On Fri, 2019-01-18 at 15:42 +0100, Simon Leinen wrote:
Cody writes:
What solution(s) other than DVR could I use to avoid north-south traffic congestion at the neutron server nodes?
well the noth south traffic is processed by the nodes running the l3 agent so if you run the neutron server/api on the controller nodes and have dedicated networking ndoes for l3 and dhcp agents then that would achive what you desire without dvr in terms of not overloading the node that is running the neutron server.
Basically, I wish to let VMs with floating IPs to route directly from their respective hypervisor hosts to the Internet. it would not however achive ^
Isn't that the DEFINITION of what DVR does? :-) yes that is the usecase that dvr with centralised snat tried to solve.
dvr with distrbuted snat would obviosly loadblance the snat traffic away from the network nodes but im not sure we ever got that to work.
(Not using DVR myself, so I may be wrong.)
We push everything through those central nodes - we call them "network nodes". We try to alleviate the congestion by distributing routers across multiple nodes, and within each node we make sure that the forwarding plane (Open vSwitch in our case) is capable of using the "multi-queue" feature of the underlying network cards, so that packet forwarding is distributed across the multiple cores of those servers. That helped us a lot at the time.