[Openstack-operators] [Neutron] Floating IPs / Router Gateways

Carl Baldwin carl at ecbaldwin.net
Fri Apr 17 19:18:26 UTC 2015


I don't have your original email from which to reply.  So, hopefully
this finds you just as well.  The bad news is that I don't have an
immediate answer to address this.  However, I thought it was worth
mentioning where the future may lead.

I have been thinking about the scenario that you describe for a while
now.  I've started to write blueprints for Liberty to address this.
The first blueprint specification [1] describes adding private backing
subnets to an external network.  Initially, I'll use this capability
to eliminate public IP waste in distributed routers.

I'm writing a follow-on blueprint to this that will leverage it to
eliminate the virtual routers' dedicated public IP addresses
completely.  Routers' gateway addresses will then be allocated only
from the private subnet.  I haven't posted the specification yet but
will try to post it today.  Your infrastructure will have to provide
your own SNAT to the internet from these private addresses but it
sounds like you've already an idea for that based on your description:

> We want to have: instance -> (gateway IP) virtual router NAT (private IP) -> (private gateway) router NAT (this NAT provided by your infrastructure).

If we can manage to implement these two blueprints in Liberty then we
would have the perfect solution for you.


[1] https://review.openstack.org/#/c/172244/

