<div dir="ltr">Hi Swami, thanks for the clarification.<div><br></div><div>It's clear that I cannot avoid having two IP addresses in the VM. Besides, while playing with two routers/subnets as you suggested, sometimes I ended up either with two default routes inside the VM, or with one default route taking all the traffic (traffic for both VLANs). Maybe if I explain my requirements is better for finding a solution for this use case:</div><div><br></div><blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px"><div>- our datacenter has two VLANs:</div><div> - one for "internal" application traffic (i.e. VLAN 1)</div><div> - and one for "external" / internet traffic (i.e. VLAN 2)</div><div><br></div><div>- the VMs should route a fixed list of known internal subnets via a gateway in VLAN 1 (which is physical switch)</div><div><br></div><div>- traffic for all other than this should be routed via another gateway in VLAN 2 (a different physical switch)</div><div><br></div><div>- we want to avoid the SPoF of a Network Node, so DVR is a requirement</div><div><br></div><div>- ideally, we don't want to consume floating IP addresses, except for the VMs which receive externally originated traffic</div></blockquote><div><br></div><div>(This last two points maybe are in conflict with the current version of DVR)</div><div><br></div><div>As a background note, we've already successfully tested another scheme which "competes" with the one discussed here, which is attaching the two VLAN provider networks directly to the VMs, i.e. consuming real IP addresses from the physical VLAN, which avoids using floating IPs and routing via a Network Node. But now we want to test tunnelling so that we don't consume too much IP addresses from these VLANs.</div><div><br></div><div>Thank you in advance</div><div>Gustavo</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, May 8, 2015 at 5:19 PM, Swaminathan Vasudevan <span dir="ltr"><<a href="mailto:souminathan@gmail.com" target="_blank">souminathan@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi Gustavo Randich,<div>The issue that I am seeing in your case is, you are trying to add the same internal subnet that you created "demo-net" to both the routers, router1 and router2.</div><div>If you need to test the multiple networks with dvr, make sure you have created two provider external networks as you have done.</div><div>Then create two internal network/subents subnet-A and subnet-B.</div><div><br></div><div>Then attach Subnet-A to router A.</div><div>Attach Subnet B to router B.</div><div>This would work.</div><div><br></div><div>Make sure that you have "two" fip namespaces in the node where you run your VMs.</div><div><br></div><div>Please let me know if you have any other questions.</div><div><br></div><div>Thanks</div><div>Swami </div></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="h5">On Fri, May 8, 2015 at 11:01 AM, Gustavo Randich <span dir="ltr"><<a href="mailto:gustavo.randich@gmail.com" target="_blank">gustavo.randich@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5"><div dir="ltr"><div><div>Hi, sorry for my ignorance, but, Is it posible, using DVR, to provide instances which are in only one tenant network with two floating IPs from two different external networks? For example:<br><br> - floating ip 1 obtained from external network 1 (VLAN 1) whose physical gateway is 10.111.1.254<br> - floating ip 2 obtained from external network 2 (VLAN 2) whose physical gateway is 10.222.1.254<br><br></div><div></div><div>I've tried the following aproaches with no success. I'm confused about how many routers, tenant networks and router interfaces I should define, and the correct value of 'gateway' parameter of subnet-create command.<br><br></div><div></div><div>Thanks!<br><br></div><div><br></div><div># external network 1<br></div>neutron net-create ext-net1 --router:external --provider:physical_network external --provider:network_type vlan --provider:segmentation_id 1 --shared<br>neutron subnet-create ext-net1 <a href="http://10.111.1.0/24" target="_blank">10.111.1.0/24</a> --name ext-subnet1 --allocation-pool start=10.111.1.1,end=10.111.1.64 --disable-dhcp --gateway 10.111.1.254 <br><br># external network 2<br>neutron net-create ext-net2 --router:external --provider:physical_network external --provider:network_type vlan --provider:segmentation_id 2 --shared<br>neutron subnet-create ext-net2 <a href="http://10.222.1.0/24" target="_blank">10.222.1.0/24</a> --name ext-subnet2 --allocation-pool start=10.222.1.1,end=10.222.1.64 --disable-dhcp --gateway 10.222.1.254<br><br># tenant network<br>neutron net-create demo-net<br>neutron subnet-create demo-net <a href="http://10.0.2.0/24" target="_blank">10.0.2.0/24</a> --name demo-subnet --gateway 10.0.2.1<br><br><br></div><div># USING 2 ROUTERS<br></div># router 1<br><div>neutron router-create r1<br>neutron router-interface-add r1 demo-subnet<br>neutron router-gateway-set r1 ext-net1<br></div><div># router 2<br></div><div>neutron router-create r2<br>neutron router-interface-add r2 demo-subnet # ---> ERROR The IP address 10.0.2.1 is in use, so....<br>neutron port-create demo-net # obtain $PORT_ID<br>neutron router-interface-add r2 port=$PORT_ID<br>neutron router-gateway-set r2 ext-net2<br><br><br></div><div># USING 1 ROUTER<br>neutron router-create r1<br>neutron router-interface-add r1 demo-subnet<br>neutron router-interface-add r1 ext-subnet1<br>neutron router-gateway-set r1 ext-net2<br><br></div></div>
<br></div></div>_______________________________________________<br>
Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>
Post to : <a href="mailto:openstack@lists.openstack.org" target="_blank">openstack@lists.openstack.org</a><br>
Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>
<br></blockquote></div><br></div>
</blockquote></div><br></div>