<div dir="ltr"><div><div><div>Hello All,<br><br></div>I have searched and found many past efforts to implement port forwarding in Neutron.<br></div>I have found two incomplete blueprints [1], [2] and an abandoned patch [3].<br><br></div><div>There is even a project in Stackforge [4], [5] that claims<br></div><div>to implement this, but the L3 parts in it seems older then current master.<br><br></div><div>I have recently came across this requirement for various use cases, one of them is<br></div><div>providing feature compliance with Docker port-mapping feature (for Kuryr), and saving floating<br></div><div>IP's space.<br></div><div>There has been many discussions in the past that require this feature, so i assume<br></div><div>there is a demand to make this formal, just a small examples [6], [7], [8], [9]<br></div><div><br>The idea in a nutshell is to support port forwarding (TCP/UDP ports) on the external router<br>leg from the public network to internal ports, so user can use one Floating IP (the external<br>gateway router interface IP) and reach different internal ports depending on the port numbers.<br></div><div>This should happen on the network node (and can also be leveraged for security reasons).<br><br></div><div>I think that the POC implementation in the Stackforge project shows that this needs to be<br></div><div>implemented inside the L3 parts of the current reference implementation, it will be hard<br></div><div>to maintain something like that in an external repository.<br></div><div>(I also think that the API/DB extensions should be close to the current L3 reference <br></div><div>implementation)<br><br></div><div>I would like to renew the efforts on this feature and propose a RFE and a spec for this to the <br></div><div>next release, any comments/ideas/thoughts are welcome.<br></div><div>And of course if any of the people interested or any of the people that worked on this before<br></div><div>want to join the effort, you are more then welcome to join and comment.<br><br></div><div>Thanks<br></div><div>Gal.<br><br></div><div>[1] <a href="https://blueprints.launchpad.net/neutron/+spec/router-port-forwarding" target="_blank">https://blueprints.launchpad.net/neutron/+spec/router-port-forwarding</a><br>[2] <a href="https://blueprints.launchpad.net/neutron/+spec/fip-portforwarding" target="_blank">https://blueprints.launchpad.net/neutron/+spec/fip-portforwarding</a><br>[3] <a href="https://review.openstack.org/#/c/60512/" target="_blank">https://review.openstack.org/#/c/60512/</a><br>[4] <a href="https://github.com/stackforge/networking-portforwarding">https://github.com/stackforge/networking-portforwarding</a><br>[5] <a href="https://review.openstack.org/#/q/port+forwarding,n,z" target="_blank">https://review.openstack.org/#/q/port+forwarding,n,z</a><br><br>[6] <a href="https://ask.openstack.org/en/question/75190/neutron-port-forwarding-qrouter-vms/" target="_blank">https://ask.openstack.org/en/question/75190/neutron-port-forwarding-qrouter-vms/</a><br>[7] <a href="http://www.gossamer-threads.com/lists/openstack/dev/34307" target="_blank">http://www.gossamer-threads.com/lists/openstack/dev/34307</a><br>[8] <a href="http://openstack.10931.n7.nabble.com/Neutron-port-forwarding-for-router-td46639.html" target="_blank">http://openstack.10931.n7.nabble.com/Neutron-port-forwarding-for-router-td46639.html</a><br>[9] <a href="http://openstack.10931.n7.nabble.com/Neutron-port-forwarding-from-gateway-to-internal-hosts-td32410.html" target="_blank">http://openstack.10931.n7.nabble.com/Neutron-port-forwarding-from-gateway-to-internal-hosts-td32410.html</a><br><br><br> 
</div></div>