[openstack-dev] [networking-ovn] Neutron-DVR feature on OVN/L3

Carl Baldwin carl at ecbaldwin.net
Mon Sep 21 22:30:12 UTC 2015


On Mon, Sep 21, 2015 at 2:47 PM, Sisir Chowdhury <schowdh at us.ibm.com> wrote:
> Hi All -
>
>     I have some proposal regarding ovn-networking project within Open-Stack.
>
> #1.   Making Neutron-DVR feature intelligent enough so that we can
> completely remove Network Node(NN).
>
>         Right now even with DVR, the egress traffic originated from VMs
> going outbound are SNAT'ed by the

This is only true for VMs which do not have a floating IP associated.
If a floating IP is associated both ingress and egress traffic will be
DNATed and SNATed using the floating IP.

The network node will be involved in the "shared SNAT" case.  If a VM
does not have its own floating ip from which to originate traffic, the
traffic will go to the network node and be SNATed using the shared
address.  The "shared" part is often left out in conversation which is
how this confusion comes up.

Carl

>         Network Node but the Ingrerss traffic coming from Internet to the
> VMs are directly going through the
>         Compute Node and DNAT'ed by the L3 Agent of the Compute Node.
>
> Any Thoughts/Comments ?
>
> Thanks..Sisir
> Cloud Innovation Lab, IBM
>
>
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>



More information about the OpenStack-dev mailing list