[Openstack] Inbound connectivity and FlatDHCP networking
Lars Kellogg-Stedman
lars at seas.harvard.edu
Wed Aug 1 16:35:13 UTC 2012
We are trying to use the FlatDHCP network model in multi_host mode.
Getting things to boot and establishing *outbound* connectivity has
been relatively simple. Systems come up, pull an address from the
local dnsmasq process running on the compute host, and all traffic is
routed out public_interface via an iptables SNAT rule.
E.g.,
http://www.referencearchitecture.org/network-design/
For outbound access, it's not clear why the flat_network_bridge needs
to be connected to an actual physical interface...since everything
goes out public_interface, I'm not sure what flat_interface is for.
It's also not clear how inbound access is supposed to work. Guest
interfaces get addresses, but due to the NAT rule these are mostly
inaccessible to external systems. The guests are on a locally
routeable 10.x.x.x network, but the routing established by OpenStack
means that any inbound connections from outside the network will
result in replies going out via the SNAT rule, which means connections
are never established.
I've had a hard time finding documentation that shows a complete
example of this configuration, and what I have found (like the picture
above) only seems to answer the outbound half of the question. Any
pointers would be greatly appreciated.
Thanks,
--
Lars Kellogg-Stedman <lars at seas.harvard.edu> |
Senior Technologist | http://ac.seas.harvard.edu/
Academic Computing | http://code.seas.harvard.edu/
Harvard School of Engineering and Applied Sciences |
More information about the Openstack
mailing list