I think this will depend on the deployment type for the L3 agent. If the gateway_external_network_id is left blank for the L3 agent, the external network is vlan tagged just like any regular network and doesn't have an independent bridge.[1] In that deployment scenario it should work fine.
On Sun, Aug 24, 2014 at 9:30 AM, Mohammad Banikazemi <m...@us.ibm.com> wrote: > Would this work? We used to have warnings in Neutron docs indicating > that instances should not be attached to external networks: > "It is important to understand that you should not attach the instance to > Ext-Net directly. Instead, you must use a floating IP to make it accessible > from the external network." > > In this particular case and with the OVS plugin, the traffic on the > external network which now hosts tenant VMs (on OpenStack compute nodes) > should get routed from the br-int to the external bridge br-ex using for > example the appropriate vlan id (what if external network does not use > vlan?) and then to the external network without doing the NATing. Would > this traffic go through the veth pair connecting the br-int and br-ex? > > Mohammad > > [image: Inactive hide details for Kevin Benton ---08/23/2014 01:37:28 > AM---Yes, you should be able to create a shared/external network]Kevin > Benton ---08/23/2014 01:37:28 AM---Yes, you should be able to create a > shared/external network within Neutron to accomplish this. > > From: Kevin Benton <blak...@gmail.com> > To: "OpenStack Development Mailing List (not for usage questions)" < > openstack-dev@lists.openstack.org> > Date: 08/23/2014 01:37 AM > Subject: Re: [openstack-dev] [Neutron] Use public IP address as instance > fixed IP > ------------------------------ > > > > Yes, you should be able to create a shared/external network within Neutron > to accomplish this. > > > On Fri, Aug 22, 2014 at 7:25 AM, Bao Wang <*bywan...@gmail.com* > <bywan...@gmail.com>> wrote: > > Thank you for your response. Could this be done naturally with > Openstack neutron or have to be done manually outside neutron ? As we are > expecting to orchestrate hundreds of NFV with all similar network > configuration, programmability is another key element. > > > On Thu, Aug 21, 2014 at 3:52 PM, Kevin Benton <*blak...@gmail.com* > <blak...@gmail.com>> wrote: > Have you tried making the external network shared as well? > Instances that need a private IP with NAT attach to an internal network > and > go through the router like normal. Instances that need a public IP > without > NAT would just attach directly to the external network. > > > On Thu, Aug 21, 2014 at 7:06 AM, Bao Wang <*bywan...@gmail.com* > <bywan...@gmail.com>> wrote: > I have a very complex Openstack deployment for NFV. It could not > be deployed as Flat. It will have a lot of isolated private > networks. Some > interfaces of a group VM instances will need bridged network with > their > fixed IP addresses to communicate with outside world while other > interfaces > from the same set of VM should keep isolated with real private/fixed > IP > addresses. What happen if we use public IP addresses directly as > fixed IP > on those interfaces ? Will this work with Openstack neutron > networking ? > Will Openstack do NAT automatically on those ? > > Overall, the requirement is to use the fixed/public IP to > communicate with outside directly on some interfaces of some VM > instances > while keeping others as private. The floating IP is not an option > here > > _______________________________________________ > OpenStack-dev mailing list > *OpenStack-dev@lists.openstack.org* <OpenStack-dev@lists.openstack.org> > *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev* > <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev> > > > > -- > Kevin Benton > > _______________________________________________ > OpenStack-dev mailing list > *OpenStack-dev@lists.openstack.org* <OpenStack-dev@lists.openstack.org> > *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev* > <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev> > > > _______________________________________________ > OpenStack-dev mailing list > *OpenStack-dev@lists.openstack.org* <OpenStack-dev@lists.openstack.org> > *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev* > <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev> > > > > > -- > Kevin Benton_______________________________________________ > OpenStack-dev mailing list > OpenStack-dev@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > -- Kevin Benton
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
