a single failure point, and limiting the bandwidth of the
>> network node. If the SNAT performance problem can be solved, I'll
>> encourage people to use SNAT over floating ips. unless the VM is
>> serving a public service
>>
>> --
>> Zang MingJie
>>
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>



More information about the OpenStack-dev mailing list