[neutron][ovn] support for stateless NAT for floating ip in ml2 ovn

Ihar Hrachyshka ihrachys at redhat.com
Tue Aug 17 00:20:02 UTC 2021


> Hi all,
> 
> OVN support stateless NAT operations [1] for use case of 1:1 mapped
> between inner and external ips, i.e dnat_and_snat rule. In openstack is
> the floating ip use-case.  Looking on ml2 ovn support it seem that it
> only support floating ip with connection tracking. Can ml2 ovn support
> also the stateless NAT option? Is there concerns using stateless NAT?

Hi Moshe,

you are talking about an "option". Do you mean OpenStack would have a
new API extension for FIPs to choose it? Or a configuration option?

AFAIU the only limitation for stateless dnat_and_snat rules in OVN is
that the mapping must be 1:1, which I think is always the case with
OpenStack FIPs (fixed_ip_address attribute is not a list). If so,
perhaps always using stateless NAT rules is the way to go (so no api or
config option). Am I missing something?

I am not aware of any concerns using stateless NAT. But to clarify your
motivation: do you expect it to perform better cpu/bandwidth wise?

Thanks,
Ihar




More information about the openstack-discuss mailing list