<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Sorry, I should have also mentioned that I'm using a tenant based
networking model within Openstack. Each project/tenant has their
own network/subnet and is only connected to the provider network
via a vRouter. The vRouter has the more specific routes in
order to know which is the proper next-hop on the provider
network.<br>
</p>
<br>
<div class="moz-cite-prefix">On 07/06/17 03:12 AM, Volodymyr Litovka
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:2947b7f8-6fd5-be88-6f47-a39a91c02997@gmx.com">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<p><font face="SFNS Display">Hi Gary,</font></p>
<p><font face="SFNS Display">why you need this route installed on
vRouter? It's not a packet-originating node, it's just a
transit point. As soon as you'll have a proper routing table
on guest VMs (according to DHCP configuration), they will send
packets destined to </font>172.16.0.0/12 through 172.31.96.1
and everything else - to 172.31.96.21. Neither vR nor NATing
host don't require more specific routes.<br>
</p>
<br>
<div class="moz-cite-prefix">On 6/6/17 9:23 PM, Gary molenkamp
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:989d0393-4698-c3cc-b23b-b1826a8858ec@uwo.ca">I'm
having an issue with Neutron under Newton in assigning routes to
the provider network. I would appreciate any advice on whether
I am doing this incorrectly, or if this a bug with neutron. <br>
<br>
<br>
I have a routed provider network that is using RFC1918 address
space for our institution's private network. ie: <br>
<br>
provider-subnet: 172.31.96.0/22 default gateway:
172.31.96.1 <br>
<br>
This subnet is routed to other subnets in the 172.16.0.0/12
address space, but does not have any outbound service to general
internet. To provide outbound NAT to instances, I add a NATing
host to the provider-subnet physical network and changed the
default gateway to that host. I then added a host route to the
subnet that uses the original gateway as the nexthop on the
generic 172.16.0.0/12 ip space: such that: <br>
<br>
NATing host=172.31.96.21 <br>
<br>
<br>
# openstack subnet show 066df21a-d23d-4917-8b28-d097957633dc <br>
<br>
+-------------------+-----------------------------------------------------+
<br>
<br>
| Field |
Value | <br>
<br>
+-------------------+-----------------------------------------------------+
<br>
<br>
| allocation_pools |
172.31.96.32-172.31.99.240 | <br>
<br>
| cidr |
172.31.96.0/22 | <br>
<br>
| created_at |
2017-04-12T15:59:32Z | <br>
<br>
| description
| | <br>
<br>
| dns_nameservers |
8.8.8.8 | <br>
<br>
| enable_dhcp |
True | <br>
<br>
| gateway_ip |
172.31.96.21 | <br>
<br>
| host_routes | destination='172.16.0.0/12',
gateway='172.31.96.1' | <br>
<br>
| id |
066df21a-d23d-4917-8b28-d097957633dc | <br>
<br>
| ip_version |
4 | <br>
<br>
| ipv6_address_mode |
None | <br>
<br>
| ipv6_ra_mode |
None | <br>
<br>
| name |
provider-campus | <br>
<br>
| network_id |
67917c09-6cb4-4622-ae1b-9f5aef890b0f | <br>
<br>
| project_id |
a9746d7b6ff047dca9ac3aced978643c | <br>
<br>
| project_id |
a9746d7b6ff047dca9ac3aced978643c | <br>
<br>
| revision_number |
10 | <br>
<br>
| service_types |
[] | <br>
<br>
| subnetpool_id |
None | <br>
<br>
| updated_at |
2017-06-06T13:33:31Z | <br>
<br>
+-------------------+-----------------------------------------------------+
<br>
<br>
<br>
However, when a router is added and set to the gateway on this
provider subnet, the included routes do not have the proper
nexthop set in the routing table and instead just point to the
default route: <br>
<br>
# ip netns exec qrouter-da32efe2-1294-4f7e-8c47-0ef2a6d2fd39
route -n <br>
<br>
Kernel IP routing table <br>
<br>
Destination Gateway Genmask Flags Metric
Ref Use Iface <br>
<br>
0.0.0.0 172.31.96.21 0.0.0.0 UG 0
0 0 qg-5f5ca6e9-56 <br>
<br>
172.31.96.0 0.0.0.0 255.255.252.0 U 0
0 0 qg-5f5ca6e9-56 <br>
<br>
172.31.104.0 0.0.0.0 255.255.255.0 U 0
0 0 qr-db64ea28-cd <br>
<br>
<br>
If I explicitly add the destination routes to a virtual router,
everything works as intended: <br>
<br>
<br>
# openstack router set --route
destination='172.16.0.0/12',gateway='172.31.96.1' r2 <br>
<br>
# ip netns exec qrouter-da32efe2-1294-4f7e-8c47-0ef2a6d2fd39
route -n <br>
<br>
Kernel IP routing table <br>
<br>
Destination Gateway Genmask Flags Metric
Ref Use Iface <br>
<br>
0.0.0.0 172.31.96.21 0.0.0.0 UG 0
0 0 qg-5f5ca6e9-56 <br>
<br>
172.16.0.0 172.31.96.1 255.240.0.0 UG 0
0 0 qg-5f5ca6e9-56 <br>
<br>
172.31.96.0 0.0.0.0 255.255.252.0 U 0
0 0 qg-5f5ca6e9-56 <br>
<br>
172.31.104.0 0.0.0.0 255.255.255.0 U 0
0 0 qr-db64ea28-cd <br>
<br>
<br>
I would rather have the route definition in the provider subnet
rather than having to replicate the routing entries for every
router instance. Am I missing something, or should this be
working as initially intended. <br>
<br>
Note: running openstack newton on centos7.3.1611 using bridge
plugin for newton: <br>
<br>
openstack-neutron-ml2-9.2.0-1.el7.noarch <br>
centos-release-openstack-newton-1-1.el7.noarch <br>
python2-openstacksdk-0.9.5-1.el7.noarch <br>
openstack-neutron-common-9.2.0-1.el7.noarch <br>
openstack-neutron-linuxbridge-9.2.0-1.el7.noarch <br>
python-openstackclient-3.2.1-1.el7.noarch <br>
openstack-neutron-9.2.0-1.el7.noarch <br>
<br>
<br>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Volodymyr Litovka
"Vision without Execution is Hallucination." -- Thomas Edison
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Gary Molenkamp Computer Science
Systems Administrator University of Western Ontario
<a class="moz-txt-link-abbreviated" href="mailto:molenkam@uwo.ca">molenkam@uwo.ca</a> <a class="moz-txt-link-freetext" href="http://www.csd.uwo.ca">http://www.csd.uwo.ca</a>
(519) 661-2111 x86882 (519) 661-3566
</pre>
</body>
</html>