[openstack-dev] [neutron] force_gateway_on_subnet, please don't deprecate
Miguel Ángel Ajo
majopela at redhat.com
Mon Dec 1 10:42:45 UTC 2014
My proposal here, is, _let’s not deprecate this setting_, as it’s a valid use case of a gateway configuration, and let’s provide it on the reference implementation.
TL;DR
I’ve been looking at this yesterday, during a test deployment
on a site where they provide external connectivity with the
gateway outside subnet.
And I needed to switch it of, to actually be able to have any external connectivity.
https://github.com/openstack/neutron/blob/master/etc/neutron.conf#L121
This is handled by providing an on-link route to the gateway first,
and then adding the default gateway.
It looks to me very interesting (not only because it’s the only way to work on that specific site [2][3][4]), because you can dynamically wire RIPE blocks to your server, without needing to use an specific IP for external routing or broadcast purposes, and instead use the full block in openstack.
I have a tiny patch to support this on the neutron l3-agent [1] I yet need to add the logic to check “gateway outside subnet”, then add the “onlink” route.
[1]
diff --git a/neutron/agent/linux/interface.py b/neutron/agent/linux/interface.py
index 538527b..5a9f186 100644
--- a/neutron/agent/linux/interface.py
+++ b/neutron/agent/linux/interface.py
@@ -116,15 +116,16 @@ class LinuxInterfaceDriver(object):
namespace=namespace,
ip=ip_cidr)
- if gateway:
- device.route.add_gateway(gateway)
-
new_onlink_routes = set(s['cidr'] for s in extra_subnets)
+ if gateway:
+ new_onlink_routes.update([gateway])
existing_onlink_routes = set(device.route.list_onlink_routes())
for route in new_onlink_routes - existing_onlink_routes:
device.route.add_onlink_route(route)
for route in existing_onlink_routes - new_onlink_routes:
device.route.delete_onlink_route(route)
+ if gateway:
+ device.route.add_gateway(gateway)
def delete_conntrack_state(self, root_helper, namespace, ip):
"""Delete conntrack state associated with an IP address.
[2] http://www.soyoustart.com/ (http://www.soyoustart.com/en/essential-servers/)
[3] http://www.ovh.co.uk/ (http://www.ovh.co.uk/dedicated_servers/)
[4] http://www.kimsufi.com/ (http://www.kimsufi.com/uk/)
Miguel Ángel Ajo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20141201/b37e0ac8/attachment.html>
More information about the OpenStack-dev
mailing list