[DHCP][Provider Network] Instances get IP from external DHCP server

dangerzone ar dangerzonen at gmail.com
Sun Jan 31 03:54:28 UTC 2021

Hi Slawek and Ruslans, thanks for the response. In this case the instance
is connected to an unknown dhcp network and requests ip from that network
to get access to the lan/internet. Thus, there is no known ip
range/gw/dns/subnet that configures on the neutron network. From Ruslanas
in the email, propose to set subnet as and disable port security
( on the instance itself or on the network that should be disabled???).

The use case is I have a computer that has been configured as an openstack
and with 2 nic ports. An instance created with attached to eth0 and eth1.
This is a mobile mini computer that is used for demo purposes...
The management openstack is set to network (eth0) and the
second port eth1 is the one that will be connected to the external dhcp
network. For example I bring the computer to customer site A for a demo...
and connect eth0 to notebook for local management and then connect eth1 to
site A to get ip from dhcp server for my instance to access lan/internet
from site A network.
I understand if we have the details of IP range/gw/etc that can be defined
as a network, but the scenario here....we don't know the network and
requesting ip from unknown dhcp network.
Hope it gives some ideas... Thanks

On Fri, Jan 29, 2021 at 4:07 PM Slawek Kaplonski <skaplons at redhat.com>

> Hi,
> On Fri, Jan 29, 2021 at 12:20:15PM +0800, dangerzone ar wrote:
> > Hi, appreciate some advice on how instances in openstack get ip from
> > external DHCP server. For example instance is attached to port eth1
> > (physical port) and this port is connected to home/office lan port and
> > requests dhcp ip. How this can be achieved.
> > ***User don't know the dhcp ip range/gw/dns that will be provided by the
> > dhcp sever to that instance...instance just attach to eth1 and request
> > ip.***
> > Similar like our pc/notebook request dhcp ip via wifi or lan port.
> > How to establish this in openstack. Please advise and help me.
> > Thank you
> You need to disable port security on such instance. Otherwise Neutron will
> block traffic from such IP address which is unknown.
> Or You need to add this IP address which VM get to the
> allowed_address_pairs of
> the VM's port.
> Also, please keep in mind that You will have different IP associated to
> that VM
> in the Neutron, and that will be visible in OpenStack API and different
> one will
> be really used.
> --
> Slawek Kaplonski
> Principal Software Engineer
> Red Hat
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20210131/ea4c4e76/attachment.html>

More information about the openstack-discuss mailing list