[Openstack] [Icehouse][neutron][manto-to-one NAT]

Chinasubbareddy M chinasubbareddy_m at persistent.com
Thu Jan 22 08:48:14 UTC 2015


Thank you James.

I am looking for an option where I will be having only one public IP and then users outside to cloud will use that IP to connect to the VMs inside the cloud.

For example vm whose local ip is 1.1.1.2 and the public ip for the setup is 192.168.10.11.
If a user outside to cloud connect to pot 422 of 192.168.10.11 then it should redirect to 22 port of 1.1.1.2

I would like to know neutron has this feature or not .

Regards,
Subbareddy.



From: James Denton [mailto:james.denton at rackspace.com]
Sent: Wednesday, January 21, 2015 9:27 PM
To: Chinasubbareddy M
Cc: openstack at lists.openstack.org
Subject: Re: [Openstack] [Icehouse][neutron][manto-to-one NAT]

Hi Subbareddy,

SNAT, or source NAT, is the ‘many-to-one’ NAT mode you are referring to. Instances that do not have a floating IP will be NAT’d to the IP address of the qg interface of the router. This is akin to a PAT on other firewalls.

A floating IP is akin to a static 1-to-1 NAT, and takes precedence over the default SNAT behavior.

By setting enable_snat to false, your traffic is being forwarded out of the router as the fixed IP of the instance.

James

On Jan 21, 2015, at 8:15 AM, Chinasubbareddy M <chinasubbareddy_m at persistent.com<mailto:chinasubbareddy_m at persistent.com>> wrote:

HI all,

I would like to understand many to one NAT feature  by neutron , so I have created a gateway for router with "enable_snat” on disable mode, now I am confused how to use many to one NAT, can you please guide me ?

root at vpnaas1:~# neutron router-show 1dc4a054-1a93-4962-abaa-01f118a77773
+-----------------------+------------------------------------------------------------------------------+
| Field                 | Value                                                                        |
+-----------------------+------------------------------------------------------------------------------+
| admin_state_up        | True                                                                         |
| external_gateway_info | {"network_id": "bc9172f9-25e7-454b-a387-d81ee79be74d", "enable_snat": false} |
| id                    | 1dc4a054-1a93-4962-abaa-01f118a77773                                         |
| name                  | router1                                                                      |
| routes                |                                                                              |
| status                | ACTIVE                                                                       |
| tenant_id             | 4123b6cff1124795959f4dc73e82531a                                             |
+-----------------------+------------------------------------------------------------------------------+
root at vpnaas1:~#


Regards,
Subbareddy,
Persistent systems ltd.
DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails.
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to     : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack


DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20150122/c3b69587/attachment.html>


More information about the Openstack mailing list