What I'm referring to here are two separate tenants in the same region - each with their own unique Layer 2 broadcast domain but sharing the same subnet definition - with DHCP requiring the use of namespaces and ... the other element escapes me. But subnets don't necessarily presume Layer 3. Routing/switching between subnets yes, the use of a subnet definition is not. This used to be supported as far back as the Icehouse release, just not clear when the support for this configuration was changed or removed. //adam /a/dam, *Adam Peacock* Principal Architect Office: +1-916-794-5706 On Wed, Feb 26, 2020 at 2:13 PM Jeremy Stanley <fungi@yuggoth.org> wrote:
On 2020-02-26 13:26:43 -0800 (-0800), Dan Sneddon wrote: [...]
That has never been supported. It is not feasible to have two VMs on the same network+subnet that have the same IP, even if they are owned by different tenants. That isn't a Neutron limitation, that's a limitation of IP-over-Ethernet that applies to all networks.
Think of the non-virtualized equivalent, if you had a physical network subnet with two computers using the same IP address there would be a conflict, even if one computer was owned by Alice and the other computer was owned by Bob. There is no way to make that work in a virtualized cloud environment unless the two tenants are using different network subnets.
It's probably useful to level-set on terminology, since not all these same words are used to mean the same things in different contexts. From Neutron's perspective "network" is your OSI layer 2 broadcast domain, and "subnet" is your OSI layer 3 addressing. Obviously to reuse the same layer 3 (IP) addresses on different systems you need them to reside on separate layer 2 (Ethernet) networks and have independent routing, most likely with some layer 3 address translation in place if they are ever expected to communicate with one another.
As Dan points out, though, this has nothing to do with multi-tenancy and everything to do with the fundamentals rules of network engineering. -- Jeremy Stanley