[Openstack-operators] nova-network NAT question

Sergio Ariel de la Campa Saiz sacampa at gmv.com
Fri Aug 31 08:14:01 UTC 2012 

Hi:

Thanks to pay attention to my doubt :) :)

The post is very detailed but it doesn´t get into my problem :(, in fact, author lets this issue to be treated in another post.

In the other hand (and to respond to Igor), my configuration is:

-          1 controller and 2 compute nodes.

-          Nova-network is installed in both compute nodes.

-          Neither the controller not the nodes have direct access to internet. The use a default gateway to access internet.

-          VlanManager

-          ip_forward is set to 1 in my compute nodes.

-          Each project has associated a VLAN.

-          Each VM has only one IP.

-          VMs belonging to different projects, communicate between them by gateways.

-          The gateway of a VM is the bridge of the VLAN that the VM belongs (this is done automatically by Nova).

I don´t have problem in my cloud, in fact communication between VMs and to the outside is working correctly (I had to set static rules in routers to access VMs from outside)

I don´t want to use NAT and I think that actually NAT is disabled. But I have been reading about it and I haven´t found any documentation that explain deeply this issue. I always read references to SNAT and that packets from VMs to internet are translated in order to put in them (as source IP), the IP of the compute-node. This is done using a parameter named routing_ source_ip.
I need to be clear when NAT is used :(. I need to know how activate/deactivate it.

I hope my question not be a big problem to you

Thanks a lot

[Descripción: C:\Users\ssac\Documents\Firma Digital\linea.gif]

[Descripción: C:\Users\ssac\Documents\Firma Digital\logo_gmv.gif]

Sergio Ariel de la Campa Saiz
Ingeniero de Infraestructuras /
Infrastucture Engineer /

GMV
Isaac Newton, 11
P.T.M. Tres Cantos
E-28760 Madrid
Tel. +34 91 807 21 00
Fax +34 91 807 21 99
www.gmv.com <http://www.innovation2011.es/index.php?id=86>
[Descripción: C:\Users\ssac\Documents\Firma Digital\icon_blog.gif]<http://www.gmv.com/b2_gmv>



[Descripción: C:\Users\ssac\Documents\Firma Digital\icon_facebook.gif]<http://www.facebook.com/infoGMV>



[Descripción: C:\Users\ssac\Documents\Firma Digital\icon_twitter.gif]<http://www.twitter.com/infoGMV_es>



[Descripción: C:\Users\ssac\Documents\Firma Digital\icon_youtube.gif]<http://www.youtube.com/infoGMV>


<http://www.innovation2011.es/index.php?id=86>




De: Igor Laskovy [mailto:igor.laskovy at gmail.com]
Enviado el: viernes, 31 de agosto de 2012 8:37
Para: Sergio Ariel de la Campa Saiz
CC: openstack at lists.launchpad.net; openstack-operators at lists.openstack.org
Asunto: Re: [Openstack-operators] nova-network NAT question


Hey.

Well, what the type of network manager used?
For example with FlatManager virtual nic can only put in the according bridge on the node and that's it. Anything you should do manually.

Igor Laskovy
facebook.com/igor.laskovy<http://facebook.com/igor.laskovy>
Kiev, Ukraine
On Aug 30, 2012 2:24 PM, "Sergio Ariel de la Campa Saiz" <sacampa at gmv.com<mailto:sacampa at gmv.com>> wrote:
Hi:

I have a doubt about nova-network and NAT:
Virtual machines (that only have privates IPs and no floating IP) always use NAT to communicate with machines out of OpenStack cloud?

Regards...

