On 16 February 2015 at 21:29, Angus Lees <g...@inodes.org> wrote: > Conntrack synchronisation gets us HA on the SNAT node, but that's a long way > from distributed SNAT. > > Distributed SNAT (in at least one implementation) needs a way to allocate > unique [IP + ephemeral port ranges] to hypervisors, and then some sort of > layer4 loadbalancer capable of forwarding the ingress traffic to that IP > back to the right hypervisor/guest based on the ephemeral port range. It's > basically very much like floating IPs, only you're handing out a sub-slice > of a floating-IP to each machine - if you like.
Or a pool of SNAT addresses ~= to the size of the hypervisor count. -Rob -- Robert Collins <rbtcoll...@hp.com> Distinguished Technologist HP Converged Cloud __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev