[openstack-dev] Fwd: [Neutron][DVR]Neutron distributed SNAT
Robert Collins
robertc at robertcollins.net
Mon Feb 16 08:33:21 UTC 2015
On 16 February 2015 at 21:29, Angus Lees <gus at inodes.org> wrote:
> Conntrack synchronisation gets us HA on the SNAT node, but that's a long way
> from distributed SNAT.
>
> Distributed SNAT (in at least one implementation) needs a way to allocate
> unique [IP + ephemeral port ranges] to hypervisors, and then some sort of
> layer4 loadbalancer capable of forwarding the ingress traffic to that IP
> back to the right hypervisor/guest based on the ephemeral port range. It's
> basically very much like floating IPs, only you're handing out a sub-slice
> of a floating-IP to each machine - if you like.
Or a pool of SNAT addresses ~= to the size of the hypervisor count.
-Rob
--
Robert Collins <rbtcollins at hp.com>
Distinguished Technologist
HP Converged Cloud
More information about the OpenStack-dev
mailing list