Open Stack

Hey,

first of all, please do not use that very very tiny font-size when writing
HTML mails. I really cannot read this, and have to manually zoom in your
mails every time, because gmail simply seems to have no option to ignore
custom HTML font sizes or to show me the plain/text part instead. :-)

On Wed, May 23, 2012 at 3:15 PM, Sergio Ariel de la Campa Saiz <
sacampa at gmv.com> wrote:

>  Hi Christian:
>
> Thanks a lot!!!
> Finally I´m gonna use multi nova-network since it is the one that fits
>  better to my configuration. But I have a dout that hit me after I read
>  your mail... network-nodes always do NAT, or by default they only route
>  packets (no NAT) between private and public networks???
>

I might be wrong, since I am kind of new to OpenStack as well, but as I
have found out so far, it does only DNAT for floating IPs (not private
network) and only SNAT for outgoing private traffic (sure, you can't do it
without).

I don't get why this should be a problem, well, here (at our company) we
actually can't blindly use linux kernel defaults either, and have to
greatly increase the connection tracking table to survive high peaks. If
that is the case for you, too, then check out the following:

sysctl net.ipv4.netfilter.ip_conntrack_max
sysctl net.ipv4.netfilter.ip_conntrack_count


The max-value should by default be at 65536, which is fine for standard
situations, but if you encounter getting to the limit, then just increase
it (take into account, that this increases required kernel RAM space)

sysctl -w net.ipv4.netfilter.ip_conntrack_max=750000


(the above is an example value, use the one that might fit the best).

Best regards,
Christian Parpart.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20120523/2bda2cec/attachment-0002.html>