Hi Ryan, and all of the Neutron team,

Today, I'm happy to let you know that I've been able to finish the patch and that it's merged:

https://review.opendev.org/c/openstack/neutron/+/669395

I also managed to add some docs to Neutron about it:

https://docs.openstack.org/neutron/latest/admin/config-bgp-floating-ip-over-...

We've used it in a pre-production environment, and it just works as expected, it's kind of great.

However, there's some feature gaps that would need to be addressed. Namely: - external-gateway of routers aren't advertized - we can't do direct attach of public IPs to VMs - I failed adding IPv6 dual stack to this setup

Let me go into more details for each of these 3 points.

1/ No BGP advertizing for the router default gateways

When doing:

openstack router set --external-gateway <provider-net> <router>

we then get this type of port:

# openstack port show <UUID> -c binding_vif_details -c binding_vif_type +---------------------+-------------------------------------------------------------------------------------------------------------+ | Field | Value | +---------------------+-------------------------------------------------------------------------------------------------------------+ | binding_vif_details | bridge_name='br-int', connectivity='l2', datapath_type='system', ovs_hybrid_plug='True', port_filter='True' | | binding_vif_type | ovs | +---------------------+-------------------------------------------------------------------------------------------------------------+

which doesn't match the type of port we have for floating IPs:

# openstack port show <UUID> -c binding_vif_details -c binding_vif_type +---------------------+---------+ | Field | Value | +---------------------+---------+ | binding_vif_details | | | binding_vif_type | unbound | +---------------------+---------+

and then, the next HOP for the router gateway isn't advertized over BGP.

Do you know how we could get neutron-dynamic-routing to do that advertizing, with the next HOP on the network node(s)? Where should that code be patch? Inside Neutron, or in neutron-dynamic-routing? Is this really related to the port type as I've showed above?

2/ No direct attach to VM ports

We can't attach a port with an IP network:routed directly to a VM. I tried to add the subnet type "compute:nova" to the floating IP subnet, but that didn't do it: Neutron refuses to attach the port to a VM.

Do you know why? How and what and where should we patch Neutron to fix this?

3/ IPv6 dual stack

I tried to setup a dual-stack network, and failed. How should this be done? Should we add v6 subnets to segments and one subnet with the type --service-type 'network:router_gateway' as well? This is what I tried but it didn't work for me. Should tenants create their own v6 subnet out of the v6 subnet pool I provisioned as admin?

Cheers,

Thomas Goirand (zigo)

P.S: Please keep my Infomaniak colleagues as Cc.