<div dir="ltr"><p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif">Hi Everyone,</p>
<p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif"> </p>
<p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif">Hope you are all doing well.</p>
<p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif">I’m a beginner to Openstack and Neutron and now run into an
issue about SNAT and shared floating IP.</p>
<p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif">I’ve already deployed a neutron network which uses BGP to
announce floating IP to PE (Provider Edge router), and everything works as
expected when I assign the public floating IP (e.g., <a href="http://123.0.0.10/24">123.0.0.10/24</a>) to VMs. </p>
<p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif">But when I tried to use floating IP port-forwarding function
with floating IP <a href="http://123.0.0.20/24">123.0.0.20/24</a> and rule (internal_ip 10.10.10.10, internal_port
5555, external_port 64000), and assign a private IP (<a href="http://10.10.10.10/24">10.10.10.10/24</a>) to a VM.
The floating IP 123.0.0.20 won’t be advertised through BGP.</p>
<p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif"> </p>
<p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif">May I have some suggestions about how I could get this
fixed, or the neutron just won’t work this way?</p>
<p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif"> </p>
<p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif">FYI,</p>
<ol style="margin-top:0in;margin-bottom:0in" start="1" type="1">
<li class="gmail-MsoListParagraph" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif">Per my understanding,
the port_forwardings rule will make the port act like a SNAT role and
forward any packets that reach it with destination <a href="http://123.0.0.20:64000">123.0.0.20:64000</a>
to the private IP <a href="http://10.10.10.10/24">10.10.10.10/24</a>. </li>
<li class="gmail-MsoListParagraph" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif">The IP address could be
reached in the neutron network.</li>
<li class="gmail-MsoListParagraph" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif">PE IP address, CE IP
address, and floating IP gateway are using the same subnet A and subnet
pool (<a href="http://192.168.123.0/24">192.168.123.0/24</a>), while floating IP belongs to subnet B and subnet
pool (<a href="http://123.0.0.0/24">123.0.0.0/24</a>), both subnets belong to the provider network.</li>
<li class="gmail-MsoListParagraph" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif">Only floating IP that
assigned to the specific VM will be advertised to PE through BGP</li>
<li class="gmail-MsoListParagraph" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif">Floating IP that is assigned to the port of a router in the neutron network won’t be advertised,
even if the IP is activated and is reachable internally.</li>
</ol>
<p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif"> </p>
<p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif"> </p>
<p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif">Sincerely,</p>
<p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif"> </p>
<p class="MsoNormal" style="margin:0in;font-size:11pt;font-family:Calibri,sans-serif">Alex</p></div>