<div><br></div><div><div><span style="font-size: 14px;">My proposal here, is, _let’s not deprecate this setting_, as it’s a valid use case of a gateway configuration, and let’s provide it on the reference implementation. </span></div></div><div><span style="font-size: 14px;"><br></span></div><div><span style="font-size: 14px;">TL;DR</span></div><div><span style="font-size: 14px;"><br></span></div><div><span style="font-size: 14px;">I’ve been looking at this yesterday, during a test deployment</span></div><div><span style="font-size: 14px;">on a site where they provide external connectivity with the</span></div><div><span style="font-size: 14px;">gateway outside subnet.</span></div><div><span style="font-size: 14px;"><br></span></div><div><span style="font-size: 14px;">And I needed to switch it of, to actually be able to have any external connectivity.</span></div><div><span style="font-size: 14px;"><br></span></div>
<div><div><a href="https://github.com/openstack/neutron/blob/master/etc/neutron.conf#L121" style="font-size: 14px;">https://github.com/openstack/neutron/blob/master/etc/neutron.conf#L121</a></div><div><span style="font-size: 14px;"><br></span></div><div><span style="font-size: 14px;">This is handled by providing an on-link route to the gateway first,</span></div><div><span style="font-size: 14px;">and then adding the default gateway. </span></div><div><span style="font-size: 14px;"><br></span></div><div><span style="font-size: 14px;">It looks to me very interesting (not only because it’s the only way to work on that specific site [2][3][4]), because you can dynamically wire RIPE blocks to your server, without needing to use an specific IP for external routing or broadcast purposes, and instead use the full block in openstack.</span></div><div><br></div><div><br></div><div><span style="font-size: 14px;">I have a tiny patch to support this on the neutron l3-agent [1] I yet need to add the logic to check “gateway outside subnet”, then add the “onlink” route.</span></div><div><br></div><div><br></div><div><span style="font-size: 14px;">[1]</span></div><div><span style="font-size: 14px;"><br></span></div><div><div>diff --git a/neutron/agent/linux/interface.py b/neutron/agent/linux/interface.py</div><div>index 538527b..5a9f186 100644</div><div>--- a/neutron/agent/linux/interface.py</div><div>+++ b/neutron/agent/linux/interface.py</div><div>@@ -116,15 +116,16 @@ class LinuxInterfaceDriver(object):</div><div> namespace=namespace,</div><div> ip=ip_cidr)</div><div><br></div><div>- if gateway:</div><div>- device.route.add_gateway(gateway)</div><div>-</div><div> new_onlink_routes = set(s['cidr'] for s in extra_subnets)</div><div>+ if gateway:</div><div>+ new_onlink_routes.update([gateway])</div><div> existing_onlink_routes = set(device.route.list_onlink_routes())</div><div> for route in new_onlink_routes - existing_onlink_routes:</div><div> device.route.add_onlink_route(route)</div><div> for route in existing_onlink_routes - new_onlink_routes:</div><div> device.route.delete_onlink_route(route)</div><div>+ if gateway:</div><div>+ device.route.add_gateway(gateway)</div><div><br></div><div> def delete_conntrack_state(self, root_helper, namespace, ip):</div><div> """Delete conntrack state associated with an IP address.</div></div><div><span style="font-size: 14px;"><br></span></div><div><div>[2] <a href="http://www.soyoustart.com/en/essential-servers/" style="color: rgb(0, 106, 227);">http://www.soyoustart.com/</a></div><div>[3] <a href="http://www.ovh.co.uk/dedicated_servers/" style="color: rgb(0, 106, 227);">http://www.ovh.co.uk/</a></div><div>[4] <a href="http://www.kimsufi.com/uk/" style="color: rgb(0, 106, 227);">http://www.kimsufi.com/</a></div></div><div><br></div><div><span style="font-size: 14px;"><br></span></div><div><span style="font-size: 14px;">Miguel Ángel Ajo</span></div><div><span style="font-size: 10pt;"><br></span></div><div><span style="font-size: 10pt;"><br></span></div><div><br></div></div>