[Openstack] Procedure explanation (urgent)
Martinx - ジェームズ
thiagocmartinsc at gmail.com
Fri Jul 17 13:54:55 UTC 2015
Hello!
Let me try to help you.... :-)
On 17 July 2015 at 08:35, Silvia Fichera <fichera.sil at gmail.com> wrote:
> Hi All,
> I have to make a presentation to my chief about this configuration.
> In the fase network creation you check the box related to "disable
> gateway".
> Can you explain why?
>
You can create a Network without a gateway (no Namespace Router for it),
so, the Instances attached to this network/subnet, will just not get a
"default gateway" from the DHCP (assuming that you did not disable it as
well. So, they will be able to talk only with each other...
> Is it mandatory to assign an allocation pool?
>
If your tenant / project needs to access the "External Network" (i.e., the
Internet), then, yes. At least your Namespace Router, will have 1 IP from
the "allocation pool" / "external net"...
> To make an instances communicate with "internet" should I follow the same
> procedure that I use in the common installation of OpenStack? (so create a
> network with a gateway and associate a floating IP?)
>
Yes, you should follow that procedure... But, you'll only need a Floating
IP, if the Internet needs to access your Instance.
Your Instance can have access to the Internet, without a Floating IP
associated to it, because its Namespace Router (for a Network with gateway)
already have 1 IP from the "allocation pool" (same pool of the Floating IP).
So, in the end of the day, every Namespace Router (gateway) will required 1
IP for itself. Where there will be a "iptables masquerade rule" for all of
your Instances. And, for each Instance that the Internet needs access to,
you'll also need 1 IP, for each of it...
I'm assuming that the Floating IP pool is a "valid / public IPv4" subnet.
Also, when with IPv6, there is no need to Floating IPs / NAT rules, since
all of your Instances will have public IP (v6) addresses. This way, you'll
only need to manage the Security Groups or the FWaaS. With IPv6, things are
simpler and faster.
Hope that helps!
> Thanks
>
You're welcome!
> --
> Silvia Fichera
>
Thiago
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20150717/f9d6e0a8/attachment.html>
More information about the Openstack
mailing list