Open Stack

On 3/22/15, 8:05 PM, "Ian Wells" <ijw.ubuntu at cack.org.uk<mailto:ijw.ubuntu at cack.org.uk>> wrote:

Seems to me that an address pool corresponds to a network area that you can route across (because routing only works over a network with unique addresses and that's what an address pool does for you).  We have those areas and we use NAT to separate them (setting aside the occasional isolated network area with no external connections).  But NAT doesn't separate tenants, it separates externally connected routers: one tenant can have many of those routers, or one router can be connected to networks in both tenants.  We just happen to frequently use the one external router per tenant model, which is why address pools *appear* to be one per tenant.  I think, more accurately, an external router should be given an address pool, and tenants have nothing to do with it.

I think conflating address pools with routable space is a mistake. To me, this is the concept of "address scope" which I see as distinct from pool. For example, a single shared routable space may have several pools, each a /8 which is owned by a specific tenant. This is something that I would like to see in Liberty, making a the concept of an address scope a first class concept. Routers would be able to attach only to networks within the same scope, unless NAT was applied.

John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150323/4fd1d88f/attachment.html>