Re: [openstack-dev] [Neutron]why FIP is integrated into router not as a separated service like XxxaaS?

Hi Carl and Akilesh, Thank you for your response and explanation. My manager tells me that enterprises usually use several IP addresses and ports for AT while Neutron just use external gateway port fixed IP for SNAT. I found that if I extended the SNAT attributes, the L3 plugin will be very

Re: [openstack-dev] [Neutron]why FIP is integrated into router not as a separated service like XxxaaS?

So, do you mean that we need a better way to control snat ip address? I think it make sense, but maybe simple attribute extension can solve part problem, no need to separate it at this time. For example, add a snat-ip field in the route, like fip. However if multiple snat ip is needed, and

Re: [openstack-dev] [Neutron]why FIP is integrated into router not as a separated service like XxxaaS?

Hi Geremy, It is necessary to not think of openstack as a way to replace all functionality of your enterprise data center, but rather to better utilize your resources. So I believe you should still continue to use your enterprise devices to do Address Translation outside of OpenStack. Why I say

Re: [openstack-dev] [Neutron]why FIP is integrated into router not as a separated service like XxxaaS?

Hi Akilesh, Thanks for your response. I have some comments inline. BR, Germy On Thu, Nov 6, 2014 at 10:56 PM, Akilesh K akilesh1...@gmail.com wrote: Hi Geremy, It is necessary to not think of openstack as a way to replace all functionality of your enterprise data center, but rather to

Re: [openstack-dev] [Neutron]why FIP is integrated into router not as a separated service like XxxaaS?

Hi Henry, Thanks for your suggestion. As you wrote, your approach can solve part problem. I believe there's a good reason(Maybe Carl's guess is right. It's a programmer's good habit to leave something for latecomers :).) for AT coupled with Router, but on the face of it, AT should be separated

Re: [openstack-dev] [Neutron]why FIP is integrated into router not as a separated service like XxxaaS?

I don't think I know the precise answer to your question. My best guess is that floating ips were one of the initial core L3 features implemented before other advanced services existed. Implementing them in this way may have been the path of least resistance at the time. Are you suggesting a

Re: [openstack-dev] [Neutron]why FIP is integrated into router not as a separated service like XxxaaS?

@Germy Lure, I cannot give you a direct answer as I am not a developer. But let me point out that openstack can make use of many agents for l3 and above and not just neutron-l3-agent. You may even create your own agent. The 'neutron-l3-agent' works that way just to keep things simple. One point

[openstack-dev] [Neutron]why FIP is integrated into router not as a separated service like XxxaaS?

Hi, Address Translation(FIP, snat and dnat) looks like an advanced service. Why it is integrated into L3 router? Actually, this is not how it's done in practice. They are usually provided by Firewall device but not router. What's the design concept? ThanksRegards, Germy