Open Stack

On Sep 21, 2015 9:21 AM, "Venkata Anil" <vkommadi at redhat.com> wrote:
>
> Hi All
>
> I need your opinion on selecting router for floatingip when subnet is
connected to multiple routers.
>
> When multiple routers connected to a subnet, vm on that subnet will only
send packets destined for external network to the router with subnet's
default gateway.
> Should we always choose this router(i.e router with subnet's default
gateway) for floatingip?

Egress traffic from a vm goes to the default gateway.  This traffic needs
to be either SNATed to the floating ip address as the source or matched
with an existing DNAT connection with conntrack (assuming the current
stateful implementation).  It follows that the floating ip should always be
hosted on the router having the default gateway interface on the vm port's
subnet.

To choose a different, non-default gateway, router would mean that you'll
need extra routes in the vm in order for the floating ip to work.  If we
want to allow this, we could accept any router connected to both the port's
internal network and the eternal network.  That is what we do today.  The
problem remains when there are multiple routers connected this way making
them all eligible [1].  Assuming we stick with this, I think it makes sense
to *prefer* the one that has the default gateway interface on the private
network.  I think that is the solution given by this patch set [2].

The big question in my mind is do we want to continue allowing the case
where the only eligible router doesn't have the default gateway interface
on the private network?  Do we want to continue allowing this knowing that
something else must be done (e.g. DHCP static routes or something like
that) to the VM to make the floating ip work?

> We have two scenarios -
>
> 1) Multiple routers connected to same subnet and also same external
network.
>    In this case, which router should we select for floatingip?
>    Choose first router in db list or router with default gateway. What if
router with subnet's default gateway not present?

I think prefer the default gateway.  The question still remains whether we
fail if it isn't present or select another.

> 2) Multiple routers connected to same subnet and different external
networks.
>    In this case, user has the choice to create floatingip on any external
network( and on the router connected to that external network).

Only the router with the default gateway will work out of the box, right?

>    But this router may not be the one having subnet's default gateway.
 Should we allow this?

This case should fail unless we choose to continue allowing floating ips to
be hosted on a non-default gateway router.

Carl

[1] https://launchpad.net/bugs/1470765

[2] https://review.openstack.org/#/c/220135/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150922/91659a35/attachment.html>