← Back to team overview

openstack team mailing list archive

Re: Quantum duplicate subnet creation

 

I have a related question. Though setting allow_overlapping_ips to True
works, the comment above this setting states that this should be left as
False if nova security and/or metadata service is used.


# Enable or disable bulk create/update/delete operations
# allow_bulk = True
# Enable or disable overlapping IPs for subnets
# Attention: the following parameter MUST be set to False if Quantum is
# being used in conjunction with nova security groups and/or metadata
service.
# allow_overlapping_ips = False
allow_overlapping_ips = True

Can some one thought more light on this?

Regards,
Balu


On Thu, Jan 17, 2013 at 3:05 PM, Balamurugan V G <balamuruganvg@xxxxxxxxx>wrote:

> Thanks a lot Aaron and Robert. That worked like a charm!
>
> I set the 'allow_overlapping_ips = True' in quantum.conf and rebooted the
> stack(wish there was an easy cli to restart individual projects/services or
> may be I dont know if one exists).
>
> And while still in a Flat network setup I could create the duplicate
> networks.
>
> root@openstack:~# nova list
>
> +--------------------------------------+------------------+--------+-------------------------------------------+
> | ID                                   | Name             | Status |
> Networks                                  |
>
> +--------------------------------------+------------------+--------+-------------------------------------------+
> | f4762c79-e322-4ec5-8f62-ab2cbe156363 | A1 | ACTIVE | labnet=10.5.12.24;
> private1=192.168.168.4 |
> | 4bac873f-e081-460b-8bf8-95f8719081c7  | A2 | ACTIVE | labnet=10.5.12.22;
> private1=192.168.168.3 |
> | d7e47567-81eb-48a3-a2ca-63e1b5df8a08 | B1 | ACTIVE | labnet=10.5.12.23;
> private2=192.168.168.3 |
>
> +--------------------------------------+------------------+--------+-------------------------------------------+
> root@openstack:~#
>
> Instances A1 and* *A2 can communicate over the private network while B1
> cannot talk to A2 as desired and it doesnt complain about conflicting IP
> either.
>
> I am using the
> quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2 plugin.
>
> Regards,
> Balu
>
>
>
>
> On Thu, Jan 17, 2013 at 2:17 PM, Aaron Rosen <arosen@xxxxxxxxxx> wrote:
>
>> Hi,
>>
>> Yup this is definitely possible. The reason why this isn't set by default
>> is that some distros don't ship kernels that build with CONFIG_NET_NS=y or
>> their iproute2 package is to outdated to support linux namespaces.  Also,
>> until recently nova's metadata service didn't support overlapping ips. If
>> you are running ubuntu 12.04 you should be able to set:
>>
>> Q_ALLOW_OVERLAPPING_IP=True
>>
>> in your localrc to enable this.
>>
>> or edit your quantum.conf here and restart quantum to enable overlapping
>> ips.
>>
>> # Enable or disable overlapping IPs for subnets
>> # Attention: the following parameter MUST be set to False if Quantum is
>> # being used in conjunction with nova security groups and/or metadata
>> service.
>> # allow_overlapping_ips = False
>>
>>
>> Aaron
>>
>> p.s: I don't think this will work in a flat network setup though since
>> there is no way to isolate that. What plugin are you using?
>> > I have the following networks in a flat network setup.
>>
>>
>> On Thu, Jan 17, 2013 at 2:52 AM, Balamurugan V G <balamuruganvg@xxxxxxxxx
>> > wrote:
>>
>>> Hi,
>>>
>>> Is there a way to create a duplicate network/subnet for tenant in
>>> quantum. Basically for a tenant, I want to have some instances(GroupA)
>>> share a subnet and another set of instances(GroupB) share the
>>> same(duplicate) subnet but GroupA and GroupB should be isolated. I have
>>> labnet which is the flat network to which one instance from each group is
>>> assigned for external connectivity. Then I want to have two private
>>> networks private1 and private2 both sharing the same subnet but I was to
>>> assign some instances to private1 and some in private2.
>>>
>>> I have the following networks in a flat network setup.
>>>
>>> root@openstack:~# quantum subnet-list
>>>
>>> +--------------------------------------+------+------------------+------------------------------------------------------+
>>> | id                                   | name | cidr             |
>>> allocation_pools                                     |
>>>
>>> +--------------------------------------+------+------------------+------------------------------------------------------+
>>> | abb62a74-ad15-452c-857f-ee0a1b388ede |      | 192.168.168.0/24 |
>>> {"start": "192.168.168.2", "end": "192.168.168.254"} |
>>> | eedc0c12-c3ed-42ce-a860-692e766087a2 |      | 10.5.12.0/24     |
>>> {"start": "10.5.12.21", "end": "10.5.12.25"}         |
>>>
>>> +--------------------------------------+------+------------------+------------------------------------------------------+
>>> root@openstack:~#
>>>
>>>
>>> Now, the following gets denied.
>>>
>>> root@openstack:~# quantum subnet-create --tenant-id
>>> 7cda178971e84c5194c8531bf4f229d7  private2 192.168.168.0/24
>>> Invalid input for operation: Requested subnet with cidr:
>>> 192.168.168.0/24 for network: 64ec75d6-0c6f-44e1-a268-b573324c4160
>>> overlaps with another subnet.
>>> root@openstack:~#
>>>
>>> I understand that a duplicate network with a tenant is not a common
>>> scenario and perhaps by design its not allowed.
>>>
>>> But there could be cases like I mentioned.
>>>
>>> Strangely, I am not allowed to create the duplicate network even across
>>> tenants. Atleast this should be allowed.
>>>
>>> BTW, I am running a single node Devstack.
>>>
>>> Regards,
>>> Balu
>>>
>>> _______________________________________________
>>> Mailing list: https://launchpad.net/~openstack
>>> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>>> Unsubscribe : https://launchpad.net/~openstack
>>> More help   : https://help.launchpad.net/ListHelp
>>>
>>>
>>
>

Follow ups