<html dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" id="owaParaStyle"></style>
</head>
<body fpstyle="1" ocsi="0">
<div style="direction: ltr;font-family: Tahoma;color: #000000;font-size: 12pt;">
<div><font face="Courier New">Hello,</font></div>
<div><br>
</div>
<div><font face="Courier New"> Tricircle plans to provide L2 network across Neutron to ease supporting high</font></div>
<div><font face="Courier New"> availability of application:</font></div>
<div><font face="Courier New"> </font></div>
<div><font face="Courier New"> For example, in the following figure, the application is consisted of</font></div>
<div><font face="Courier New"> instance1 and instance2, these two instances will be deployed into two</font></div>
<div><font face="Courier New"> OpenStack. Intance1 will provide service through "ext net1"(i.e, external</font></div>
<div><font face="Courier New"> network in OpenStack1), and Instance2 will provide service through</font></div>
<div><font face="Courier New"> "ext net2". Instance1 and Instance2 will be plugged into same L2 network</font></div>
<div><font face="Courier New"> net3 for data replication( for example database replication ).</font></div>
<div><font face="Courier New"> </font></div>
<div><font face="Courier New"> +-----------------+ +-----------------+ </font></div>
<div><font face="Courier New"> |OpenStack1 | |OpenStack2 | </font></div>
<div><font face="Courier New"> | | | | </font></div>
<div><font face="Courier New"> | ext net1 | | ext net2 | </font></div>
<div><font face="Courier New"> | +-----+-----+ | | +-----+-----+ | </font></div>
<div><font face="Courier New"> | | | | | | </font></div>
<div><font face="Courier New"> | | | | | |</font></div>
<div><font face="Courier New"> | +--+--+ | | +--+--+ | </font></div>
<div><font face="Courier New"> | | | | | | | | </font></div>
<div><font face="Courier New"> | | R1 | | | | R2 | | </font></div>
<div><font face="Courier New"> | | | | | | | | </font></div>
<div><font face="Courier New"> | +--+--+ | | +--+--+ | </font></div>
<div><font face="Courier New"> | | | | | | </font></div>
<div><font face="Courier New"> | | | | | | </font></div>
<div><font face="Courier New"> | +---+-+-+ | | +---+-+-+ | </font></div>
<div><font face="Courier New"> | net1 | | | net2 | | </font></div>
<div><font face="Courier New"> | | | | | | </font></div>
<div><font face="Courier New"> | +--------+--+ | | +--------+--+ | </font></div>
<div><font face="Courier New"> | | Instance1 | | | | Instance2 | | </font></div>
<div><font face="Courier New"> | +-----------+ | | +-----------+ | </font></div>
<div><font face="Courier New"> | | | | | | </font></div>
<div><font face="Courier New"> | | | net3 | | | </font></div>
<div><font face="Courier New"> | +------+-------------------------+----+ | </font></div>
<div><font face="Courier New"> | | | | </font></div>
<div><font face="Courier New"> +-----------------+ +-----------------+ </font></div>
<div><font face="Courier New"> </font></div>
<div><font face="Courier New"> When we deploy the application in such a way, no matter which part of the</font></div>
<div><font face="Courier New"> application stops providing service, the other part can still provide</font></div>
<div><font face="Courier New"> service, and take the workload from the failure one. It'll bring the failure</font></div>
<div><font face="Courier New"> tolerance no matter the failure is due to OpenStack crush or upgrade, or</font></div>
<div><font face="Courier New"> part of the application crush or upgrade.</font></div>
<div><font face="Courier New"><br>
</font></div>
<div><font face="Courier New"> This mode can work very well and helpful, and router R1 R2 can run in DVR</font></div>
<div><font face="Courier New"> or legacy mode.</font></div>
<div><font face="Courier New"> </font></div>
<div><font face="Courier New"> While during the discussion and review of the spec:</font></div>
<div><font face="Courier New"> </font><a href="https://review.openstack.org/#/c/396564/" target="_blank">https://review.openstack.org/#/c/396564/</a><font face="Courier New">, in this deployment, the end user</font></div>
<div><font face="Courier New"> has to add two NICs for each instance, one for the net3(a L2 network across</font></div>
<div><font face="Courier New"> OpenStack). And the net3 (a L2 network across OpenStack) can not be allowed</font></div>
<div><font face="Courier New"> to add_router_interface to router R1 R2, this is not good in networking.</font></div>
<div><font face="Courier New"> </font></div>
<div><font face="Courier New"> If the end user wants to do so, there is DVR MAC issues if more than one L2</font></div>
<div><font face="Courier New"> network across OpenStack are performed add_router_interface to router R1 R2.</font></div>
<div><font face="Courier New"><br>
</font></div>
<div><font face="Courier New"> Let's look at the following deployment scenario:</font></div>
