[Openstack] Reg. NAT

John Petrini jpetrini at coredial.com
Mon Mar 20 22:37:29 UTC 2017


Hi Vikram,

You may want to look into provider networks. Here's some documentation for
doing so in an Open vSwitch deployment.

https://docs.openstack.org/liberty/networking-guide/scenario-provider-ovs.html

Provider networks allow you to add existing networks outside of OpenStack
to your cloud. Instances can be attached to these networks directly
therefore bypassing the NAT that's required for floating IP's.

These networks do not require a virtual router (warning: you can still
create them!) as they rely on existing routing outside of OpenStack. For
this reason they can only be created by an admin and you should also
consider keeping them private and granting access to tenants using RBAC.

We use them extensively and they work well. We're able to add new networks
as needed by trunking the VLAN of the desired network to the compute and
controller nodes and then creating the new provider type network in
neutron. Providing a segmentation id when creating the network allows Open
vSwitch to tag the traffic with the proper vlan before it leaves the
compute node.

Regards,

John Petrini
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20170320/3b5f0ddc/attachment.html>


More information about the Openstack mailing list