[Openstack] [Openstack-operators] Reaching VXLAN tenant networks from outside (without floating IPs)

Gustavo Randich gustavo.randich at gmail.com
Thu Jun 30 21:18:10 UTC 2016


Thanks Mike, works OK! Simple IP routing :)


On Thu, Jun 30, 2016 at 5:17 PM, Gustavo Randich <gustavo.randich at gmail.com>
wrote:

> Thank you, I'll test this approach and see...
>
>
>
> On Thu, Jun 30, 2016 at 3:04 PM, Rick Jones <rick.jones2 at hpe.com> wrote:
>
>> On 06/30/2016 10:32 AM, Mike Spreitzer wrote:
>>
>>> No, those routers are routers.  If one of them gets a packet, the router
>>> will forward the packet as usual for a router.
>>>
>> >
>>
>>> You might think they don't handle connections into tenant networks, but
>>> that might be because nothing is trying to use them as routers for the
>>> tenant networks.  That's a question about the routing tables in the rest
>>> of your environment.
>>>
>>> If the client has a route to a Neutron tenant network that goes through
>>> a Neutron router, the client is able to connect to a server on the
>>> Neutron tenant network.
>>>
>>> The normal configuration for routers on the internet is to not forward
>>> traffic to the RFC 1918 addresses.  I do not recall how the Neutron
>>> routers handle packets addressed to those addresses from sources on the
>>> "outside".
>>>
>>
>> For what it is worth, a quick test with some Mitaka-based bits, using
>> 192.168.123.0/24 as the private network and ping suggests the neutron
>> routers will be willing to forward the traffic just fine.
>>
>> That would be better than trying to do the same thing with instances as I
>> proposed before.
>>
>> happy benchmarking,
>>
>> rick jones
>>
>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160630/35998e93/attachment.html>


More information about the Openstack mailing list