[neutron] DVR / IPv6 on provider network instead?
Brian Haley
haleyb.dev at gmail.com
Mon Jun 29 18:13:38 UTC 2020
On 6/27/20 11:52 PM, Eric K. Miller wrote:
> Hi,
>
> Should I assume that the statement:
>
> "IPv6 traffic is not distributed, even when DVR is enabled. IPv6 routing
> does work, but all ingress/egress traffic must traverse through the
> centralized Controller node. Customers that are extensively using IPv6
> routing are advised not to use DVR at this time."
>
> is still true in Stein and later (we are running Stein for now, which is
> why I explicitly mentioned this version)?
>
> If so, is there a possibility of using a provider network that is
> connected to all compute nodes where IPv6 subnets are issued to tenants
> from a subnet pool, with traffic being routed directly to an external
> router (not a Neutron router) using Linux Bridge instead of OVS? Yet,
> still use port security?
>
> Just trying to figure out the best way to support IPv6 without
> forwarding all traffic through a single network node, while using DVR
> for IPv4.
The other way would be to enhance the dr-agent, IPv4 support for DVR was
added recently.
https://docs.openstack.org/neutron-dynamic-routing/latest/
There is also some ongoing work to better support IPv6 "fast exit" at
https://review.opendev.org/#/c/662111/
-Brian
> Also, unrelated, but hopefully a quick question… is the "internal" or
> "external" label on a network just used for filtering lists, such as for
> "openstack network list --external"? or does it change the behavior of
> anything?
>
>
> Thanks!
>
>
> Eric
>
More information about the openstack-discuss
mailing list