<div dir="ltr"><div><div><div><div>Hi shihanzhang,<br><br></div>As mentioned in the spec, this doesnt support distributed FIP's, it will still work<br></div>if the VMs are on different compute nodes, similar to the way centralized DNAT works (from the network node)<br><br></div>Distributing port forwarding entries in my opinion is similar to distributing SNAT, and when<br></div><div>there will be a consensus in the community regarding SNAT distrubition (if its really fully needed)<br></div><div>i think that any solution will also fit port forwarding distrubition.<br></div><div>(But thats not the scope of this proposed spec)<br><br></div><div>Gal.<br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Sep 21, 2015 at 4:57 AM, shihanzhang <span dir="ltr"><<a href="mailto:ayshihanzhang@126.com" target="_blank">ayshihanzhang@126.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="line-height:1.7;color:#000000;font-size:14px;font-family:Arial"><span class=""><br><div style="line-height:23.7999992370605px"><div><div> 2) The same FIP address can be used for different mappings, for example FIP with IP X<br></div> can be used with different ports to map to different VM's X:4001 -> VM1 IP <br></div> X:4002 -> VM2 IP (This is the essence of port forwarding).<br></div><div><span style="line-height:23.7999992370605px"> So we also need the port mapping configuration fields</span></div><div><span style="line-height:23.7999992370605px"><br></span></div></span><div><span style="line-height:23.7999992370605px">For the second use case, I have a question, does it support DVR? if VM1 and VM2 are on</span></div><div><span style="line-height:23.7999992370605px">different compute nodes, how does it work?</span></div><div><div class="h5"><br><br><br><div style="zoom:1"></div><div></div><br>在 2015-09-20 14:26:23,"Gal Sagie" <<a href="mailto:gal.sagie@gmail.com" target="_blank">gal.sagie@gmail.com</a>> 写道:<br> <blockquote style="PADDING-LEFT:1ex;MARGIN:0px 0px 0px 0.8ex;BORDER-LEFT:#ccc 1px solid"><div dir="ltr"><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div>Hello All,<br><br></div>I have sent a spec [1] to resume the work on port forwarding API and reference implementation.<br><br></div>Its currently marked as "WIP", however i raised some "TBD" questions for the community.<br></div>The way i see port forwarding is an API that is very similar to floating IP API and implementation<br></div>with few changes:<br><br></div>1) Can only define port forwarding on the router external gateway IP (or additional public IPs<br></div> that are located on the router. (Similar to the case of centralized DNAT)<br><br></div>2) The same FIP address can be used for different mappings, for example FIP with IP X<br></div> can be used with different ports to map to different VM's X:4001 -> VM1 IP <br></div> X:4002 -> VM2 IP (This is the essence of port forwarding).<br></div> So we also need the port mapping configuration fields<br><br></div>All the rest should probably behave (in my opinion) very similar to FIP's (for example<br></div>not being able to remove external gateway if port forwarding entries are configured, <br></div>if the VM is deletd the port forwarding entry is deleted as well and so on..)<br></div>All of these points are mentioned in the spec and i am waiting for the community feedback <br></div>on them.<br><br></div>I am trying to figure out if implementation wise, it would be smart to try and use the floating IP<br></div>implementation and extend it for this (given all the above mechanism described above already<br></div>works for floating IP's)<br></div>Or, add another new implementation which behaves very similar to floating IP's in most aspects <br></div>(But still differ in some)<br></div>Or something else...<br><br></div>Would love to hear the community feedback on the spec, even that its WIP<br><br><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div>Thanks<br>Gal.<br><br>[1] <a href="https://review.openstack.org/#/c/224727/" target="_blank">https://review.openstack.org/#/c/224727/</a><br></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
</blockquote></div></div></div><br><br><span title="neteasefooter"><p> </p></span><br>__________________________________________________________________________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature">Best Regards ,<br><br>The G. </div>
</div>