[Descripción: C:\Users\ssac\Documents\Firma Digital\linea.gif]

[Descripción: C:\Users\ssac\Documents\Firma Digital\logo_gmv.gif]

Sergio Ariel de la Campa Saiz
Ingeniero de Infraestructuras /
Infrastucture Engineer /

GMV
Isaac Newton, 11
P.T.M. Tres Cantos
E-28760 Madrid
Tel. +34 91 807 21 00<tel:%2B34%2091%20807%2021%2000>
Fax +34 91 807 21 99<tel:%2B34%2091%20807%2021%2099>
www.gmv.com <http://www.innovation2011.es/index.php?id=86>
[Descripción: C:\Users\ssac\Documents\Firma Digital\icon_blog.gif]<http://www.gmv.com/b2_gmv>



[Descripción: C:\Users\ssac\Documents\Firma Digital\icon_facebook.gif]<http://www.facebook.com/infoGMV>



[Descripción: C:\Users\ssac\Documents\Firma Digital\icon_twitter.gif]<http://www.twitter.com/infoGMV_es>



[Descripción: C:\Users\ssac\Documents\Firma Digital\icon_youtube.gif]<http://www.youtube.com/infoGMV>


<http://www.innovation2011.es/index.php?id=86>





P Please consider the environment before printing this e-mail.
________________________________
This message including any attachments may contain confidential information, according to our Information Security Management System, and intended solely for a specific individual to whom they are addressed. Any unauthorised copy, disclosure or distribution of this message is strictly forbidden. If you have received this transmission in error, please notify the sender immediately and delete it.
________________________________
Este mensaje, y en su caso, cualquier fichero anexo al mismo, puede contener información clasificada por su emisor como confidencial en el marco de su Sistema de Gestión de Seguridad de la Información siendo para uso exclusivo del destinatario, quedando prohibida su divulgación copia o distribución a terceros sin la autorización expresa del remitente. Si Vd. ha recibido este mensaje erróneamente, se ruega lo notifique al remitente y proceda a su borrado. Gracias por su colaboración.
________________________________
Esta mensagem, incluindo qualquer ficheiro anexo, pode conter informação confidencial, de acordo com nosso Sistema de Gestão de Segurança da Informação, sendo para uso exclusivo do destinatário e estando proibida a sua divulgação, cópia ou distribuição a terceiros sem autorização expressa do remetente da mesma. Se recebeu esta mensagem por engano, por favor avise de imediato o remetente e apague-a. Obrigado pela sua colaboração.
________________________________

_______________________________________________
OpenStack-operators mailing list
OpenStack-operators at lists.openstack.org<mailto:OpenStack-operators at lists.openstack.org>
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators

P Please consider the environment before printing this e-mail.

______________________
This message including any attachments may contain confidential 
information, according to our Information Security Management System,
 and intended solely for a specific individual to whom they are addressed.
 Any unauthorised copy, disclosure or distribution of this message
 is strictly forbidden. If you have received this transmission in error,
 please notify the sender immediately and delete it.

______________________
Este mensaje, y en su caso, cualquier fichero anexo al mismo,
 puede contener informacion clasificada por su emisor como confidencial
 en el marco de su Sistema de Gestion de Seguridad de la 
Informacion siendo para uso exclusivo del destinatario, quedando 
prohibida su divulgacion copia o distribucion a terceros sin la 
autorizacion expresa del remitente. Si Vd. ha recibido este mensaje 
 erroneamente, se ruega lo notifique al remitente y proceda a su borrado. 
Gracias por su colaboracion.

______________________

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20120831/65254208/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.gif
Type: image/gif
Size: 5711 bytes
Desc: image003.gif
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20120831/65254208/attachment-0005.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.gif
Type: image/gif
Size: 1306 bytes
Desc: image004.gif
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20120831/65254208/attachment-0006.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.gif
Type: image/gif
Size: 1309 bytes
Desc: image005.gif
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20120831/65254208/attachment-0007.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.gif
Type: image/gif
Size: 1279 bytes
Desc: image006.gif
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20120831/65254208/attachment-0008.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image007.gif
Type: image/gif
Size: 1323 bytes
Desc: image007.gif
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20120831/65254208/attachment-0009.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image008.png
Type: image/png
Size: 222 bytes
Desc: image008.png
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20120831/65254208/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image009.png
Type: image/png
Size: 222 bytes
Desc: image009.png
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20120831/65254208/attachment-0003.png>

More information about the OpenStack-operators mailing list