[openstack-dev] [neutron][dvr]Why keep SNAT centralized and DNAT distributed?

Wang, Yalei yalei.wang at intel.com
Tue Mar 29 01:25:22 UTC 2016


Hi zhi,

Someone is working on full distributed SNAT, like this:
https://www.openstack.org/summit/tokyo-2015/videos/presentation/network-node-is-not-needed-anymore-completed-distributed-virtual-router

/Yalei

From: Zhi Chang [mailto:changzhi at unitedstack.com]
Sent: Saturday, March 26, 2016 1:53 PM
To: openstack-dev
Subject: [openstack-dev] [neutron][dvr]Why keep SNAT centralized and DNAT distributed?

hi all.

    I have some questions about NAT in DVR.

    In Neutron, we provide two NAT types. One is SNAT, we can associate a floating ip to router so that all vms attached this router can connect external network. The other NAT types is DNAT, we can connect a vm which associated floating ip from external network.

     Question A, Why keep SNAT centralized? We put the SNAT namespace in compute node which running DVR l3 agent, don't we?

     Question B, Why keep DNAT distributed? I think we can keep snat namespace and fip namespace in one node. Why not keep DNAT and SNAT together?


Thanks
Zhi CHang
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160329/1bb9213a/attachment.html>


More information about the OpenStack-dev mailing list