If I understand correctly, for southbound traffic there would be
hair-pinning via the L3 agent that the upstream router happened to pick out
of the ECMP group since it doesn't know where the hypervisors are. On the
other hand northbound traffic could egress directly (assuming an l3 agent
is
On Mon Feb 16 2015 at 9:37:22 PM Kevin Benton blak...@gmail.com wrote:
It's basically very much like floating IPs, only you're handing out a
sub-slice of a floating-IP to each machine - if you like.
This requires participation of the upstream router (L4 policy routing
pointing to next hops
- Original Message -
Has there been any work to use conntrack synchronization similar to L3 HA in
DVR so failover is fast on the SNAT node?
https://review.openstack.org/#/c/139686/
https://review.openstack.org/#/c/143169/
These changes have taken a back seat to improving the DVR
Or a pool of SNAT addresses ~= to the size of the hypervisor count.
This had originally come up as an option in the early DVR discussions. IIRC
it was going to be a tunable parameter since it results in a tradeoff
between spent public addresses and distributed-ness. However, due to time
On 16 February 2015 at 21:29, Angus Lees g...@inodes.org wrote:
Conntrack synchronisation gets us HA on the SNAT node, but that's a long way
from distributed SNAT.
Distributed SNAT (in at least one implementation) needs a way to allocate
unique [IP + ephemeral port ranges] to hypervisors, and
Conntrack synchronisation gets us HA on the SNAT node, but that's a long
way from distributed SNAT.
Distributed SNAT (in at least one implementation) needs a way to allocate
unique [IP + ephemeral port ranges] to hypervisors, and then some sort of
layer4 loadbalancer capable of forwarding the
Has there been any work to use conntrack synchronization similar to L3 HA
in DVR so failover is fast on the SNAT node?
On Sat, Feb 14, 2015 at 1:31 PM, Carl Baldwin c...@ecbaldwin.net wrote:
On Feb 10, 2015 2:36 AM, Wilence Yao wilence@gmail.com wrote:
Hi all,
After OpenStack
Hi all,
After OpenStack Juno, floating ip is handled by dvr, but SNAT is still
handled by l3agent on network node. The distributed SNAT is in future plans
for DVR. In my opinion, SNAT can move to DVR as well as floating ip. I have
searched in blueprint, there is little about distributed SNAT.
