Reviewed: https://review.openstack.org/573897 Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=8361b8b5aebad4df3c1012952d9a87b936fef326 Submitter: Zuul Branch: master
commit 8361b8b5aebad4df3c1012952d9a87b936fef326 Author: Harald Jensås <[email protected]> Date: Sat Jun 9 02:46:56 2018 +0200 Routed Networks - peer-subnet/segment host-routes (2/2) Ensure that host routes are maintained for each subnet within a network. Subnets associated with different segments on the same network get host_routes entries added/removed as subnets are created, deleted or updated. This change handle the host_routes for the peer subnets on the same network when a subnet is created or deleted. Also adds a shim api extension. APIImpact: Host routes are now calculated for routed networks. Closes-Bug: #1766380 Change-Id: Iafbabe6352283e7f1a535a7b147bd81fb32f0ed1 ** Changed in: neutron Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1766380 Title: [RFE] Create host-routes for routed networks (segments) Status in neutron: Fix Released Bug description: When using routed networks[1] on an instance connected to multiple networks the traffic from a segment_a to segment_b within a L3 network might be routed via a different network if the default router/gateway is not on the interface connecting to the routed network. It would be good to (at-least have an option to) automatically configure host_routes on the subnets in a routed L3 network. In such a way that traffic with a destination on a different segment within the same L3 network is routed via the instance interface connecting to the same L3 network. Example: instance_a: - port_a: some_net, segmentX, some_net_subnet <-- default gateway - port_b: net1, segmentA, subnetA instance_b: - port_a: other_net, segmentY, other_net_subnet <-- default gateway - port_b: net1, segmentB, subnetB Unless a host-route is in place, traffic from instance_a to instance_b will use some/other-net, not net1 which both is connected to. This RFE is to have the host_routes property on the subnets withing net1 populated, so that clients are aware of neighbour L3 networks. An example configuration: ------------------------- First Create some_net and other_net: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ $ openstack network create \ --provider-network-type flat \ --provider-physical-network some_phys_net some_net $ openstack network create \ --provider-network-type flat \ --provider-physical-network other_phys_net other_net $ SOME_NET_SEGMENT_ID=$(openstack network segment list \ --network some_net -f value -c ID) $ OTHER_NET_SEGMENT_ID=$(openstack network segment list \ --network other_net -f value -c ID) $ openstack subnet create \ --network-segment $SOME_NET_SEGMENT_ID \ --network some_net \ --ip-version 4 \ --subnet-range 192.168.20.0/24 \ --dhcp \ --gateway 192.168.20.1 \ some_net_subnet $ openstack subnet create \ --network-segment $OTHER_NET_SEGMENT_ID \ --network other_net \ --ip-version 4 \ --subnet-range 192.168.30.0/24 \ --dhcp \ --gateway 192.168.30.1 \ other_net_subnet Create net1, with two segment (segmentA and segmentB): ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ $ openstack network create \ --provider-network-type flat \ --provider-physical-network net1_segmentA \ net1 $ NET1_SEGMENTA_ID=$(openstack network segment list \ --network net1 -f value -c ID) $ openstack network segment set --name net1_segmentA $NET1_SEGMENTA_ID $ openstack network segment create \ --network-type flat \ --physical-network net1_segmentB \ --network net1 \ net1_segmentB Create two subnets associated with different segments on net1: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ $ openstack subnet create \ --network-segment net1_segmentA \ --network net1 \ --ip-version 4 \ --subnet-range 192.168.100.0/25 \ --dhcp \ subnetA $ openstack subnet create \ --network-segment net1_segmentB \ --network net1 \ --ip-version 4 \ --subnet-range 192.168.100.128/25 \ --dhcp \ subnetB <pseudo-command> $ openstack server create \ --network some_network \ --netowork net1 \ instance_a <pseudo-command> $ openstack server create \ --network other_network \ --netowork net1 \ instance_b NOTE: Assume instance_a is scheduled on a compute with bridge mapping to physical network net1_segmentA, and instance_b is scheduled to a compute with bridge mapping to physical network net1_segmentB. What we end up with is traffic within net1 (the routed network) is routed via the default gateway on some_net/other_net. The cloud user most likely does not know that net1 is a routed network, and expect traffic within net1 _not to be_ routed via some /other-net. To solve this problem neutron should do the equivalent of: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ $ openstack subnet set \ --host-route destination=192.168.100.128/25,gateway=192.168.100.1 \ subnetA $ openstack subnet set \ --host-route destination=192.168.100.0/25,gateway=192.168.100.129 \ subnetB ^^ Would make DHCP agents advertise the routes within net1 to clients, making traffic destined for other segments on net1 take a path via a route within net1 (within the routed network). I believe it would make sense to automate this, so that when additional subnets on additional segments are added the new destination is appended to the host routes. [1] https://docs.openstack.org/neutron/latest/admin/config-routed- networks.html To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1766380/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
