[Openstack] (newbie with Neutron) DVR and multiple external networks
Gustavo Randich
gustavo.randich at gmail.com
Mon May 11 13:21:41 UTC 2015
Hi Swami, thanks for the clarification.
It's clear that I cannot avoid having two IP addresses in the VM. Besides,
while playing with two routers/subnets as you suggested, sometimes I ended
up either with two default routes inside the VM, or with one default route
taking all the traffic (traffic for both VLANs). Maybe if I explain my
requirements is better for finding a solution for this use case:
- our datacenter has two VLANs:
- one for "internal" application traffic (i.e. VLAN 1)
- and one for "external" / internet traffic (i.e. VLAN 2)
- the VMs should route a fixed list of known internal subnets via a gateway
in VLAN 1 (which is physical switch)
- traffic for all other than this should be routed via another gateway in
VLAN 2 (a different physical switch)
- we want to avoid the SPoF of a Network Node, so DVR is a requirement
- ideally, we don't want to consume floating IP addresses, except for the
VMs which receive externally originated traffic
(This last two points maybe are in conflict with the current version of DVR)
As a background note, we've already successfully tested another scheme
which "competes" with the one discussed here, which is attaching the two
VLAN provider networks directly to the VMs, i.e. consuming real IP
addresses from the physical VLAN, which avoids using floating IPs and
routing via a Network Node. But now we want to test tunnelling so that we
don't consume too much IP addresses from these VLANs.
Thank you in advance
Gustavo
On Fri, May 8, 2015 at 5:19 PM, Swaminathan Vasudevan <souminathan at gmail.com
> wrote:
> Hi Gustavo Randich,
> The issue that I am seeing in your case is, you are trying to add the same
> internal subnet that you created "demo-net" to both the routers, router1
> and router2.
> If you need to test the multiple networks with dvr, make sure you have
> created two provider external networks as you have done.
> Then create two internal network/subents subnet-A and subnet-B.
>
> Then attach Subnet-A to router A.
> Attach Subnet B to router B.
> This would work.
>
> Make sure that you have "two" fip namespaces in the node where you run
> your VMs.
>
> Please let me know if you have any other questions.
>
> Thanks
> Swami
>
> On Fri, May 8, 2015 at 11:01 AM, Gustavo Randich <
> gustavo.randich at gmail.com> wrote:
>
>> Hi, sorry for my ignorance, but, Is it posible, using DVR, to provide
>> instances which are in only one tenant network with two floating IPs from
>> two different external networks? For example:
>>
>> - floating ip 1 obtained from external network 1 (VLAN 1) whose
>> physical gateway is 10.111.1.254
>> - floating ip 2 obtained from external network 2 (VLAN 2) whose
>> physical gateway is 10.222.1.254
>>
>> I've tried the following aproaches with no success. I'm confused about
>> how many routers, tenant networks and router interfaces I should define,
>> and the correct value of 'gateway' parameter of subnet-create command.
>>
>> Thanks!
>>
>>
>> # external network 1
>> neutron net-create ext-net1 --router:external --provider:physical_network
>> external --provider:network_type vlan --provider:segmentation_id 1 --shared
>> neutron subnet-create ext-net1 10.111.1.0/24 --name ext-subnet1
>> --allocation-pool start=10.111.1.1,end=10.111.1.64 --disable-dhcp
>> --gateway 10.111.1.254
>>
>> # external network 2
>> neutron net-create ext-net2 --router:external --provider:physical_network
>> external --provider:network_type vlan --provider:segmentation_id 2 --shared
>> neutron subnet-create ext-net2 10.222.1.0/24 --name ext-subnet2
>> --allocation-pool start=10.222.1.1,end=10.222.1.64 --disable-dhcp
>> --gateway 10.222.1.254
>>
>> # tenant network
>> neutron net-create demo-net
>> neutron subnet-create demo-net 10.0.2.0/24 --name demo-subnet --gateway
>> 10.0.2.1
>>
>>
>> # USING 2 ROUTERS
>> # router 1
>> neutron router-create r1
>> neutron router-interface-add r1 demo-subnet
>> neutron router-gateway-set r1 ext-net1
>> # router 2
>> neutron router-create r2
>> neutron router-interface-add r2 demo-subnet # ---> ERROR The IP address
>> 10.0.2.1 is in use, so....
>> neutron port-create demo-net # obtain $PORT_ID
>> neutron router-interface-add r2 port=$PORT_ID
>> neutron router-gateway-set r2 ext-net2
>>
>>
>> # USING 1 ROUTER
>> neutron router-create r1
>> neutron router-interface-add r1 demo-subnet
>> neutron router-interface-add r1 ext-subnet1
>> neutron router-gateway-set r1 ext-net2
>>
>>
>> _______________________________________________
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to : openstack at lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20150511/4ad94052/attachment.html>
More information about the Openstack
mailing list