[Openstack] DVR and public IP consumption

James Denton james.denton at rackspace.com
Wed Jan 20 15:35:54 UTC 2016 

Hi,

>> You cannot get around each tenant gateway router consuming an extra public IP address itself as far as I know.

Almost. With DVR, a FIP namespace is created on compute nodes, with one FIP namespace per external network. The FIP namespace owns an IP address from the external provider network, and all tenant routers connected to the same external network on the same node connect to the respective FIP namespace via veth pair. It is possible that all compute nodes could each have a FIP namespace connected to the same external network, which would certainly reduce the number of IPs available, but it beats having to give each tenant router an IP. There is some NAT/routing/Proxy ARP magic that goes into making this config work. Assaf’s blog is a great resource for that info.

James

From: Tom Verdaat <tom at server.biz<mailto:tom at server.biz>>
Date: Wednesday, January 20, 2016 at 9:02 AM
To: "openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>" <openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>>
Subject: Re: [Openstack] DVR and public IP consumption

Hi Tomas,

Actually the networking nodes, and in a DVR scenario the compute nodes, don't need a public IP assigned to the node itself. All they need is a networking interface connected to the "public" network. Only tenant routers set as a gateway consume one public IP address each as overhead. You cannot get around each tenant gateway router consuming an extra public IP address itself as far as I know.

Does that answer your question?

Cheers,

Tom


2016-01-20 13:48 GMT+01:00 Tomas Vondra <vondra at czech-itc.cz<mailto:vondra at czech-itc.cz>>:
Hi!
I have just deployed an OpenStack Kilo installation with DVR and expected
that it will consume one Public IP per network node as per
http://assafmuller.com/2015/04/15/distributed-virtual-routing-floating-ips/,
but it still eats one per virtual Router.
What is the correct behavior?
Otherwise, it works as a DVR should according to documentation. There are
router namespaces at both compute and network nodes, snat namespaces at the
network nodes and fip namespaces at the compute nodes. Every router has a
router_interface_distributed and a router_centralized_snat with private IPs,
however the router_gateway has a public IP, which I would like to getr id of
to increase density.
Thanks


_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to     : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160120/5d19e1fb/attachment.html>

More information about the Openstack mailing list