On 15 November 2016 at 15:04, Kevin Benton <kevin at benton.pub> wrote: > Hi all, > > > Right now, we do something in devstack that does not reflect how > deployments are normally done. We setup a route on the parent host to the > private tenant network that routes through the tenant's router[1]. This > behavior originates from a very long time ago[2] and I'm not sure if it > even works correctly right now (because the tenant router has port address > translation enabled). > > I would like to stop this behavior in devstack for a couple of reasons: > > 1. If this works, it works by accident. Neutron doesn't have any > guarantees of behavior when you are pointing routes to a private network > via a router that has SNAT enabled. > 2. This method of accessing the VMs is not how access is gained to VMs in > normal deployments. If you want a VM to be reachable, either attach to the > same network with a port, setup a provider network, or assign the VM a > floating IP. > > > I would like to drop the installation of this route, but I'd like to hear > if there is anyone relying on this behavior. Reply to this email or comment > on the patch.[3] > Thanks for looking into this. Let me add that this is in relation to bug [1]. Cheers, Armando [1] https://bugs.launchpad.net/devstack/+bug/1629133 > > 1. https://github.com/openstack-dev/devstack/blob/ > 29d13df1a284f8f1a5973ccc826a475156820d23/lib/neutron_ > plugins/services/l3#L378 > 2. https://review.openstack.org/#/c/13693/ > 3. https://review.openstack.org/397987 > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20161115/0d16130b/attachment.html>