Open Stack

> From: Daniel Comnea <comnea.dani at gmail.com>
> To: Jacob Godin <jacobgodin at gmail.com>
> Cc: Mike Spreitzer/Watson/IBM at IBMUS, OpenStack Operators <openstack-
> operators at lists.openstack.org>
> Date: 04/15/2015 02:34 AM
> Subject: Re: [Openstack-operators] [Neutron] Floating IPs / Router 
Gateways
> Sent by: daniel.comnea at gmail.com
> 
> Mike, pls share the solution, some are interested even if is a hack 
> as long as it gets the job done.
> 

> 
> On Tue, Apr 14, 2015 at 10:24 PM, Jacob Godin <jacobgodin at gmail.com> 
wrote:
> Hey Mike,
> 
> Would you send along your solution off-list? I'm curious, and I won't 
judge :)
> 
> On Tue, Apr 14, 2015 at 6:22 PM, Mike Spreitzer <mspreitz at us.ibm.com> 
wrote:
> Jacob Godin <jacobgodin at gmail.com> wrote on 04/14/2015 05:12:48 PM:
> 
> > Absolutely. We're trying to reduce our public IPv4 usage, so having 
> > one per tenant network (not even including floating IPs) is a drain. 
> 
> I am having exactly the same issue.  I am currently solving it with 
> a different hack that nobody likes, I will not even describe it 
> here.  But total agreement that the problem is important. 
> 
> IPv6 is the ultimate answer, provided there is a reasonably smooth 
> transition.  I think we will need to support a tenant that is using 
> both v4 and v6 during his transition.  This will require NAT between
> a tenant's v4 and v6. 
> 
> Regards, 
> Mike

OK, you asked for it.  What we do is share Neutron routers, and add some 
iptables rules that prevent communication between the tenants sharing a 
router.  I told you it was a hack.

Regards,
Mike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20150415/7efe46ad/attachment.html>