[openstack-dev] [neutron]

Sean Mooney smooney at redhat.com
Wed Jan 23 21:20:52 UTC 2019


On Wed, 2019-01-23 at 15:46 -0500, Brian Haley wrote:
> On 1/22/19 1:56 PM, Farhad Sunavala wrote:
> > Hi,
> > 
> > 
> > I am open to suggestions.
> > We have a need to switch traffic from our project to other projects 
> > without first getting out
> > on the internet, floating IPs, etc.
> > 
> > The other projects will be sharing their networks with our project.
> > As shown in figure below, the orange network belongs to our project 
> > (10.0.0.0/26)
> > 
> > The green network (172.31.0.0/24) belongs to another project
> > and
> > has an overlapping network with the red tenant (172.31.0.0/16)
> > 
> > For now, the solution is to create VMs in our project and make sure none 
> > of the interfaces
> > having overlapping CIDRs.  Thus, there is a VM attached to the 'orange' 
> > and 'red' nets
> > and another VM attached to the 'orange' and 'green' nets.
> > 
> > Problem: Too much resources (VMs) will need to be created if we have 100 
> > tenants with overlapping networks.
> > 
> > Solution:
> > Is there a way I can minimize VM resource in our project by not 
> > allocating a separate VM
> > for shared networks with overlapping CIDRs?
> 
> Have you tried setting allow_overlapping_ips=False in neutron.conf and 
> restarting the server?
correct me if im wrong but setting allow_overlapping_ips=false would effectivly prevent overlaping CIDRs
https://docs.openstack.org/neutron/latest/configuration/neutron.html#DEFAULT.allow_overlapping_ips

you would generally only do that if you were using routed network or didnt want teanat to have overlapping CIDRs
for there networks.

if we removed the requirement to allowing overlapping cidrs then setting 
allow_overlapping_ips=false and configuring a default subnet pool so that tenant networks automatically got
issued non over lapping subnets that would work but that is not what the original question was.
> 
> -Brian
> 




More information about the openstack-discuss mailing list