On Wed, 2019-01-23 at 15:46 -0500, Brian Haley wrote:
On 1/22/19 1:56 PM, Farhad Sunavala wrote:
Hi,
I am open to suggestions. We have a need to switch traffic from our project to other projects without first getting out on the internet, floating IPs, etc.
The other projects will be sharing their networks with our project. As shown in figure below, the orange network belongs to our project (10.0.0.0/26)
The green network (172.31.0.0/24) belongs to another project and has an overlapping network with the red tenant (172.31.0.0/16)
For now, the solution is to create VMs in our project and make sure none of the interfaces having overlapping CIDRs. Thus, there is a VM attached to the 'orange' and 'red' nets and another VM attached to the 'orange' and 'green' nets.
Problem: Too much resources (VMs) will need to be created if we have 100 tenants with overlapping networks.
Solution: Is there a way I can minimize VM resource in our project by not allocating a separate VM for shared networks with overlapping CIDRs?
Have you tried setting allow_overlapping_ips=False in neutron.conf and restarting the server? correct me if im wrong but setting allow_overlapping_ips=false would effectivly prevent overlaping CIDRs https://docs.openstack.org/neutron/latest/configuration/neutron.html#DEFAULT...
you would generally only do that if you were using routed network or didnt want teanat to have overlapping CIDRs for there networks. if we removed the requirement to allowing overlapping cidrs then setting allow_overlapping_ips=false and configuring a default subnet pool so that tenant networks automatically got issued non over lapping subnets that would work but that is not what the original question was.
-Brian