Quantum overlapping IPs do not work with Nova security groups or Nova metadata server: Nova was designed assuming that a particular IP address will only ever be used by a single VM at any time. Quantum supports overlapping IPs if the allow_overlapping_ips config value is set to 'True'. We default this value to false to prevent unintentionally running Nova security groups or metadata server with overlapping IPs. If you enable this flag, you must disable both Nova security groups and the Nova metadata service.
No equivalent for nova-network --multi_host flag: Nova-network has a model where the L3, NAT, and DHCP processing happen on the compute node itself, rather than a dedicated networking node. Quantum does not have an equivalent configuration, but is likely to add a similar capability in the future. However, since the nova-network multi_host design has some significant limitations in terms of deployment scale (limited to a single physical L2) and L3 forwarding behavior (does not map to a single L3 router for traffic between instances on separate networks), the Quantum feature may not be an exact match, or may be limited to a subnet of all Quantum deployment scenarios.
Linux network namespace required on nodes running quantum-l3-agent or quantum-dhcp-agent: . In order to support overlapping IP addresses, the Quantum DHCP and L3 agents use Linux network namespaces by default. The hosts running these processes must support network namespaces. To support network namespaces, the following are required:
Linux kernel 2.6.24 or newer (with CONFIG_NET_NS=y in kernel configuration) and
iproute2 utilities ('ip' command) version 3.1.0 (aka 20111117) or newer
To check whether your host supports namespaces try running the following as root:
ip netns create test-ns ip netns exec test-ns ifconfig
If the preceding commands do not produce errors, your platform is likely sufficient to use the dhcp-agent or l3-agent with namespace. In our experience, Ubuntu 12.04 or later support namespaces as does Fedora 17 and new, but some older RHEL platforms do not by default. It may be possible to upgrade the iproute2 package on a platform that does not support namespaces by default.
If you need to disable namespaces, make sure the quantum.conf used by quantum-server has the following setting:
allow_overlapping_ips=False
and that the dhcp_agent.ini and l3_agent.ini have the following setting:
use_namespaces=False
If you run both L3 + DHCP services on the same node, you should enable namespaces to avoid conflicts with routes :
use_namespaces=True
No IPv6 support for L3 agent: The quantum-l3-agent supports only IPv4 forwarding. Currently, There are no errors provided if you configure IPv6 addresses via the API.
L3 Agent supports limited scale for Quantum Routers: The L3 agent polls the Quantum API to learn about changes to L3 configuration. If there are a large number of routers or router ports, this can lead to heavy load on the database used by a Quantum plugin. The suggested work-around is to increase the polling_interval value in l3_agent.ini . This will increase the possible time between when a L3 configuration change happens via the API and when it affects data forwarding.
ZeroMQ support is experimental: Some agents, including quantum-dhcp-agent, quantum-openvswitch-agent, and quantum-linuxbridge-agent use RPC to communicate. ZeroMQ is an available option in the configuration file, but has not been tested and should be considered experimental. In particular, there are believed to be issues with ZeroMQ and the dhcp agent.
MetaPlugin is experimental: This release includes a "MetaPlugin" that is intended to support multiple plugins at the same time for different API requests, based on the content of those API requests. This functionality has not been widely reviewed or tested by the core team, and should be considered experimental until further validation is performed.
Horizon does not support Routers/Floating IPs with Quantum: Horizon support is limited to operations on Quantum Networks, Subnets, and Ports. Routers and Floating IPs must be configured via CLI.
L3 Router Extension does not support IPv6.