[Rdo-list] [Quantum] Provider networks for floating IP's
Robert Kukura
rkukura at redhat.com
Wed Jun 19 19:39:15 UTC 2013
On 06/19/2013 10:25 AM, Perry Myers wrote:
> On 06/19/2013 09:51 AM, Gary Kotton wrote:
>> Hi,
>> Can you please explain how we can use the provider networks on for
>> floating IP's on the br-int instead of br-ex. I recall that i the past
>> you sent a mail but was unable to find it. Ofer has been trying to get
>> this to work with no avail.
No problem.
Basically, if external_bridge is unset, then the router's gateway
network is treated exactly like other (private) networks added to the
router as interfaces. The router's configured interface_driver is used,
so quantum.agent.linux.interface.OVSInterfaceDriver plugs the router
into the network using br-int, and openvswitch-agent sets up the flow
rules for it.
To use this approach, change the l3-agent config to unset
external_bridge (overriding the default of br-ex). Then, when creating
the external network, specify the provider attributes describing it. The
current upstream admin guide says to set provider:network_type to local
for the external network, so set it to flat or vlan instead, set
provider:physical_network appropriately and also set
provider:segmentation_id for a VLAN external network. Note that the
physical_network must be listed in network_vlan_ranges even if no tenant
VLANs are being used on that network, and must be mapped via
bridge_mappings on the network nodes and have the network interface
added to OVS bridge (typically br-ethX) as usual. Then create the
subnet, create the router, and set the router's gateway to be the
external network, all as usual.
Advantages of the provider external network approach:
* Works with linuxbridge in addition to openvswitch
* External network can be flat or on a VLAN
* External network can be on the same network interface as tenant VLANs
* Should be possible for different routers in the same l3-agent to use
different external networks (not sure if tested)
Advantages of the external_bridge approach:
* Possible slight performance advantage using single br-ex instead of
br-int->veth->br-ethX
* Better documentation
-Bob
>> Thanks
>> Gary
>
>
More information about the dev
mailing list