[Openstack-operators] [neutron] network issue with separate subnets under single public-network

Rahul Sharma rahulsharmaait at gmail.com
Tue Mar 1 22:58:37 UTC 2016


Hi All,

I am trying to fix a network-issue in our environment and would like to
know some suggestions on how I can achieve it. Here is the issue:-

I have two subnets(10.10.10.0/25 and 10.10.10.128/26) with separate
gateways for each subnet and I expose the whole to end users as public
network. Diagram1 attached lists the configuration done on horizon.

The setup works fine for some users but it starts failing for the others.
The issue occurs when the router connecting to the public network gets
gateway in one subnet and the floating-ip gets allocated from the second
subnet. Looking at the routes configured within the router, it seems that
the router is unable to route the packets to the correct gateway. Its
sending packets to a wrong gateway which will drop packets as they don't
belong to the right subnet.

# ip netns exec qrouter-8790f703-85ed-44e4-7a96-251b26572457 ip r

default via 10.10.10.1 dev qg-ee39897d-d3 <------ default Gateway

10.10.10.0/25 dev qg-ee39897d-d3  proto kernel  scope link  src 10.10.10.115
<--- Gateway for Router

10.10.10.128/26 dev qg-ee39897d-d3  scope link

192.168.10.0/24 dev qr-0c9694f8-9d  proto kernel  scope link  src
 192.168.10.1

However, one of the floating-ip allocated in 10.10.10.168 which lies in
other subnet. This router will send packets from 10.10.10.128/26subnet to
10.10.10.1 and they will get dropped.

# ip netns exec qrouter-8790f703-85ed-44e4-7a96-251b26572457 ip addr

<stripped version>

165: qg-7523dad9-a7: mtu 1500 qdisc noqueue state UNKNOWN

    link/ether fa:16:3e:a3:8a:61 brd ff:ff:ff:ff:ff:ff

    inet 10.10.10.115/25 brd 10.10.10.127 scope global qg-ee39897d-d3 <---
Gateway for router

       valid_lft forever preferred_lft forever

    inet 10.10.10.72/32 brd 10.10.10.72 scope global qg-ee39897d-d3  <---
floating ip in subnet1 (no issues)

       valid_lft forever preferred_lft forever

    inet 10.10.10.168/32 brd 10.10.10.168 scope global qg-ee39897d-d3 <---
floating ip in subnet2 (issues)

       valid_lft forever preferred_lft forever

I went through one comment against a bug:
https://bugs.launchpad.net/neutron/+bug/1312467/comments/12

This is something on the same lines. Is there any solution other than
deleting the public network and exposing it as two separate public networks
because I don't have access to the physical routers/switches and cannot
merge the two subnets into one. Any pointers would be really helpful.

Thanks.

*Rahul Sharma*
*MS in Computer Science, 2016*
College of Computer and Information Science, Northeastern University
Mobile:  801-706-7860
Email: rahulsharmaait at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20160301/19bec8aa/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Diagram1.png
Type: image/png
Size: 39535 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20160301/19bec8aa/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: multiple_public_networks.pdf
Type: application/pdf
Size: 145549 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20160301/19bec8aa/attachment-0001.pdf>


More information about the OpenStack-operators mailing list