<div><font face="Courier New"> +-----------------+ +-------------------+</font></div>
<div><font face="Courier New"> |OpenStack1 | |OpenStack2 |</font></div>
<div><font face="Courier New"> | | | |</font></div>
<div><font face="Courier New"> | ext net1 | | ext net2 |</font></div>
<div><font face="Courier New"> | +-----+-----+ | | +-----+-----+ |</font></div>
<div><font face="Courier New"> | | | | | |</font></div>
<div><font face="Courier New"> | | | | | |</font></div>
<div><font face="Courier New"> | +-------+--+ | | +--+-------+ |</font></div>
<div><font face="Courier New"> | | | | | | | |</font></div>
<div><font face="Courier New"> | | R1 | | | | R2 | |</font></div>
<div><font face="Courier New"> | | | | | | | |</font></div>
<div><font face="Courier New"> | ++------+--+ | | +--+-----+-+ |</font></div>
<div><font face="Courier New"> | | | | | | | |</font></div>
<div><font face="Courier New"> | | | | net3 | | | |</font></div>
<div><font face="Courier New"> | | -+-+-------------------+-----+--+ | |</font></div>
<div><font face="Courier New"> | | | | | | | |</font></div>
<div><font face="Courier New"> | | +--+-------+ | | +-+---------+ | |</font></div>
<div><font face="Courier New"> | | | Instance1| | | | Instance2 | | |</font></div>
<div><font face="Courier New"> | | +----------+ | | +-----------+ | |</font></div>
<div><font face="Courier New"> | | | net4 | | |</font></div>
<div><font face="Courier New"> | ++-------+--------------------------+---+-+ |</font></div>
<div><font face="Courier New"> | | | | | |</font></div>
<div><font face="Courier New"> | +-------+---+ | | +--------+---+ |</font></div>
<div><font face="Courier New"> | | Instance3 | | | | Instance4 | |</font></div>
<div><font face="Courier New"> | +-----------+ | | +------------+ |</font></div>
<div><font face="Courier New"> | | | |</font></div>
<div><font face="Courier New"> +-----------------+ +-------------------+</font></div>
<div><font face="Courier New"><br>
</font></div>
<div><font face="Courier New"> net3 and net4 are two L2 network across OpenStacks. These two networks will</font></div>
<div><font face="Courier New"> be added router interface to R1 R2. Tricircle can help this, and addressed</font></div>
<div><font face="Courier New"> the DHCP and gateway challenges: different gateway port for the same network</font></div>
<div><font face="Courier New"> in different OpenStack, so there is no problem for north-south traffic, the</font></div>
<div><font face="Courier New"> north-south traffic will goes to local external network directly, for example,</font></div>
<div><font face="Courier New"> Instance1->R1->ext net1, instance2->R2->ext net2.</font></div>
<div><font face="Courier New"> </font></div>
<div><font face="Courier New"> The issue is in east-west traffic if R1 R2 are running in DVR mode: </font></div>
<div><font face="Courier New"> when instance1 tries to ping instance4, DVR MAC replacement will happen before</font></div>
<div><font face="Courier New"> the packet leaves the host where the instance1 is running, when the packet</font></div>
<div><font face="Courier New"> arrives at the host where the instance4 is running, because DVR MAC replacement,</font></div>
<div><font face="Courier New"> the source mac(DVR MAC from OpenStack1) of the packet could not be recognized</font></div>
<div><font face="Courier New"> in OpenStack2, thus the packet will be dropped, and the ping fails.</font></div>
<div><font face="Courier New"> </font></div>
<div><font face="Courier New"> The latter one deployment bring more flexibility in networking capability,</font></div>
<div><font face="Courier New"> and don't have to prevent the L2 network across OpenStack from</font></div>
<div><font face="Courier New"> add_router_interface to DVR mode routers, otherwise, only legacy router can be</font></div>
<div><font face="Courier New"> supported for L2 network across OpenStack.</font></div>
<div><font face="Courier New"> </font></div>
<div><font face="Courier New"> Any thought on how to address this issue to make DVR and L2 network across</font></div>
<div><font face="Courier New"> OpenStack be able to co-work together?</font></div>
<div><font face="Courier New"> </font></div>
<div><font face="Courier New"> And also welcome to review the patch for different networking</font></div>
<div><font face="Courier New"> scenarios: </font></div>
<div><font face="Courier New"> Layer-3 networking and combined bridge network spec</font></div>
<div><font face="Courier New"> ( </font><a href="https://review.openstack.org/#/c/396564/" target="_blank">https://review.openstack.org/#/c/396564/</a><span style="font-family: "Courier New";">)</span></div>
<div><span style="font-family: "Courier New";"><br>
</span></div>
<div><span style="font-family: "Courier New";">Best Regards</span></div>
<div><span style="font-family: "Courier New";">Chaoyi Huang(joehuang)</span></div>
</div>
</body>
</html>